IBM Spectrum Scale update for Samba

Published: 2023-03-07

Risk	Low
Patch available	YES
Number of vulnerabilities	2
CVE-ID	CVE-2022-3437 CVE-2022-1615
CWE-ID	CWE-122 CWE-330
Exploitation vector	Network
Public exploit	N/A
Vulnerable software Subscribe	IBM Spectrum Scale Client/Desktop applications / File managers, FTP clients
Vendor	IBM Corporation

Security Bulletin

This security bulletin contains information about 2 vulnerabilities.

1) Heap-based buffer overflow

EUVDB-ID: #VU68701

Risk: Low

CVSSv3.1: 3.7 [CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-3437

CWE-ID: CWE-122 - Heap-based Buffer Overflow

Exploit availability: No

Description

The vulnerability allows a remote user to perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary error within the GSSAPI unwrap_des() and unwrap_des3() routines of Heimdal. A remote user can send specially crafted data to the application, trigger a heap-based buffer overflow and perform a denial of service (DoS) attack.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Spectrum Scale: 5.1.0.0 - 5.1.6.0

External links

http://www.ibm.com/support/pages/node/6960547

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Use of insufficiently random values

EUVDB-ID: #VU67270

Risk: Low

CVSSv3.1: 3.1 [CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-1615

CWE-ID: CWE-330 - Use of Insufficiently Random Values

Exploit availability: No

Description

The vulnerability allows a remote user to gain access to sensitive information.

The vulnerability exists due to usage of predictable random values within the GnuTLS gnutls_rnd() function. A remote user can decrypt sensitive information.