Brocade Fabric OS (9.x Release) Vulnerability Disclosures
25000
27 September 2024
27 September 2024
OPEN
LOW
Varies
Multiple
Brocade Security Advisories posted and/or updated on July 30, 2024
CVEs addressed in FOS versions 9.1.1d2, 9.2.0b1, and 9.2.1
CVE-2023-29469, CVE-2023-28484, CVE-2022-40304, CVE-2022-40303, CVE-2021-3541, CVE-2021-3537, CVE-2021-3518, CVE-2021-3517, CVE-2020-24977
Multiple Vulnerabilities within libxml2
(PSIRT Risk: High)
https://support.broadcom.com/external/content/SecurityAdvisories/0/24612
CVE-2022-23990, CVE-2022-22825, CVE-2021-46143, CVE-2019-15903, CVE-2018-20843
Multiple Vulnerabilities within libexpat
(PSIRT Risk: Low)
https://support.broadcom.com/external/content/SecurityAdvisories/0/24611
==================================================
Previously disclosed Brocade Security Advisories
CVEs addressed in FOS versions 9.1.1d, 9.2.0b and 9.2.1
CVE-2024-29954
password management API prints sensitive information in log files
(PSIRT Risk: Medium)
https://support.broadcom.com/external/content/SecurityAdvisories/0/23226
CVE-2024-29953
Encoded session passwords on session storage for Virtual Fabric platforms
(PSIRT Risk: Medium)
https://support.broadcom.com/external/content/SecurityAdvisories/0/23227
CVE-2023-26555, CVE-2023-26554, CVE-2023-26553, CVE-2023-26552, CVE-2023-26551
Multiple NTP vulnerabilities resolved
(PSIRT Risk: Medium)
https://support.broadcom.com/external/content/SecurityAdvisories/0/23228
CVE-2023-3817
Excessive time spent checking DH q parameter value
(PSIRT Risk: Medium)
https://support.broadcom.com/external/content/SecurityAdvisories/0/23230
CVE-2023-3446
Excessive time spent checking DH keys and parameters
(PSIRT Risk: Medium)
https://support.broadcom.com/external/content/SecurityAdvisories/0/23231
CVE-2023-2650
Possible DoS translating ASN.1 object identifiers
(PSIRT Risk: Medium)
https://support.broadcom.com/external/content/SecurityAdvisories/0/23233
CVE-2023-0466, CVE-2023-0465
OpenSSL Security Advisory [28th March 2023]
(PSIRT Risk: Medium)
https://support.broadcom.com/external/content/SecurityAdvisories/0/23234
CVE-2019-6109
Missing character encoding in progress display allows for spoofing of scp client output
(PSIRT Risk: Medium)
https://support.broadcom.com/external/content/SecurityAdvisories/0/23229
CVEs addressed in FOS versions 9.2.0b and 9.2.1
CVE-2023-2975
AES-SIV implementation ignores empty associated data entries
(PSIRT Risk: Medium)
https://support.broadcom.com/external/content/SecurityAdvisories/0/23232
CVE-2023-0464
Excessive Resource Usage Verifying X.509 Policy Constraints
(PSIRT Risk: Medium)
https://support.broadcom.com/external/content/SecurityAdvisories/0/23235
CVEs addressed in FOS versions 9.2.0 and 9.2.1
CVE-2022-25313
In Expat (aka libexpat) before 2.4.5, an attacker can trigger stack exhaustion
(PSIRT Risk: High)
https://support.broadcom.com/external/content/SecurityAdvisories/0/22400
CVE-2023-31928
XSS vulnerability in Brocade Webtools
(PSIRT Risk: Medium)
https://support.broadcom.com/external/content/SecurityAdvisories/0/22390
CVE-2022-29154
An issue was discovered in rsync before 3.2.5 that allows malicious remote servers to write arbitrary files inside the directories of connecting peers
(PSIRT Risk: Medium)
https://support.broadcom.com/external/content/SecurityAdvisories/0/22393
CVE-2022-2097
AES OCB fails to encrypt some bytes
(PSIRT Risk: Medium) -- Only impacts Brocade G730 platform
https://support.broadcom.com/external/content/SecurityAdvisories/0/22394
CVE-2021-20193
This flaw allows an attacker who can submit a crafted input file to tar to cause uncontrolled consumption of memory
(PSIRT Risk: Medium)
https://support.broadcom.com/external/content/SecurityAdvisories/0/22401
CVE-2018-14348
libcgroup up to and including 0.41 creates file with mode 0666 regardless of the configured umask, leading to disclosure of information
(PSIRT Risk: Medium)
https://support.broadcom.com/external/content/SecurityAdvisories/0/22404
CVE-2014-2524
The _rl_tropen function in util.c in GNU readline before 6.3 patch 3
(PSIRT Risk: Medium)
