-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                               ESB-2022.3346
        Security Bulletin: IBM QRadar Network Security is affected
                  by multiple vulnerabilities in kernel.
                                8 July 2022

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           IBM QRadar Network Security
Publisher:         IBM
Operating System:  Linux variants
Resolution:        Patch/Upgrade
CVE Names:         CVE-2021-33909 CVE-2021-33034 CVE-2021-33033
                   CVE-2021-28950 CVE-2021-27365 CVE-2021-27364
                   CVE-2021-27363 CVE-2021-3715 CVE-2020-36385
                   CVE-2020-36322 CVE-2020-25704 CVE-2020-12826
                   CVE-2020-12770 CVE-2020-11565 CVE-2020-10751
                   CVE-2020-10742 CVE-2020-10732 CVE-2020-9383
                   CVE-2020-8647 CVE-2020-1749 CVE-2019-20934
                   CVE-2019-20636 CVE-2019-20054 CVE-2019-19767
                   CVE-2019-19537 CVE-2019-19534 CVE-2019-19524
                   CVE-2019-19523 CVE-2019-19447 CVE-2019-19332
                   CVE-2019-19063 CVE-2019-19062 CVE-2019-19058
                   CVE-2019-18808 CVE-2019-17055 CVE-2019-17053
                   CVE-2019-16994 CVE-2019-16233 CVE-2019-16231
                   CVE-2019-15807 CVE-2019-12614 CVE-2019-9454
                   CVE-2018-20836 CVE-2017-18551 

Original Bulletin: 
   https://www.ibm.com/support/pages/node/6601949

Comment: CVSS (Max):  8.4 CVE-2021-33909 (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
         CVSS Source: IBM
         Calculator:  https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

- --------------------------BEGIN INCLUDED TEXT--------------------

Document Information

Document number    : 6601949
Modified date      : 07 July 2022
Product            : IBM QRadar Network Security
Software version   : 5.4.0, 5.5.0
Operating system(s): Firmware

Summary

IBM QRadar Network Security has addressed following vulnerabilities.

Vulnerability Details

CVEID: CVE-2017-18551
DESCRIPTION: Linux kernel is vulnerable to a buffer overflow, caused by a
missing bounds check in drivers/i2c/i2c-core-smbus.c. An attacker could
overflow an array and perform unspecified actions.
CVSS Base score: 7.8
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/
169650 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)

CVEID: CVE-2018-20836
DESCRIPTION: Linux Kernel is vulnerable to a denial of service, caused by a
race condition in smp_task_timedout() and smp_task_done() in drivers/scsi/
libsas/sas_expander.c. A local attacker could exploit this vulnerability to
cause the system to crash.
CVSS Base score: 4
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/
161631 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)

CVEID: CVE-2019-12614
DESCRIPTION: Linux Kernel is vulnerable to a denial of service, caused by a
NULL pointer dereference in the dlpar_parse_cc_property function in arch/
powerpc/platforms/pseries/dlpar.c. By sending a specially-crafted request, a
local attacker could exploit this vulnerability to cause the system to crash.
CVSS Base score: 6.2
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/
162121 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)

CVEID: CVE-2019-15807
DESCRIPTION: Linux Kernel is vulnerable to a denial of service, caused by a
memory leak in sas_expander.c when SAS expander discovery fails. By sending a
specially-crafted request, a remote attacker could exploit this vulnerability
to cause a denial of service condition.
CVSS Base score: 7.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/
166306 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)

CVEID: CVE-2019-16231
DESCRIPTION: Linux Kernel is vulnerable to a denial of service, caused by a
NULL pointer dereference in drivers/net/fjes/fjes_main.c. By sending a
specially-crafted request, a remote attacker could exploit this vulnerability
to cause a denial of service condition.
CVSS Base score: 7.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/
166961 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)

CVEID: CVE-2019-16233
DESCRIPTION: Linux Kernel is vulnerable to a denial of service, caused by a
NULL pointer dereference in drivers/scsi/qla2xxx/qla_os.c. By sending a
specially-crafted request, a remote attacker could exploit this vulnerability
to cause a denial of service condition.
CVSS Base score: 7.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/
166945 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)

CVEID: CVE-2019-16994
DESCRIPTION: Linux Kernel is vulnerable to a denial of service, caused by a
memory leak in the sit_init_net function in net/ipv6/sit.c. By sending a
specially-crafted request, a local attacker could exploit this vulnerability to
cause a denial of service condition.
CVSS Base score: 6.2
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/
168245 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)

