SB2022102630 - Multiple vulnerabilities in Dell EMC Integrated Data Protection Appliance

Description

This security bulletin contains information about 6 secuirty vulnerabilities.

1) Use-after-free (CVE-ID: CVE-2020-3962)

The vulnerability allows a local attacker to escalate privileges on the system.

The vulnerability exists due to a use-after-free error in the SVGA device when processing SVGA DXInvalidateContext command. A local attacker can execute arbitrary code on the hypervisor from a virtual machine.

Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.

2) Off-by-one (CVE-ID: CVE-2020-3969)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to an off-by-one error in SVGA device when processing SVGA3D commands. A local attacker can trigger an off-by-one error and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

3) Out-of-bounds read (CVE-ID: CVE-2020-3970)

The vulnerability allows a local attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary condition in the Shader functionality. A local attacker can trigger out-of-bounds read error and cause a denial of service condition on the system.

4) Heap-based buffer overflow (CVE-ID: CVE-2020-3967)

The vulnerability allows a local attacker to escalate privileges on the system.

The vulnerability exists due to a boundary error in EHCI controller. A local attacker can pass specially crafted data to the application, trigger heap-based buffer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

5) Out-of-bounds write (CVE-ID: CVE-2020-3968)

The vulnerability allows a local attacker to escalate privileges on the system.

The vulnerability exists due to a boundary error when processing untrusted input in xHCI controller. A local attacker can trigger out-of-bounds write and execute arbitrary code on the target system.

6) Race condition (CVE-ID: CVE-2020-3966)

The vulnerability allows a local attacker to escalate privileges on the system.

The vulnerability exists due to a race condition in the USB 2.0 controller (EHCI). A local attacker can exploit the race, leading to heap-overflow and execute arbitrary code on the system.

Remediation

Install update from vendor's website.

References

• https://www.dell.com/support/kbdoc/en-us/000180936/dsa-2020-231-dell-emc-integrated-data-protection-appliance-security-update-for-multiple-third-party-component-vulnerabilities