Bug 31759

Summary: ipmitool new security issue CVE-2020-5208
Product: Mageia Reporter: David Walser <luigiwalser>
Component: SecurityAssignee: QA Team <qa-bugs>
Status: RESOLVED FIXED QA Contact: Sec team <security>
Severity: major    
Priority: Normal CC: andrewsfarm, davidwhodgins, marja11, nicolas.salguero, sysadmin-bugs, tarazed25
Version: 8Keywords: advisory, validated_update
Target Milestone: ---   
Hardware: All   
OS: Linux   
Whiteboard: MGA8-64-OK
Source RPM: ipmitool-1.8.18-7.mga8.src.rpm CVE: CVE-2020-5208
Status comment:

Description David Walser 2023-04-05 02:22:34 CEST 
Ubuntu has issued an advisory today (April 4):
https://ubuntu.com/security/notices/USN-5997-1

The issue is fixed upstream in 1.8.19.

Mageia 8 is also affected.
David Walser 2023-04-05 02:22:44 CEST

Status comment: (none) => Fixed upstream in 1.8.19
Whiteboard: (none) => MGA8TOO

Comment 1 Marja Van Waes 2023-04-05 17:53:36 CEST 
Assigning to our registered ipmitool maintainer.

Assignee: bugsquad => makowski.mageia
CC: (none) => marja11

Comment 2 David Walser 2023-04-05 17:55:56 CEST 
Phillipe isn't currently active with packaging.

Assignee: makowski.mageia => pkg-bugs

Comment 3 Nicolas Salguero 2023-04-06 09:49:06 CEST 
Suggested advisory:
========================

The updated package fixes a security vulnerability:

It's been found that multiple functions in ipmitool before 1.8.19 neglect proper checking of the data received from a remote LAN party, which may lead to buffer overflows and potentially to remote code execution on the ipmitool side. This is especially dangerous if ipmitool is run as a privileged user. This problem is fixed in version 1.8.19. (CVE-2020-5208)

References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-5208
https://ubuntu.com/security/notices/USN-5997-1
========================

Updated package in core/updates_testing:
========================
ipmitool-1.8.18-7.1.mga8

from SRPM:
ipmitool-1.8.18-7.1.mga8.src.rpm

Assignee: pkg-bugs => qa-bugs
CC: (none) => nicolas.salguero
Status comment: Fixed upstream in 1.8.19 => (none)
Version: Cauldron => 8
Source RPM: ipmitool-1.8.18-9.mga9.src.rpm => ipmitool-1.8.18-7.mga8.src.rpm
CVE: (none) => CVE-2020-5208
Whiteboard: MGA8TOO => (none)
Status: NEW => ASSIGNED

Comment 4 Len Lawrence 2023-04-09 17:12:52 CEST 
mga8, x64
Earlier attempts to treat this (bug 26218) failed for the lack of an Intelligent Platform Management Interface.  There might be such a device on other machines here.  Shall have a look later.  Such a thing should be apparent in the BIOS I would have thought.

CC: (none) => tarazed25

Comment 5 Len Lawrence 2023-04-09 20:29:00 CEST 
Found no IPMI devices so far.  Going for a clean install.

$ rpm -q ipmitool
ipmitool-1.8.18-7.1.mga8

# chkconfig ipmi on
systemd

$ ipmitool mc info
Could not open device at /dev/ipmi0 or /dev/ipmi/0 or /dev/ipmidev/0: No such file or directory

Whiteboard: (none) => MGA8-64-OK

Comment 6 Thomas Andrews 2023-04-09 23:13:32 CEST 
In my line of work "IPM" stands for "Integrated Pest Management." Realizing that doesn't apply here, I read the Wikipedia article on IPMI. What little I understood didn't sound like hardware that anyone in QA is likely to have, so I agree with Len on the clean install.

Validating. Advisory in comment 3.

CC: (none) => andrewsfarm, sysadmin-bugs
Keywords: (none) => validated_update

Dave Hodgins 2023-04-11 00:46:59 CEST

CC: (none) => davidwhodgins
Keywords: (none) => advisory

Comment 7 Mageia Robot 2023-04-11 21:03:53 CEST 
An update for this issue has been pushed to the Mageia Updates repository.

https://advisories.mageia.org/MGASA-2023-0135.html

Status: ASSIGNED => RESOLVED
Resolution: (none) => FIXED