McAfee – Hotfix Resolves Data Exchange Layer Vulnerabilities
by Secutec
Tech update
Four vulnerabilities in Data Exchange Layer have been discovered and resolved. Affected software: SXL Broker Platform 4.1.2 and earlier. The vulnerability is remediated in the following version: DXL Broker Platform 4.1.2 hotfix 1. For more information about the impact and the recommendations.
Impact
- CVE-2018-5391 (CVSS: 7.5; Severity: High) Linux kernel versions 4.9+ can be forced to make expensive calls to tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() for every incoming packet, which can lead to a denial of service.
- CVE-2018-15473 (CVSS: 5.3; Severity: Medium) OpenSSH through 7.7 is prone to a user enumeration vulnerability due to not delaying bailout for an invalid authenticating user until after the packet containing the request has been fully parsed, related to auth2-gss.c, auth2-hostbased.c, and auth2-pubkey.c.
- CVE-2018-0737 (CVSS: 5.9; Severity: Medium) The OpenSSL RSA Key generation algorithm has been shown to be vulnerable to a cache timing side channel attack. An attacker with sufficient access to mount cache timing attacks during the RSA key generation process could recover the private key. Fixed in OpenSSL 1.1.0i-dev (Affected 1.1.0-1.1.0h). Fixed in OpenSSL 1.0.2p-dev (Affected 1.0.2b-1.0.2o).
- CVE-2018-5390 (CVSS: 7.5; Severity: High) Linux kernel versions 4.9+ can be forced to make expensive calls to tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() for every incoming packet, which can lead to a denial of service.
Recommendation
McAfee recommends that all customers verify that they have applied the latest updates. Impacted users should install the relevant updates or hotfixes. For full instructions and information, see the following Knowledge Base articles:
- SB10266: McAfee Security Bulletin – Data Exchange Layer update fixes three vulnerabilities (CVE-2018-5391, CVE-2018-15473, and CVE-2018-0737)
- SB10249 – McAfee Security Bulletin – Multiple McAfee product updates fix Linux kernel vulnerability “SegmentSmack” (CVE-2018-5390)