IBM SmartCloud Entry is vulnerable to Qemu-kvm vulnerabilities. Attackers could overflow a buffer and execute arbitrary code on the system or cause the application to crash, or could exploit these vulnerabilities to gain elevated privileges on the host system or cause a denial of service, modify access modes and execute arbitrary code on the system with the privileges of the Qemu process, or cause a denial of service. CVE-2015-7512 CVE-2015-7504 CVE-2016-1714 CVE-2016-3710 CVE-2016-5403
CVE(s): CVE-2015-7504, CVE-2015-7512, CVE-2016-1714, CVE-2016-3710, CVE-2016-5403
Affected product(s) and affected version(s):
IBM SmartCloud Entry 3.1.0 through 3.1.0.4 Appliance fix pack 22
IBM SmartCloud Entry 3.2.0 through 3.2.0.4 Appliance fix pack 22
Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://ift.tt/2hjOu42
X-Force Database: http://ift.tt/2hyE9gL
X-Force Database: http://ift.tt/2dv9cNx
X-Force Database: http://ift.tt/2dNprAS
X-Force Database: http://ift.tt/2dv96pa
X-Force Database: http://ift.tt/2hyESP8
from IBM Product Security Incident Response Team http://ift.tt/2hjQkCc
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.