Vulnerability CVE-2015-1142857


Published: 2018-01-23

Description:
On multiple SR-IOV cars it is possible for VF's assigned to guests to send ethernet flow control pause frames via the PF. This includes Linux kernel ixgbe driver before commit f079fa005aae08ee0e1bc32699874ff4f02e11c1, the Linux Kernel i40e/i40evf driver before e7358f54a3954df16d4f87e3cad35063f1c17de5 and the DPDK before commit 3f12b9f23b6499ff66ec8b0de941fb469297e5d0, additionally Multiple vendor NIC firmware is affected.

Type:

CWE-254

(Security Features)

Vendor: Intel
Product: X710 firmware 
Product: 82599 firmware 
Product: X540 firmware 
Product: 82576 firmware 
Product: I350 firmware 
Vendor: DPDK
Product: DPDK 
Vendor: Linux
Product: Linux kernel ixgbe 
Product: Linux kernel i40e/i40evf 

CVSS2 => (AV:N/AC:L/Au:N/C:N/I:N/A:P)

CVSS Base Score
Impact Subscore
Exploitability Subscore
5/10
2.9/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
None
None
Partial

 References:
http://seclists.org/oss-sec/2015/q4/425
https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00046&languageid=en-fr
https://www.usenix.org/system/files/conference/usenixsecurity15/sec15-paper-smolyar.pdf

Related CVE
CVE-2019-14763
In the Linux kernel before 4.16.4, a double-locking error in drivers/usb/dwc3/gadget.c may potentially cause a deadlock with f_hid.
CVE-2018-20961
In the Linux kernel before 4.16.4, a double free vulnerability in the f_midi_set_alt function of drivers/usb/gadget/function/f_midi.c in the f_midi driver may allow attackers to cause a denial of service or possibly have unspecified other impact.
CVE-2019-10142
A flaw was found in the Linux kernel's freescale hypervisor manager implementation, kernel versions 5.0.x up to, excluding 5.0.17. A parameter passed to an ioctl was incorrectly validated and used in size calculations for the page size calculation. A...
CVE-2018-16871
A flaw was found in the Linux kernel's NFS implementation, all versions 3.x and all versions 4.x up to 4.20. An attacker, who is able to mount an exported NFS filesystem, is able to trigger a null pointer dereference by using an invalid NFS sequence....
CVE-2017-18379
In the Linux kernel before 4.14, an out of boundary access happened in drivers/nvme/target/fc.c.
CVE-2016-10764
In the Linux kernel before 4.9.6, there is an off by one in the drivers/mtd/spi-nor/cadence-quadspi.c cqspi_setup_flash() function. There are CQSPI_MAX_CHIPSELECT elements in the ->f_pdata array so the ">" should be ">=" instead.
CVE-2015-9289
In the Linux kernel before 4.1.4, a buffer overflow occurs when checking userspace params in drivers/media/dvb-frontends/cx24116.c. The maximum size for a DiSEqC command is 6, according to the userspace API. However, the code allows larger values suc...
CVE-2012-6712
In the Linux kernel before 3.4, a buffer overflow occurs in drivers/net/wireless/iwlwifi/iwl-agn-sta.c, which will cause at least memory corruption.

Copyright 2019, cxsecurity.com

 

Back to Top