Support Content Notification - Support Portal

Brocade ASCG Vulnerability Disclosures

Product/Component

Brocade Support Link

0 more products

Notification Id

24998

Last Updated

13 March 2025

Initial Publication Date

08 January 2025

Status

OPEN

Severity

HIGH

CVSS Base Score

Varies

WorkAround

Affected CVE

Multiple

Brocade Security Advisories posted on March 7, 2025

CVE addressed in ASCG 3.1.0

CVE-2024-25062
Use-after-free in xmlValidatePopElement() using XMLReader API
(PSIRT Risk: Low)
https://support.broadcom.com/external/content/SecurityAdvisories/0/25486

=====================================

Brocade Security Advisories posted on February 27, 2025

CVEs addressed in ASCG 3.2.0

CVE-2024-1509
Brocade ASCG 3.2.0 web interface does not enforce HSTS, as defined by RFC 6797 for ports 8030 and 8100
(PSIRT Risk: High)
https://support.broadcom.com/external/content/SecurityAdvisories/0/25428

Rocky Linux Kernel update in Brocade ASCG 3.2.0 for RLSA-2024:4211, RLSA-2024:5101, RLSA-2024:8856
(PSIRT Risk: High)
https://support.broadcom.com/external/content/SecurityAdvisories/0/25429

CVE-2024-38428
url.c in GNU Wget through 1.24.5 mishandles semicolons in the userinfo subcomponent
(PSIRT Risk: Medium)
https://support.broadcom.com/external/content/SecurityAdvisories/0/25430

CVE-2024-25629
c-ares Vulnerable to Memory Corruption via Out-of-Bounds Read in ‘ares__read_line’ function
(PSIRT Risk: Medium)
https://support.broadcom.com/external/content/SecurityAdvisories/0/25431

CVE-2024-32487
less Vulnerable to Arbitrary Code Execution via OS Command Execution via newline Character in Filename
(PSIRT Risk: Medium)
https://support.broadcom.com/external/content/SecurityAdvisories/0/25432

=============================

Modified Brocade Security Advisories

CVE-2024-29018
By registering a domain for which they control the authoritative nameservers, an attacker could arrange for a compromised container
(PSIRT Risk: Medium)
https://support.broadcom.com/external/content/SecurityAdvisories/0/25073

=====================================

Brocade Security Advisories posted on February 13, 2025

CVEs addressed in ASCG 3.0.0

CVE-2022-38178
ISC BIND 9 Vulnerable to Denial-of-Service (DoS) via Memory Leaks in EdDSA DNSSEC Verification
(PSIRT Risk: Medium)
https://support.broadcom.com/external/content/SecurityAdvisories/0/25408

CVE-2022-48174
Stack overflow vulnerability in ash.c:6030 in busybox before 1.35 can be executed from command to arbitrary code execution.
(PSIRT Risk: Low)
https://support.broadcom.com/external/content/SecurityAdvisories/0/25414

CVE-2022-28391
BusyBox through 1.35.0 allows remote attackers to execute arbitrary code if netstat is used to print a DNS PTR record
(PSIRT Risk: Low)
https://support.broadcom.com/external/content/SecurityAdvisories/0/25415

==========================================

Brocade Security Advisories posted/updated on January 7, 2025

CVEs addressed in ASCG 3.1.0

CVE-2023-51385
OpenSSH is vulnerable to an OS command injection issue due to how user name and host name values are processed and referenced by expansion tokens.
(PSIRT Risk: Medium)
https://support.broadcom.com/external/content/SecurityAdvisories/0/25238

==================================================

Previously disclosed Brocade Security Advisories

CVEs addressed in ASCG 3.1.0

CVE-2022-48624
close_altfile in filename.c in less before 606 omits shell_quote calls for LESSCLOSE
(PSIRT Risk: High)
https://support.broadcom.com/external/content/SecurityAdvisories/0/24994

CVE-2023-7104
SQLite Vulnerable to Out-of-Bounds Memory Access via Insufficient Input Validation in 'sessionReadRecord' Function of 'Sessions' Extension
(PSIRT Risk: High)
https://support.broadcom.com/external/content/SecurityAdvisories/0/24996