CVEID: CVE-2019-17053
DESCRIPTION: Linux Kernel could allow a local authenticated attacker to bypass
security restrictions, caused by not enforcing CAP_NET_RAW in the
ieee802154_create function in net/ieee802154/socket.c in the AF_IEEE802154
network module. By sending a specially-crafted request, an attacker could
exploit this vulnerability to create a raw socket.
CVSS Base score: 5.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/
168360 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N)

CVEID: CVE-2019-17055
DESCRIPTION: Linux Kernel could allow a local authenticated attacker to bypass
security restrictions, caused by not enforcing CAP_NET_RAW in the
base_sock_create function in drivers/isdn/mISDN/socket.c in the AF_ISDN network
module. By sending a specially-crafted request, an attacker could exploit this
vulnerability to create a raw socket.
CVSS Base score: 5.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/
168362 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N)

CVEID: CVE-2019-18808
DESCRIPTION: Linux Kernel is vulnerable to a denial of service, caused by a
memory leak in the ccp_run_sha_cmd function in drivers/crypto/ccp/ccp-ops.c. By
sending a specially-crafted request, a remote attacker could exploit this
vulnerability to consume all available memory resources.
CVSS Base score: 7.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/
171181 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)

CVEID: CVE-2019-19058
DESCRIPTION: Linux Kernel is vulnerable to a denial of service, caused by a
memory leak in the alloc_sgtable() function in drivers/net/wireless/intel/
iwlwifi/fw/dbg.c. A remote attacker could exploit this vulnerability to consume
all available memory resources.
CVSS Base score: 7.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/
171766 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)

CVEID: CVE-2019-19062
DESCRIPTION: Linux Kernel is vulnerable to a denial of service, caused by a
memory leak in the crypto_report() function in crypto/crypto_user_base.c. A
remote attacker could exploit this vulnerability to consume all available
memory resources.
CVSS Base score: 7.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/
171776 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)

CVEID: CVE-2019-19063
DESCRIPTION: Linux Kernel is vulnerable to a denial of service, caused by
multiple memory leaks in the rtl_usb_probe() function in drivers/net/wireless/
realtek/rtlwifi/usb.c. A remote attacker could exploit this vulnerability to
consume all available memory resources.
CVSS Base score: 7.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/
171775 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)

CVEID: CVE-2019-19332
DESCRIPTION: Linux Kernel is vulnerable to a denial of service, caused by an
out-of-bounds memory write in KVM hypervisor. By sending a specially crafted
request, a local authenticated attacker could exploit this vulnerability to
cause the application to crash.
CVSS Base score: 5.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/
173143 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)

CVEID: CVE-2019-19447
DESCRIPTION: Linux Kernel could allow a local attacker to execute arbitrary
code on the system, caused by a use-after-free flaw in the ext4_put_super
function in fs/ext4/super.c. By using a specially-crafted image file, an
attacker could exploit this vulnerability to execute arbitrary code or cause a
denial of service condition on the system.
CVSS Base score: 8.4
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/
172760 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)

CVEID: CVE-2019-19523
DESCRIPTION: Linux Kernel is vulnerable to a denial of service, caused by a
use-after-free condition in drivers/usb/misc/adutux.c. By connecting a
specially-crafted USB device, an attacker could exploit this vulnerability to
cause a kernel panic.
CVSS Base score: 4.2
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/
172520 for the current score.
CVSS Vector: (CVSS:3.0/AV:P/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H)

CVEID: CVE-2019-19524
DESCRIPTION: Linux Kernel is vulnerable to a denial of service, caused by a
use-after-free condition in drivers/input/ff-memless.c. By connecting a
specially-crafted USB device, an attacker could exploit this vulnerability to
cause a kernel panic.
CVSS Base score: 4.2
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/
172521 for the current score.
CVSS Vector: (CVSS:3.0/AV:P/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H)

CVEID: CVE-2019-19534
DESCRIPTION: Linux Kernel could allow a local attacker to obtain sensitive
information, caused by missing memory initialization in drivers/net/can/usb/
peak_usb/pcan_usb_core.c. By connecting a specially-crafted USB device, an
attacker could exploit this vulnerability to obtain sensitive information.
CVSS Base score: 2.4
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/
172530 for the current score.
CVSS Vector: (CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)

