Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ibmIBMC84B7BAE07D2EF444117182FA543C812AE289C17E576776D91F2E9100E8CF6BE
HistoryMar 29, 2023 - 1:48 a.m.

Security Bulletin: Vulnerability in Linux Kernel affects SAN Volume Controller, Storwize family and FlashSystem V9000 products (CVE-2016-5696)

2023-03-2901:48:02
www.ibm.com
63
vulnerability
linux kernel
san volume controller
storwize family
flashsystem v9000
cve-2016-5696
ibm
remote attacker
tcp stream
remediation
upgrade
mitigation

5.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:P/A:P

4.8 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L

0.004 Low

EPSS

Percentile

75.1%

JSON

Summary

Vulnerability CVE-2016-5696 in the Linux kernel affects SAN Volume Controller, Storwize family and FlashSystem V9000 productsโ€™ IP interface.

Vulnerability Details

CVEID: CVE-2016-5696**
DESCRIPTION:** Linux Kernel could allow a remote attacker to obtain sensitive information, caused by the failure to properly determine the rate of challenge ACK segments by net/ipv4/tcp_input.c. An attacker could exploit this vulnerability using a blind in-window attack to inject or control the contents of a TCP stream in a connection between a Linux device and its connected client or server, making it easier to hijack TCP sessions.
CVSS Base Score: 5.9
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/116101 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N)

Affected Products and Versions

IBM SAN Volume Controller
IBM Storwize V7000
IBM Storwize V5000
IBM Storwize V3700
IBM Storwize V3500
IBM FlashSystem V9000

All products are affected when running supported releases 7.1 to 7.8. For unsupported versions of the above products, IBM recommends upgrading to a fixed, supported version of the product.

Remediation/Fixes

IBM recommends that you fix this vulnerability by upgrading affected versions of IBM SAN Volume Controller, IBM Storwize V7000, V5000, V3700 and V3500 to the following code levels or higher:

7.6.1.7
7.7.1.6
7.8.0.2
7.8.1.0

Latest SAN Volume Controller Code
Latest Storwize V7000 Code
Latest Storwize V5000 Code
Latest Storwize V3700 Code
Latest Storwize V3500 Code

For IBM FlashSystem V9000, upgrade to the following code levels or higher:

7.6.1.7
7.7.1.6
7.8.0.2
7.8.1.0

Latest FlashSystem V9000 Code

Workarounds and Mitigations

Although IBM recommends that you install a level of code with a fix for this vulnerability, you can mitigate, although not eliminate, your risk until you have done so by ensuring that all users who have access to the system are authenticated by another security system such as a firewall.

Affected configurations

Vulners
Node
ibmstorwize_v7000Match6.1
OR
ibmstorwize_v7000Match6.2
OR
ibmstorwize_v7000Match6.3
OR
ibmstorwize_v7000Match6.4
OR
ibmstorwize_v7000Match7.1
OR
ibmstorwize_v7000Match7.2
OR
ibmstorwize_v7000Match7.3
OR
ibmstorwize_v7000Match7.4
OR
ibmstorwize_v7000Match7.5
OR
ibmstorwize_v7000Match7.6
OR
ibmstorwize_v7000Match7.6.1
OR
ibmstorwize_v7000Match7.7
OR
ibmstorwize_v7000Match7.7.1
OR
ibmstorwize_v7000Match7.8
OR
ibmstorwize_v7000Match7.8.1
OR
ibmstorwize_v3500Match6.4
OR
ibmstorwize_v3500Match7.1
OR
ibmstorwize_v3500Match7.2
OR
ibmstorwize_v3500Match7.3
OR
ibmstorwize_v3500Match7.4
OR
ibmstorwize_v3500Match7.5
OR
ibmstorwize_v3700Match6.4
OR
ibmstorwize_v3700Match7.1
OR
ibmstorwize_v3700Match7.2
OR
ibmstorwize_v3700Match7.3
OR
ibmstorwize_v3700Match7.4
OR
ibmstorwize_v3700Match7.5
OR
ibmstorwize_v5000Match7.1
OR
ibmstorwize_v5000Match7.2
OR
ibmstorwize_v5000Match7.3
OR
ibmstorwize_v5000Match7.4
OR
ibmstorwize_v5000Match7.5
OR
ibmsan_volume_controllerMatch6.1
OR
ibmsan_volume_controllerMatch6.2
OR
ibmsan_volume_controllerMatch6.3
OR
ibmsan_volume_controllerMatch6.4
OR
ibmsan_volume_controllerMatch7.1
OR
ibmsan_volume_controllerMatch7.2
OR
ibmsan_volume_controllerMatch7.3
OR
ibmsan_volume_controllerMatch7.4
OR
ibmsan_volume_controllerMatch7.5
OR
ibmflashsystem_v9000Match7.1
OR
ibmflashsystem_v9000Match7.2
OR
ibmflashsystem_v9000Match7.3
OR
ibmflashsystem_v9000Match7.4
OR
ibmflashsystem_v9000Match7.5