CVE-2023-5981, CVE-2023-27043, CVE-2023-51385, CVE-2023-48795, CVE-2021-35939, CVE-2021-35937, CVE-2021-35938, CVE-2023-48795, CVE-2021-41043, CVE-2020-28241, CVE-2023-28322, CVE-2023-46218, CVE-2023-38546, CVE-2024-28834, CVE-2024-22365, CVE-2023-6004, CVE-2023-6918, CVE-2023-46316, CVE-2022-4645, CVE-2023-6135, CVE-2023-43804, CVE-2023-5678
Multiple CVEs identified by vulnerability scanning tools addressed via Brocade ASCG v3.1.0
(PSIRT Risk: Medium)
https://support.broadcom.com/external/content/SecurityAdvisories/0/24891

CVE-2024-23653, CVE-2024-21626
Container vulnerabilities in ASCG docker containers
(PSIRT Risk: Medium)
https://support.broadcom.com/external/content/SecurityAdvisories/0/25074

CVE-2024-1086
A use-after-free vulnerability exists in the Linux kernel's netfilter: nf_tables component
(PSIRT Risk: Low)
https://support.broadcom.com/external/content/SecurityAdvisories/0/24989

CVE-2024-4603
Checking excessively long DSA keys or parameters may be very slow
(PSIRT Risk: Low)
https://support.broadcom.com/external/content/SecurityAdvisories/0/24990

CVE-2023-6237
OpenSSL is vulnerable to a denial of service, caused by a flaw in the handling of RSA public keys by the EVP_PKEY_public_check() function
(PSIRT Risk: Low)
https://support.broadcom.com/external/content/SecurityAdvisories/0/24991

CVE-2023-6129
The POLY1305 MAC (message authentication code) implementation contains a bug that might corrupt the internal state of applications running on PowerPC CPU based platforms
(PSIRT Risk: Low)
https://support.broadcom.com/external/content/SecurityAdvisories/0/24992

CVEs addressed in ASCG 3.0.0a

CVE-2014-8730, CVE-2015-3642, CVE-2022-4285, CVE-2023-34058, CVE-2023-34059, CVE-2023-29406, CVE-2023-4016, CVE-2023-1981, CVE-2020-22217, CVE-2023-3113
Multiple CVEs identified by vulnerability scanning tools in Brocade ASCG
(PSIRT Risk: Medium)
https://support.broadcom.com/external/content/SecurityAdvisories/0/24410

CVEs addressed in ASCG 3.0.0

CVE-2023-29469, CVE-2023-28484, CVE-2022-40304, CVE-2022-40303, CVE-2021-3541, CVE-2021-3537, CVE-2021-3518, CVE-2021-3517, CVE-2020-24977
Multiple Vulnerabilities within libxml2
(PSIRT Risk: High)
https://support.broadcom.com/external/content/SecurityAdvisories/0/24612

CVE-2023-52160
The implementation of PEAP in wpa_supplicant through 2.10 allows authentication bypass
(PSIRT Risk: High)
https://support.broadcom.com/external/content/SecurityAdvisories/0/24987

CVE-2022-1304
An out-of-bounds read/write vulnerability was found in e2fsprogs 1.46.5
(PSIRT Risk: High)
https://support.broadcom.com/external/content/SecurityAdvisories/0/24995

CVE-2023-32233
A use-after-free vulnerability was found in the Netfilter subsystem of the Linux kernel when processing batch requests to update nf_tables configuration
(PSIRT Risk: High)
https://support.broadcom.com/external/content/SecurityAdvisories/0/22705

CVE-2023-38408
The PKCS#11 feature in ssh-agent in OpensSH before 9.3p2 has an insuffciently trustworthy search path, leading to remote code execution
(PSIRT Risk: Medium)
https://support.broadcom.com/external/content/SecurityAdvisories/0/22721

CVE-2023-29491
A vulnerability was found in ncurses and occurs when used by a setuid application
(PSIRT Risk: Medium)
https://support.broadcom.com/external/content/SecurityAdvisories/0/22702

CVE-2023-20900, CVE-2023-35001, CVE-2023-4004, CVE-2023-3390, CVE-2023-3776, CVE-2023-3090, CVE-2023-35788, CVE-2023-20593, CVE-2023-2002
Rocky Linux Security Updates RLSA-2023:5312 and RSLA-2023:5244
(PSIRT Risk: Medium)
https://support.broadcom.com/external/content/SecurityAdvisories/0/22784

CVE-2023-5649
An improper Input Validation vulnerability for the registered case credentials
(PSIRT Risk: Medium)
https://support.broadcom.com/external/content/SecurityAdvisories/0/22716