CVEID: CVE-2019-19537
DESCRIPTION: Linux Kernel is vulnerable to a denial of service, caused by a
race condition in drivers/usb/core/file.c. By connecting a specially-crafted
USB device, an attacker could exploit this vulnerability to cause the system to
stop responding.
CVSS Base score: 4.2
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/
172608 for the current score.
CVSS Vector: (CVSS:3.0/AV:P/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H)

CVEID: CVE-2019-19767
DESCRIPTION: Linux Kernel is vulnerable to a denial of service, caused by a
use-after-free in the __ext4_expand_extra_isize and ext4_xattr_set_entry
functions in fs/ext4/inode.c and fs/ext4/super.c. By sending a
specially-crafted request, a local attacker could exploit this vulnerability to
cause a denial of service condition.
CVSS Base score: 6.2
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/
173054 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)

CVEID: CVE-2019-20054
DESCRIPTION: Linux Kernel is vulnerable to a denial of service, caused by a
NULL pointer dereference in drop_sysctl_table() in fs/proc/proc_sysctl.c. By
sending a specially crafted request, a local attacker could exploit this
vulnerability to cause the application to crash.
CVSS Base score: 4
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/
173738 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)

CVEID: CVE-2019-20636
DESCRIPTION: Linux Linux could allow a local attacker to execute arbitrary code
on the system, caused by an out-of-bounds write flaw in the input_set_keycode
function. By using a specially-crafted keycode table, an attacker could exploit
this vulnerability to execute arbitrary code or cause a denial of service
condition on the system.
CVSS Base score: 8.4
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/
181202 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)

CVEID: CVE-2019-20934
DESCRIPTION: Linux Kernel is vulnerable to a denial of service, caused by a
use-after-free in the show_numa_stats function. By sending a specially-crafted
request, a local attacker could exploit this vulnerability to cause a denial of
service condition.
CVSS Base score: 6.2
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/
165068 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)

CVEID: CVE-2019-9454
DESCRIPTION: Google Android could allow a local authenticated attacker to gain
elevated privileges on the system, caused by a memory corruption in the i2c
driver. An attacker could exploit this vulnerability to escalate privileges.
CVSS Base score: 7.8
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/
166734 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)

CVEID: CVE-2020-10732
DESCRIPTION: Linux Kernel could allow a local authenticated attacker to obtain
sensitive information, caused by a flaw in the implementation of Userspace core
dumps. By sending a specially crafted request, an attacker could exploit this
vulnerability to obtain sensitive information or cause a program to crash.
CVSS Base score: 3.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/
181554 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N)

CVEID: CVE-2020-10742
DESCRIPTION: Linux Kernel is vulnerable to a denial of service, caused by a
stack-based buffer overflow during Direct IO write. A local authenticated
attacker could exploit this vulnerability using a reach out of the index after
one memory allocation by kmalloc to cause the NFS client to crash.
CVSS Base score: 6
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/
185376 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H)

CVEID: CVE-2020-10751
DESCRIPTION: Linux Kernel could allow a local authenticated attacker to bypass
security restrictions, caused by a flaw with improper validation of first
netlink message by the SELinux LSM hook implementation. By sending a
specially-crafted request, an attacker could exploit this vulnerability to
allow or deny the rest of the netlink messages within the skb with the granted
permission without further processing.
CVSS Base score: 6.1
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/
182451 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N)

CVEID: CVE-2020-11565
DESCRIPTION: Linux Kernel could allow a local attacker to execute arbitrary
code on the system, caused by a stack-based out-of-bounds write flaw in the
mpol_parse_str function in mm/mempolicy.c. By sending a specially-crafted
request, an attacker could exploit this vulnerability to execute arbitrary code
or cause a denial of service condition on the system.
CVSS Base score: 8.4
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/
179100 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)

CVEID: CVE-2020-12770
DESCRIPTION: Linux Kernel is vulnerable to a denial of service, caused by an
issue with sg_write lacks an sg_remove_request call in a certain failure case.
By sending a specially-crafted request, a local attacker could exploit this
vulnerability to cause a panic.
CVSS Base score: 6.2
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/
181750 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)

