Input validation error in SAN Volume Controller and Storwize Family

1) Input validation error

EUVDB-ID: #VU44030

Risk: High

CVSSv4.0: 6.8 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2011-3188

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a remote non-authenticated attacker to #BASIC_IMPACT#.

The (1) IPv4 and (2) IPv6 implementations in the Linux kernel before 3.1 use a modified MD4 algorithm to generate sequence numbers and Fragment Identification values, which makes it easier for remote attackers to cause a denial of service (disrupted networking) or hijack network sessions by predicting these values and sending crafted packets.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Storwize V3500: before 7.1.0.0

IBM Storwize V3700: before 7.1.0.0

IBM Storwize V5000: before 7.1.0.0

IBM Storwize V7000: before 7.1.0.0

CPE2.3

• cpe:2.3:h:ibm_corporation:ibm_storwize_v3500:*:*:*:*:*:*:*:*
• cpe:2.3:h:ibm_corporation:ibm_storwize_v3700:*:*:*:*:*:*:*:*
• cpe:2.3:h:ibm_corporation:ibm_storwize_v5000:*:*:*:*:*:*:*:*
• cpe:2.3:h:ibm_corporation:ibm_storwize_v7000:*:*:*:*:*:*:*:*

External links

https://www.ibm.com/support/pages/node/865998

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.