CVE-2023-5648
Several security-related HTTP headers were missing
(PSIRT Risk: Medium)
https://support.broadcom.com/external/content/SecurityAdvisories/0/22715

CVE-2022-22576
An improper authentication vulnerability exists in curl 7.33.0 to and including 7.82.0
(PSIRT Risk: Medium)
https://support.broadcom.com/external/content/SecurityAdvisories/0/22718

CVE-2021-45485
net ipv6 output_core.c has an information leak because of certain use of hash
(PSIRT Risk: Medium)
https://support.broadcom.com/external/content/SecurityAdvisories/0/22351

CVE-2021-45486
net ipv4 route.c has an information leak because the hash table is very small
(PSIRT Risk: Medium)
https://support.broadcom.com/external/content/SecurityAdvisories/0/22352

CVE-2021-3800
Flaw in glib could leak content from files owned by privileged users to unpriviledged ones
(PSIRT Risk: Medium)
https://support.broadcom.com/external/content/SecurityAdvisories/0/22348

CVE-2021-3421
flaw in the RPM package in the read functionality
(PSIRT Risk: Medium)
https://support.broadcom.com/external/content/SecurityAdvisories/0/22771

CVE-2020-14145
The client side in OpenSSH 5.7 through 8.3 has an observable discrepancy leading to an information leak in the algorithm negotiation
(PSIRT Risk: Medium)
https://support.broadcom.com/external/content/SecurityAdvisories/0/22345

CVE-2020-13776
A flaw was found in systemd, where it mishandles numerical usernames beginning with decimal digits, or "0x" followed by hexadecimal digits
(PSIRT Risk: Medium)
https://support.broadcom.com/external/content/SecurityAdvisories/0/22703

CVE-2019-11254
YAML payloads to cause the kube-apiserver to consume excessive CPU cycles while parsing YAML
(PSIRT Risk: Medium)
https://support.broadcom.com/external/content/SecurityAdvisories/0/22717

CVE-2015-4042
Integer overflow in the keycompare_mb function in sort.c in sort in GNU Coreutils through 8.23
(PSIRT Risk: Medium)
https://support.broadcom.com/external/content/SecurityAdvisories/0/22719

CVE-2022-44793
Null pointer exception bug that can be used by a remote attacker
(PSIRT Risk: Low)
https://support.broadcom.com/external/content/SecurityAdvisories/0/22770

CVE-2022-35252
Curl is vulnerable to a denial-of-service (Dos) issue
(PSIRT Risk: Low)
https://support.broadcom.com/external/content/SecurityAdvisories/0/22783

CVE-2020-15778
command injection in scp.c
(PSIRT Risk: Low)
https://support.broadcom.com/external/content/SecurityAdvisories/0/22769

CVE-2020-12655
A flaw was discovered in the XFS source in the Linux kernel
(PSIRT Risk: Low)
https://support.broadcom.com/external/content/SecurityAdvisories/0/22704

CVE-2018-25032
Zlib memory corruption when deflating
(PSIRT Risk: Low)
https://support.broadcom.com/external/content/SecurityAdvisories/0/22342

CVE-2014-9471
The parse_datetime function in GNU coreutils allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code
(PSIRT Risk: Low)
https://support.broadcom.com/external/content/SecurityAdvisories/0/22720

Revision History

Version	Change	Date
1.0	Initial Publication	January 7, 2025
1.1	Updated with CVE-2022-38178, CVE-2022-48174, CVE-2022-28391	February 13, 2025
2.0	Security updates posted with ASCG 3.2.0	February 27, 2025
2.1	Added low risk CVE-2024-25062	March 7, 2025

Disclaimer

THIS DOCUMENT IS PROVIDED ON AN AS-IS BASIS SOLELY FOR INFORMATIONAL PURPOSES AND DOES NOT IMPLY ANY KIND OF GUARANTY OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. YOUR USE OF THE INFORMATION CONTAINED HEREIN IS AT YOUR OWN RISK. ALL INFORMATION PROVIDED HEREIN IS BASED ON BROCADE'S CURRENT KNOWLEDGE AND UNDERSTANDING OF THE VULNERABILITY AND IMPACT TO BROCADE HARDWARE AND SOFTWARE PRODUCTS. BROCADE RESERVES THE RIGHT TO CHANGE OR UPDATE THIS DOCUMENT AT ANY TIME.