Information disclosure in Dell EMC Isilon OneFS

Published: 2022-11-04

Risk	Medium
Patch available	YES
Number of vulnerabilities	1
CVE-ID	CVE-2019-5601
CWE-ID	CWE-200
Exploitation vector	Network
Public exploit	N/A
Vulnerable software	EMC Isilon OneFS Client/Desktop applications / Software for system administration
Vendor	Dell

Security Bulletin

This security bulletin contains one medium risk vulnerability.

1) Information disclosure

EUVDB-ID: #VU35767

Risk: Medium

CVSSv4.0: 4.9 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2019-5601

CWE-ID: CWE-200 - Information exposure

Exploit availability: No

Description

The vulnerability allows a remote authenticated user to gain access to sensitive information.

In FreeBSD 12.0-STABLE before r347474, 12.0-RELEASE before 12.0-RELEASE-p7, 11.2-STABLE before r347475, and 11.2-RELEASE before 11.2-RELEASE-p11, a bug in the FFS implementation causes up to three bytes of kernel stack memory to be written to disk as uninitialized directory entry padding.

Mitigation

Install update from vendor's website.

Vulnerable software versions

EMC Isilon OneFS: before 8.2.1

CPE2.3

cpe:2.3:a:dell:emc_isilon_onefs:*:*:*:*:*:*:*:*

External links

https://www.dell.com/support/kbdoc/en-us/000153864/dsa-2019-150-dell-emc-isilon-onefs-security-update-for-unix-file-system-ufs-and-fast-file-system-ffs-kernel-component-vulnerabilities

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.