SB2022110418 - Multiple vulnerabilities in Dell EMC Integrated Data Protection Appliance

Description

This security bulletin contains information about 9 secuirty vulnerabilities.

1) Information disclosure (CVE-ID: CVE-2019-11091)

The vulnerability allows a local authenticated user to gain access to sensitive information.

Microarchitectural Data Sampling Uncacheable Memory (MDSUM): Uncacheable memory on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here: https://www.intel.com/content/dam/www/public/us/en/documents/corporate-information/SA00233-microcode-update-guidance_05132019.pdf

2) Out-of-bounds read (CVE-ID: CVE-2019-5516)

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition in the vertex shader functionality. A remote authenticated attacker with access to a virtual machine with 3D graphics enabled can trigger out-of-bounds read error and read contents of memory on the system or cause a denial of service (DoS) condition on their own VM.

3) Out-of-bounds read (CVE-ID: CVE-2019-5517)

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition in the shader translator. A remote authenticated attacker with access to a virtual machine with 3D graphics enabled can trigger out-of-bounds read error and read contents of memory on the system or cause a denial of service (DoS) condition on their own VM.

4) Buffer overflow (CVE-ID: CVE-2019-5518)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in the virtual USB 1.1 UHCI (Universal Host Controller Interface). An attacker with physical access to a virtual machine with a virtual USB controller present can trigger memory corruption and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

5) Time-of-check Time-of-use (TOCTOU) Race Condition (CVE-ID: CVE-2019-5519)

The vulnerability allows a local attacker to execute arbitrary code on the target system.

The vulnerabity exists due to the Time-of-check Time-of-use (TOCTOU) vulnerability in the virtual USB 1.1 UHCI (Universal Host Controller Interface). An attacker with physical access to a virtual machine with a virtual USB controller present can execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

6) Out-of-bounds read (CVE-ID: CVE-2019-5521)

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition within the pixel shader functionality. A remote unprivileged user with access to a guest operating system can trigger out-of-bounds read error and read contents of memory on the system on perform a denial of service attack.

7) Exposed dangerous method or function (CVE-ID: CVE-2019-5528)

The vulnerability allows a remote attacker to cause a denial of service (DoS) condition on the target system.

The vulnerability exists due to the affected software provides an interface includes a dangerous method or function that is not properly restricted. A remote attacker can send a specially crafted request and cause the hostd service to become unresponsive, resulting in a partial denial of service for management functionality.

8) Insufficient Session Expiration (CVE-ID: CVE-2019-5531)

The vulnerability allows a remote attacker to gain access to sensitive information.

The vulnerability exists due to insufficient session expiration issue. A remote non-authenticated attacker can obtain or guess session token and gain unauthorized access to session that belongs to another user.

9) Out-of-bounds write (CVE-ID: CVE-2019-5684)

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a boundary error when processing untrusted input. A remote unprivileged user with access to a guest operating system can trigger out-of-bounds write and execute arbitrary code on the target system.

Note, the vulnerability can be exploited only if the host has an affected NVIDIA graphics driver.

Remediation

Install update from vendor's website.

References

• https://www.dell.com/support/kbdoc/en-us/000153625/dsa-2019-179-dell-emc-integrated-data-protection-appliance-security-update-for-vsphere-esxi-and-vcenter-vulnerabilities