Related

nessus 46
oraclelinux 6
openvas 33
cvelist 1
veracode 1
archlinux 4
centos 2
redhatcve 1
ubuntucve 1
paloalto 1
f5 2
redhat 8
fortinet 1
debiancve 1
arista 1
thn 2
nvd 2
symantec 1
huawei 1
cve 2
prion 2
threatpost 1
ubuntu 8
fedora 2
debian 3
osv 2
amazon 1
ibm 1
mageia 3
suse 11
androidsecurity 1
lenovo 1
nessus
nessus
Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2016-3594)
2016-08-16 00:00:00
RHEL 6 : MRG (RHSA-2016:1631)
2016-08-19 00:00:00
Scientific Linux Security Update : kernel on SL6.x i386/x86_64 (20160823)
2016-08-24 00:00:00
oraclelinux
oraclelinux
kernel security and bug fix update
2016-08-18 00:00:00
Unbreakable Enterprise kernel security update
2016-08-15 00:00:00
Unbreakable Enterprise kernel security update
2016-08-15 00:00:00
openvas
openvas
Sophos XG Firewall < 16.01.0 Multiple Vulnerabilities
2016-12-16 00:00:00
RedHat Update for kernel RHSA-2016:1664-01
2016-08-24 00:00:00
Palo Alto PAN-OS Kernel Vulnerability
2017-05-23 00:00:00
cvelist
cvelist
CVE-2016-5696
2016-08-06 20:00:00
veracode
veracode
TCP Session Hijack
2019-01-15 09:12:58
archlinux
archlinux
linux-zen: information disclosure
2016-08-17 00:00:00
linux: information disclosure
2016-08-14 00:00:00
linux-lts: information disclosure
2016-08-21 00:00:00
centos
centos
kernel, perf, python security update
2016-08-20 02:00:21
kernel, perf, python security update
2016-08-23 20:59:58
redhatcve
redhatcve
CVE-2016-5696
2016-07-12 08:48:22
ubuntucve
ubuntucve
CVE-2016-5696
2016-08-06 00:00:00
paloalto
paloalto
Kernel Vulnerability
2017-05-23 03:00:00
f5
f5
K46514822 : Linux TCP stack vulnerability CVE-2016-5696
2016-08-26 00:00:00
SOL46514822 - Linux TCP stack vulnerability CVE-2016-5696
2016-08-26 00:00:00
redhat
redhat
(RHSA-2016:1631) Important: realtime-kernel security and bug fix update
2016-08-18 15:32:31
(RHSA-2016:1632) Important: kernel-rt security and bug fix update
2016-08-18 15:33:21
(RHSA-2016:1633) Important: kernel security and bug fix update
2016-08-18 15:37:10
fortinet
fortinet
Linux kernel - challenge ack information leak
2017-04-04 00:00:00
debiancve
debiancve
CVE-2016-5696
2016-08-06 20:59:05
arista
arista
Security Advisory 0023
2016-08-15 00:00:00
thn
thn
Linux TCP Flaw allows Hackers to Hijack Internet Traffic and Inject Malware Remotely
2016-08-10 23:18:00
Internet Traffic Hijacking Linux Flaw Affects 80% of Android Devices
2016-08-16 01:31:00
nvd
nvd
CVE-2016-5696
2016-08-06 20:59:05
CVE-2016-5389
2016-07-13 16:59:00
symantec
symantec
SA131 : TCP Session Hijacking in Operating Systems Supporting RFC 5961
2016-09-14 08:00:00
huawei
huawei
Security Advisory - TCP Connection Hijack Vulnerability
2016-09-07 00:00:00
cve
cve
CVE-2016-5696
2016-08-06 20:59:05
CVE-2016-5389
2016-07-13 16:59:00
prion
prion
Design/Logic Flaw
2016-08-06 20:59:00
Design/Logic Flaw
2016-07-13 16:59:00
threatpost
threatpost
Serious TCP Bug in Linux Systems Allows Traffic Hijacking
2016-08-10 12:55:01
ubuntu
ubuntu
Linux kernel vulnerabilities
2016-08-29 00:00:00
Linux kernel (OMAP4) vulnerabilities
2016-08-29 00:00:00
Linux kernel vulnerabilities
2016-08-29 00:00:00
fedora
fedora
[SECURITY] Fedora 23 Update: kernel-4.6.4-201.fc23
2016-07-19 22:24:43
[SECURITY] Fedora 24 Update: kernel-4.6.4-301.fc24
2016-07-20 00:27:07
debian
debian
[SECURITY] [DSA 3659-1] linux security update
2016-09-04 17:24:55
[SECURITY] [DSA 3659-1] linux security update
2016-09-04 17:24:55
[SECURITY] [DLA 609-1] linux security update
2016-09-03 11:53:47
osv
osv
linux - security update
2016-09-04 00:00:00
linux - security update
2016-09-03 00:00:00
amazon
amazon
Medium: kernel
2016-08-01 13:30:00
ibm
ibm
Security Bulletin: Vulnerabilities in the Linux kernel affect PowerKVM
2018-06-18 01:34:02
mageia
mageia
Updated kernel-tmb packages fix security vulnerabilities
2016-08-31 18:32:33
Updated kernel packages fix security vulnerability
2016-07-31 23:39:13
Update request kernel-linus-4.4.26-1 fixes security issues
2016-11-04 10:58:56
suse
suse
Security update for the Linux Kernel (important)
2016-12-09 18:11:19
Security update for the Linux Kernel (important)
2016-10-25 19:06:08
Security update for the Linux Kernel (important)
2016-11-25 17:07:36
androidsecurity
androidsecurity
Android Security Bulletinโ€”October 2016
2016-10-03 00:00:00
lenovo
lenovo
AMI MegaRAC SP-X BMC Vulnerabilities - Lenovo Support US
2020-04-13 19:22:04

5.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:P/A:P

4.8 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L

0.004 Low

EPSS

Percentile

75.1%

JSON
Related for C84B7BAE07D2EF444117182FA543C812AE289C17E576776D91F2E9100E8CF6BE
nessus46oraclelinux6openvas33cvelist1veracode1archlinux4centos2redhatcve1ubuntucve1paloalto1f52redhat8fortinet1debiancve1arista1thn2nvd2symantec1huawei1cve2prion2threatpost1ubuntu8fedora2debian3osv2amazon1ibm1mageia3suse11androidsecurity1lenovo1