Detections
Analytics

F5 Networks BIG-IP : Linux kernel vulnerability (K40523020)

medium Nessus Plugin ID 147500

Language:

Synopsis

The remote device is missing a vendor-supplied security patch.

Description

An issue was discovered in the Linux kernel before 4.18.6. An information leak in cdrom_ioctl_drive_status in drivers/cdrom/cdrom.c could be used by local attackers to read kernel memory because a cast from unsigned long to int interferes with bounds checking. This is similar to CVE-2018-10940. (CVE-2018-16658)

Impact

A local user with Advanced Shell ( bash ) access on a BIG-IP system, or with local administrator access on a Traffix system, may be able to use this flaw to gain elevated privileges. In supported configurations on the BIG-IP system, bash access is limited to system administrators.
BIG-IP appliance mode does not expose this issue, as users are not allowed bash access in this mode. On Traffix systems, only administrators have local access.

Solution

Upgrade to one of the non-vulnerable versions listed in the F5 Solution K40523020.

See Also

https://my.f5.com/manage/s/article/K40523020

Plugin Details

Severity: Medium

ID: 147500

File Name: f5_bigip_SOL40523020.nasl

Version: 1.3

Type: local

Published: 3/10/2021

Updated: 11/2/2023

Configuration: Enable paranoid mode

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 4.2

CVSS v2

Risk Factor: Low

Base Score: 3.6

Temporal Score: 2.7

Vector: CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:P

CVSS Score Source: CVE-2018-16658

CVSS v3

Risk Factor: Medium

Base Score: 6.1

Temporal Score: 5.3

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:f5:big-ip_access_policy_manager, cpe:/a:f5:big-ip_advanced_firewall_manager, cpe:/a:f5:big-ip_application_acceleration_manager, cpe:/a:f5:big-ip_application_security_manager, cpe:/a:f5:big-ip_application_visibility_and_reporting, cpe:/a:f5:big-ip_domain_name_system, cpe:/a:f5:big-ip_global_traffic_manager, cpe:/a:f5:big-ip_link_controller, cpe:/a:f5:big-ip_local_traffic_manager, cpe:/a:f5:big-ip_policy_enforcement_manager, cpe:/a:f5:big-ip_webaccelerator, cpe:/h:f5:big-ip

Required KB Items: Host/local_checks_enabled, Settings/ParanoidReport, Host/BIG-IP/hotfix, Host/BIG-IP/modules, Host/BIG-IP/version

Exploit Ease: No known exploits are available

Patch Publication Date: 1/31/2019

Vulnerability Publication Date: 5/9/2018

Reference Information

CVE: CVE-2018-16658