CVEID: CVE-2020-12826
DESCRIPTION: Linux Kernel could allow a local attacker to bypass security
restrictions, caused by a signal access-control issue in exec_id in include/
linux/sched.h. By sending a specially-crafted request, an attacker could
exploit this vulnerability to bypass checks to send any signal to a privileged
process.
CVSS Base score: 6.2
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/
182113 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N)

CVEID: CVE-2020-1749
DESCRIPTION: Linux Kernel could allow a remote attacker to obtain sensitive
information, caused by an error in the implementation of some ipv6 protocols in
encrypted Ipsec tunnels. By using man-in-the-middle attack techniques, an
attacker could exploit this vulnerability to read the traffic unencrypted.
CVSS Base score: 5.9
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/
181872 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N)

CVEID: CVE-2020-25704
DESCRIPTION: Linux Kernel is vulnerable to a denial of service, caused by a
memory leak in the perf_event_parse_addr_filter function. By executing a
specially-crafted program, a local attacker could exploit this vulnerability to
exhaust available memory on the system.
CVSS Base score: 6.2
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/
191348 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)

CVEID: CVE-2020-36322
DESCRIPTION: Linux Kernel is vulnerable to a denial of service, caused by a
flaw in the fuse_do_getattr function in the FUSE filesystem implementation in .
By sending a specially-crafted request, a local attacker could exploit this
vulnerability to cause the system to crash.
CVSS Base score: 6.2
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/
200230 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)

CVEID: CVE-2020-36385
DESCRIPTION: Linux Kernel could allow a local attacker to execute arbitrary
code on the system, caused by a use-after-free flaw in drivers/infiniband/core/
ucma.c. By sending a specially-crafted request, an attacker could exploit this
vulnerability to execute arbitrary code or cause a denial of service condition
on the system.
CVSS Base score: 8.4
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/
203845 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)

CVEID: CVE-2020-8647
DESCRIPTION: Linux kernel could allow a remote attacker to obtain sensitive
information, caused by a use-after-free in the vc_do_resize function of drivers
/tty/vt/vt.c. An attacker could exploit this vulnerability to read memory that
should not be available for access.
CVSS Base score: 4.8
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/
175842 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L)

CVEID: CVE-2020-9383
DESCRIPTION: Linux Kernel could allow a local attacker to obtain sensitive
information, caused by an out-of-bounds read flaw in the set_fdc function in
drivers/block/floppy.c. By sending a specially-crafted request, an attacker
could exploit this vulnerability to obtain sensitive information or cause a
denial of service condition.
CVSS Base score: 7.7
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/
176792 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H)

CVEID: CVE-2021-27363
DESCRIPTION: Linux Kernel could allow a local authenticated attacker to obtain
sensitive information, caused by a kernel pointer leak when
show_transport_handle function in drivers/scsi/scsi_transport_iscsi.c is
called. By sending a specially-crafted request, an attacker could exploit this
vulnerability to obtain the address of the iscsi_transport structure
information, and use this information to launch further attacks against the
affected system.
CVSS Base score: 5.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/
197857 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N)

CVEID: CVE-2021-27364
DESCRIPTION: Linux Kernel could allow a local authenticated attacker to execute
arbitrary commands on the system, caused by a flaw in the iscsi_if_recv_msg
function in drivers/scsi/scsi_transport_iscsi.c. By sending specially-crafted
Netlink messages, an attacker could exploit this vulnerability to connect to
the iscsi NETLINK socket and send arbitrary commands to the kernel.
CVSS Base score: 7.8
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/
197858 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)

CVEID: CVE-2021-27365
DESCRIPTION: Linux Kernel could allow a local authenticated attacker to obtain
sensitive information, caused by an issue when certain iSCSI data structures do
not have appropriate length constraints or checks, and can exceed the PAGE_SIZE
value. By sending a specially-crafted Netlink message, an attacker could
exploit this vulnerability to obtain memory information, and use this
information to launch further attacks against the affected system.
CVSS Base score: 5.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/
197859 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N)

CVEID: CVE-2021-33033
DESCRIPTION: Linux Kernel could allow a local attacker to execute arbitrary
code on the system, caused by a use-after-free flaw in the cipso_v4_genopt
function in net/ipv4/cipso_ipv4.c. By sending a specially-crafted request, an
attacker could exploit this vulnerability to execute arbitrary code or cause a
denial of service condition on the system.
CVSS Base score: 8.4
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/
203148 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)