https://support.broadcom.com/external/content/SecurityAdvisories/0/22399
CVE-2012-0060
RPM before 4.9.1.3 does not properly validate region tags, which allows remote attackers to cause a denial of service
(PSIRT Risk: Medium)
https://support.broadcom.com/external/content/SecurityAdvisories/0/22398
CVE-2011-4917
Information disclosure in Linux kernels through 3.1
(PSIRT Risk: Medium)
https://support.broadcom.com/external/content/SecurityAdvisories/0/22395
CVE-2022-28615
Apache HTTP Server 2.4.53 and earlier may crash or disclose information due to a read
(PSIRT Risk: Low)
https://support.broadcom.com/external/content/SecurityAdvisories/0/22355
CVE-2022-28614
The ap_rwrite function in Apache HTTP Server 2.4.53 and earlier may read unintended memory
(PSIRT Risk: Low)
https://support.broadcom.com/external/content/SecurityAdvisories/0/22354
CVE-2022-2068
openssl file names of certificates being hashed were possibly passed to a command executed through the shell
(PSIRT Risk: Low)
https://support.broadcom.com/external/content/SecurityAdvisories/0/22396
CVE-2022-0322
A flaw was found in the sctp_make_strreset_req function in net sctp sm_make_chunk.c
(PSIRT Risk: Low)
https://support.broadcom.com/external/content/SecurityAdvisories/0/22356
CVE-2021-4154
use-after-free flaw found in cgroup1_parse_param (possible denial of service)
(PSIRT Risk:Low)
https://support.broadcom.com/external/content/SecurityAdvisories/0/22344
CVE-2020-15861
Net-SNMP through 5.7.3 allows Escalation of Privileges because of UNIX symbolic link (symlink) following
(PSIRT Risk: Low)
https://support.broadcom.com/external/content/SecurityAdvisories/0/22397
CVE-2018-25032
Zlib memory corruption when deflating (i.e. when compressing)
(PSIRT Risk: Low)
https://support.broadcom.com/external/content/SecurityAdvisories/0/22342
CVEs addressed in FOS versions 9.1.1d, 9.2.0a and 9.2.1
CVE-2023-4163
Possible buffer overflow in portcfgfportbuffers in Brocade Fabric OS
(PSIRT Risk: Medium)
https://support.broadcom.com/external/content/SecurityAdvisories/0/22514
CVE-2023-4162
Segmentation fault in Brocade Fabric OS after Brocade Fabric OS v9.0
(PSIRT Risk: Medium)
https://support.broadcom.com/external/content/SecurityAdvisories/0/22513
CVEs addressed in FOS versions 9.1.1d1, 9.2.0 and 9.2.1
CVE-2023-3454
Remote code execution (RCE) vulnerability in Brocade Fabric OS
(PSIRT Risk: High)
https://support.broadcom.com/external/content/SecurityAdvisories/0/23215
CVEs addressed in FOS versions 9.1.1d, 9.2.0 and 9.2.1
CVE-2022-25236
xmlparse.c in Expat (aka libexpat) before 2.4.5 allows attackers to insert namespace-separator characters into namespace URIs
(PSIRT Risk: High)
https://support.broadcom.com/external/content/SecurityAdvisories/0/22402
CVE-2022-25235
xmltok_impl.c in Expat (aka libexpat) before 2.4.5 lacks certain validation
(PSIRT Risk: Low)
https://support.broadcom.com/external/content/SecurityAdvisories/0/22403
CVEs addressed in FOS versions 9.1.1c, 9.2.0 and 9.2.1
CVE-2023-31926
Arbitrary File Overwrite using less command
(PSIRT Risk: High)
https://support.broadcom.com/external/content/SecurityAdvisories/0/22388
CVE-2023-31432
Privilege issues in multiple commands (portcfgupload, configupload, license, myid)
(PSIRT Risk: High)
https://support.broadcom.com/external/content/SecurityAdvisories/0/22385
CVE-2023-31427
Local user with knowledge of full path names inside Brocade Fabric OS to execute any command regardless of assigned privilege
(PSIRT Risk: High)
https://support.broadcom.com/external/content/SecurityAdvisories/0/22379
CVE-2023-31426
The Brocade Fabric OS Commands “configupload” and “configdownload” before Brocade Fabric OS v9.1.1c, v8.2.3d, v9.2.0 print scp, sftp, ftp servers passwords in supportsave
(PSIRT Risk: High)
https://support.broadcom.com/external/content/SecurityAdvisories/0/22377
CVE-2023-31927
An information disclosure in the web interface of Brocade Fabric OS
(PSIRT Risk: Medium)
https://support.broadcom.com/external/content/SecurityAdvisories/0/22389
CVE-2023-31431
A buffer overflow vulnerability in “diagstatus” command
(PSIRT Risk: Medium)
