31759 – ipmitool new security issue CVE-2020-5208

Bug 31759 - ipmitool new security issue CVE-2020-5208

Summary: ipmitool new security issue CVE-2020-5208

Status:	RESOLVED FIXED

Alias:	None

Product:	Mageia
Classification:	Unclassified
Component:	Security (show other bugs)
Version:	8
Hardware:	All Linux

Priority:	Normal Severity: major
Target Milestone:	---
Assignee:	QA Team
QA Contact:	Sec team

URL:
Whiteboard:	MGA8-64-OK
Keywords:	advisory, validated_update

Depends on:
Blocks:

Reported:	2023-04-05 02:22 CEST by David Walser
Modified:	2023-04-11 21:03 CEST (History)
CC List:	6 users (show)

See Also:
Source RPM:	ipmitool-1.8.18-7.mga8.src.rpm
CVE:	CVE-2020-5208
Status comment:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Description David Walser 2023-04-05 02:22:34 CEST

Ubuntu has issued an advisory today (April 4):
https://ubuntu.com/security/notices/USN-5997-1

The issue is fixed upstream in 1.8.19.

Mageia 8 is also affected.

David Walser 2023-04-05 02:22:44 CEST

Status comment: (none) => Fixed upstream in 1.8.19
Whiteboard: (none) => MGA8TOO

Comment 1 Marja Van Waes 2023-04-05 17:53:36 CEST

Assigning to our registered ipmitool maintainer.

Assignee: bugsquad => makowski.mageia
CC: (none) => marja11

Comment 2 David Walser 2023-04-05 17:55:56 CEST

Phillipe isn't currently active with packaging.

Assignee: makowski.mageia => pkg-bugs

Comment 3 Nicolas Salguero 2023-04-06 09:49:06 CEST

Suggested advisory:
========================

The updated package fixes a security vulnerability:

It's been found that multiple functions in ipmitool before 1.8.19 neglect proper checking of the data received from a remote LAN party, which may lead to buffer overflows and potentially to remote code execution on the ipmitool side. This is especially dangerous if ipmitool is run as a privileged user. This problem is fixed in version 1.8.19. (CVE-2020-5208)

References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-5208
https://ubuntu.com/security/notices/USN-5997-1
========================

Updated package in core/updates_testing:
========================
ipmitool-1.8.18-7.1.mga8

from SRPM:
ipmitool-1.8.18-7.1.mga8.src.rpm

Assignee: pkg-bugs => qa-bugs
CC: (none) => nicolas.salguero
Status comment: Fixed upstream in 1.8.19 => (none)
Version: Cauldron => 8
Source RPM: ipmitool-1.8.18-9.mga9.src.rpm => ipmitool-1.8.18-7.mga8.src.rpm
CVE: (none) => CVE-2020-5208
Whiteboard: MGA8TOO => (none)
Status: NEW => ASSIGNED

Comment 4 Len Lawrence 2023-04-09 17:12:52 CEST

mga8, x64
Earlier attempts to treat this (bug 26218) failed for the lack of an Intelligent Platform Management Interface.  There might be such a device on other machines here.  Shall have a look later.  Such a thing should be apparent in the BIOS I would have thought.

CC: (none) => tarazed25

Comment 5 Len Lawrence 2023-04-09 20:29:00 CEST

Found no IPMI devices so far.  Going for a clean install.

$ rpm -q ipmitool
ipmitool-1.8.18-7.1.mga8

# chkconfig ipmi on
systemd

$ ipmitool mc info
Could not open device at /dev/ipmi0 or /dev/ipmi/0 or /dev/ipmidev/0: No such file or directory

Whiteboard: (none) => MGA8-64-OK

Comment 6 Thomas Andrews 2023-04-09 23:13:32 CEST

In my line of work "IPM" stands for "Integrated Pest Management." Realizing that doesn't apply here, I read the Wikipedia article on IPMI. What little I understood didn't sound like hardware that anyone in QA is likely to have, so I agree with Len on the clean install.

Validating. Advisory in comment 3.

CC: (none) => andrewsfarm, sysadmin-bugs
Keywords: (none) => validated_update

Dave Hodgins 2023-04-11 00:46:59 CEST

CC: (none) => davidwhodgins
Keywords: (none) => advisory

Comment 7 Mageia Robot 2023-04-11 21:03:53 CEST

An update for this issue has been pushed to the Mageia Updates repository.

https://advisories.mageia.org/MGASA-2023-0135.html

Status: ASSIGNED => RESOLVED
Resolution: (none) => FIXED

Note You need to log in before you can comment on or make changes to this bug.