USN-3505-1: Linux firmware vulnerabilities

By: | December 14, 2017

Share

USN-3505-1: Linux firmware vulnerabilities

Severity

High

Vendor

Canonical Ubuntu

Versions Affected

  • Canonical Ubuntu 14.04

Description

Mathy Vanhoef discovered that the firmware for several Intel WLAN devices incorrectly handled WPA2 in relation to Wake on WLAN. A remote attacker could use this issue with key reinstallation attacks to obtain sensitive information. (CVE-2017-13080CVE-2017-13081)

Affected Cloud Foundry Products and Versions

Severity is high unless otherwise noted.

  • Cloud Foundry BOSH stemcells are vulnerable, including:
    • 3421.x versions prior to 3421.34
    • 3445.x versions prior to 3445.19
    • 3468.x versions prior to 3468.13
    • All other stemcells not listed.

Mitigation

OSS users are strongly encouraged to follow one of the mitigations below:

  • The Cloud Foundry project recommends upgrading the following BOSH stemcells:
    • Upgrade 3421.x versions prior to 3421.34
    • Upgrade 3445.x versions prior to 3445.19
    • Upgrade 3468.x versions prior to 3468.13
    • All other stemcells should be upgraded to the latest version available on bosh.io.

References

Cloud Foundry Foundation Security Team Profile Image

Cloud Foundry Foundation Security Team, AUTHOR

SEE ALL ARTICLES