Lucene search

IBM95FB9ACE947388813BDFC2C764C4C569FAD138CF84A61E4757252E9DDB2F6243

HistoryJun 28, 2024 - 7:04 p.m.

Security Bulletin: PowerSC is vulnerable to security restrictions bypass and denial of service due to Curl

2024-06-2819:04:01

www.ibm.com

powersc

curl

vulnerability

bypass

denial of service

security restriction

7.5 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

15.7%

JSON

Summary

Vulnerabilities in Curl could allow a remote attacker to bypass security restrictions (CVE-2024-2466, CVE-2024-2004, CVE-2024-2379) or cause a denial of service (CVE-2024-2398). PowerSC uses Curl as part of PowerSC Trusted Network Connect (TNC).

Vulnerability Details

CVEID:CVE-2024-2466
**DESCRIPTION:**cURL libcurl could allow a remote attacker to bypass security restrictions, caused by a flaw when built to use mbedTLS. By sending a specially crafted request, an attacker could exploit this vulnerability to bypass TLS certificate check.
CVSS Base score: 5.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/286431 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)

CVEID:CVE-2024-2004
**DESCRIPTION:**cURL libcurl could allow a local attacker to bypass security restrictions, caused by a lfaw in the logic for removing protocols. By sending a specially crafted request, an attacker could exploit this vulnerability to use the disabled set of protocols.
CVSS Base score: 3.7
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/286427 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N)

CVEID:CVE-2024-2379
**DESCRIPTION:**cURL libcurl could allow a remote attacker to bypass security restrictions, caused by a flaw when wolfSSL library was built with the OPENSSL_COMPATIBLE_DEFAULTS symbol set. By sending a specially-crafted request, an attacker could exploit this vulnerability to bypass certificate verification for a QUIC connection.
CVSS Base score: 3.7
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/286429 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N)

CVEID:CVE-2024-2398
**DESCRIPTION:**cURL libcurl is vulnerable to a denial of service, caused by a memory leak when allowing HTTP/2 server push. By sending a specially crafted PUSH_PROMISE frames with an excessive amount of headers, a remote attacker could exploit this vulnerability to cause a denial of service condition.
CVSS Base score: 5.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/286430 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)

Affected Products and Versions

Affected Product(s)	Version(s)
PowerSC	1.3, 2.0, 2.1, 2.2

The vulnerabilities in the following filesets are being addressed:

Fileset	Lower Level	Upper Level
powerscStd.tnc_pm	1.3.0.4	2.2.0.2
curl-8.7.1-1.aix7.1.ppc.rpm	7.19.4	8.6.0

Note: To find out whether the affected PowerSC filesets are installed on your systems, refer to the lslpp command found in AIX user’s guide. To find out whether the affected curl filesets are installed on your systems, refer to the rpm command found in AIX user’s guide.

Example: lslpp -l | grep powerscStd

Example: rpm -qa | grep curl

Remediation/Fixes

FIXES

IBM strongly recommends addressing the vulnerability now.

Fixes are available.

The fixes can be downloaded via yum:

To install any dependencies along with the fix package:

yum update curl

Workarounds and Mitigations

None

Affected configurations

Vulners

Node

ibmpowerscMatch1.3

ibmpowerscMatch2.0

ibmpowerscMatch2.1

ibmpowerscMatch2.2

CPENameOperatorVersion
powersc standard editioneq1.3
powersc standard editioneq2.0
powersc standard editioneq2.1
powersc standard editioneq2.2

Name	Operator	Version
powersc standard edition	eq	1.3
powersc standard edition	eq	2.0
powersc standard edition	eq	2.1
powersc standard edition	eq	2.2