Security Bulletin: PowerVC installation on RHEL is vulnerable to MariaDB with CVE-2021-27928

Summary

Summary guidance: A remote code execution issue was discovered in MariaDB in the version PowerVC ships. An untrusted search path leads to eval injection, in which a database SUPER user can execute OS commands after modifying wsrep_provider and wsrep_notify_cmd.

Vulnerability Details

CVEID:CVE-2021-27928
**DESCRIPTION:**MariaDB could allow a remote authenticated attacker to execute arbitrary commands on the system, caused by improper input validation. By sending specially-crafted input using the wsrep_provider and wsrep_notify_cmd parameters, an attacker could exploit this vulnerability to execute arbitrary OS commands on the system.
CVSS Base score: 9.8
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/198521 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)

Affected Products and Versions

2.0.2

2.0.2.1

Remediation/Fixes

IBM strongly recommends addressing the vulnerability now by upgrading the MariaDB package to the ifix shipped version.

Product(s)|Version|APAR|
—|—|—|—
IBM PowerVC| 2.0.2| IT40495|
IBM PowerVC| 2.0.2.1| IT40495|

Workarounds and Mitigations

NA