https://support.broadcom.com/external/content/SecurityAdvisories/0/22384
CVE-2023-31430
buffer overflow vulnerability in “secpolicydelete” command
(PSIRT Risk: Medium)
https://support.broadcom.com/external/content/SecurityAdvisories/0/22381
CVE-2023-31429
Vulnerability in multiple CLI commands (chassisdistribute, reboot, rasman, errmoduleshow, errfilterset, chassiscfgperrthreshold, supportshowcfgdisable, supportshowcfgenable)
(PSIRT Risk: Medium)
https://support.broadcom.com/external/content/SecurityAdvisories/0/22408
CVE-2023-31428
CLI allows upload or transfer files of dangerous types
(PSIRT Risk: Medium)
https://support.broadcom.com/external/content/SecurityAdvisories/0/22380
CVE-2022-44792
Potential Denial of Service exploit in Net-SNMP
(PSIRT Risk: Medium)
https://support.broadcom.com/external/content/SecurityAdvisories/0/22343
CVE-2022-23219
GNU C Library (aka glibc) through 2.34 copies its hostname argument on the stack without validating its length, which may result in a buffer overflow
(PSIRT Risk: Medium)
https://support.broadcom.com/external/content/SecurityAdvisories/0/22350
CVE-2021-45486
net ipv4 route.c has an information leak because the hash table is very small
(PSIRT Risk: Medium)
https://support.broadcom.com/external/content/SecurityAdvisories/0/22352
CVE-2021-45485
net ipv6 output_core.c has an information leak because of certain use of a hash
(PSIRT Risk: Medium)
https://support.broadcom.com/external/content/SecurityAdvisories/0/22351
CVE-2021-3800
Flaw in glib could leak content from files owned by privileged users to unprivileged ones
(PSIRT Risk: Medium)
https://support.broadcom.com/external/content/SecurityAdvisories/0/22348
CVE-2021-0146
Hardware allows activation of test or debug logic
(PSIRT Risk: Medium) -- Only impacts Brocade G730 platform
https://support.broadcom.com/external/content/SecurityAdvisories/0/22353
CVE-2020-36558
A race condition in the Linux kernel before 5.5.7 involving VT_RESIZEX could lead to a NULL pointer dereference and general protection fault
(PSIRT Risk: Medium)
https://support.broadcom.com/external/content/SecurityAdvisories/0/22392
CVE-2020-36557
Linux kernel before 5.6.2 between the VT_DISALLOCATE ioctl and closing opening of ttys could lead to a use-after-free
(PSIRT Risk: Medium)
https://support.broadcom.com/external/content/SecurityAdvisories/0/22378
CVE-2020-14145
The client side in OpenSSH 5.7 through 8.3 has an Observable Discrepancy leading to an information leak in the algorithm negotiation
(PSIRT Risk: Medium)
https://support.broadcom.com/external/content/SecurityAdvisories/0/22345
CVE-2018-7738
Potential privilege escalation by embedding shell commands in a mountpoint name
(PSIRT Risk: Medium)
https://support.broadcom.com/external/content/SecurityAdvisories/0/22341
CVE-2022-24448
nfs_atomic_open() performs a regular lookup
(PSIRT Risk: Low)
https://support.broadcom.com/external/content/SecurityAdvisories/0/22349
CVEs addressed in FOS versions 9.1.1, 9.2.0 and 9.2.1
CVE-2023-31425
Privilege escalation via the fosexec command
(PSIRT Risk: High)
https://support.broadcom.com/external/content/SecurityAdvisories/0/22407
CVE-2021-41617
A flaw in OpenSSH helper programs could lead to local privilege escalation
(PSIRT Risk: Medium)
https://support.broadcom.com/external/content/SecurityAdvisories/0/22340
CVE-2022-0778
Infinite loop in BN_mod_sqrt() reachable when parsing certificates
(PSIRT Risk: Low)
https://support.broadcom.com/external/content/SecurityAdvisories/0/21226
Revision History
|
Version |
Change |
Date |
|
1.0 |
Initial Publication |
September 26, 2024 |
Disclaimer
THIS DOCUMENT IS PROVIDED ON AN AS-IS BASIS SOLELY FOR INFORMATIONAL PURPOSES AND DOES NOT IMPLY ANY KIND OF GUARANTY OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. YOUR USE OF THE INFORMATION CONTAINED HEREIN IS AT YOUR OWN RISK. ALL INFORMATION PROVIDED HEREIN IS BASED ON BROCADE'S CURRENT KNOWLEDGE AND UNDERSTANDING OF THE VULNERABILITY AND IMPACT TO BROCADE HARDWARE AND SOFTWARE PRODUCTS. BROCADE RESERVES THE RIGHT TO CHANGE OR UPDATE THIS DOCUMENT AT ANY TIME.