CVEID: CVE-2021-33034
DESCRIPTION: Linux Kernel could allow a local attacker to execute arbitrary
code on the system, caused by a use-after-free flaw when destroying an hci_chan
in net/bluetooth/hci_event.c. By sending a specially-crafted request, an
attacker could exploit this vulnerability to execute arbitrary code or cause a
denial of service condition on the system.
CVSS Base score: 8.4
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/
203149 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)

CVEID: CVE-2021-33909
DESCRIPTION: Linux Kernel could allow a local attacker to gain elevated
privileges on the system, caused by an out-of-bounds write in fs/seq_file.c. By
sending a specially-crafted request, an attacker could exploit this
vulnerability to escalate privileges to root.
CVSS Base score: 8.4
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/
205906 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)

CVEID: CVE-2021-3715
DESCRIPTION: Linux Kernel could allow a local authenticated attacker to gain
elevated privileges on the system, caused by a use-after-free in route4_change
() in net/sched/cls_route.c. By sending a specially-crafted request, an
attacker could exploit this vulnerability to escalate privileges.
CVSS Base score: 7.8
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/
208836 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)

Affected Products and Versions

IBM QRadar Network Security 5.4.0

IBM QRadar Network Security 5.5.0

Remediation/Fixes

+------------+-----+----------------------------------------------------------+
|Product     |VRMF |Remediation/First Fix                                     |
+------------+-----+----------------------------------------------------------+
|            |     |Install Firmware 5.4.0.16 from the Available Updates page |
|            |     |of the Local Management Interface, or by performing a One |
|            |     |Time Scheduled Installation from SiteProtector.           |
|            |     |Or                                                        |
|IBM QRadar  |     |Download Firmware 5.4.0.16 from IBM Security License Key  |
|Network     |     |and Download Center and upload and install via the        |
|Security    |5.4.0|Available Updates page of the Local Management Interface. |
+------------+-----+----------------------------------------------------------+
|            |     |Install Firmware 5.5.0.11 from the Available Updates page |
|            |     |of the Local Management Interface, or by performing a One |
|            |     |Time Scheduled Installation from SiteProtector.           |
|            |     |Or                                                        |
|IBM QRadar  |     |Download Firmware 5.5.0.11 from IBM Security License Key  |
|Network     |     |and Download Center and upload and install via the        |
|Security    |5.5.0|Available Updates page of the Local Management Interface. |
+------------+-----+----------------------------------------------------------+

Workarounds and Mitigations

None

Change History

14 Jul 2022: Initial Publication

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        https://www.auscert.org.au/bulletins/

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: https://auscert.org.au/gpg-key/

iQIVAwUBYsfMDskNZI30y1K9AQhJPw/+Jv8ETkPQrRTfyfD6qWyW/GoyAAi5eYMu
YlU1JiNhpbhVH2pMjaOk+fmDhA2ZCtnPZqGobG52z0FXznNA4qB2O9CryNb40oXI
ObJtGT7diuBp0Yu77MeAe7nOoPnaLUf30RzC6/PgvXnSW0e1fyNvWe7dlrD/Db4Q
RupBx57PIFx94C78KVCE/nZaa+xbYdEMAdXUvxClLQ9juGDtgEdZvV3WYxXM/Jw7
txrOLwIiz3MaEzKw2kwCelvc+njs8pyM7IpxxGPGdYPfjjPv25XEEXz30bxC7rN8
LCu0jfyBn4CzmqEV2k2tNypQDWMdQoQTrdXkogvsVE3PTdrUX4OgePS0gtVvUbNs
xiLvoLi50OD1EnaGfpXTSK9W+T6gZeauA4tAzzYje9l85Jxz4EbSYf+DURReqD2l
MPPLCKKYYoptHmIPlGV4ajyxXZNECO4KOJqMxMz4+lEQiTpK3x+Uo5wRvnydd29H
f4K/aPFqmUBrJcqR3LlHEeKF/sOpLJazt89uP/Pcu/aoaqchvuihVyE91vVAiKKd
xmA2kyjpsnRxlBN1IBCkMzFXFFB/H09N1nk4Nz+VGB+Hi+d4+q9Ddm36pDxzVD9g
wJ+wFwnXSSUPZ9bTV04HcYSE17n+IaDR2/CuwTx6g0jWz9kTdgGklo4MTG6Dlzx+
WiK9zkxvPMU=
=JlOA
-----END PGP SIGNATURE-----