Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT Security Bulletin ASB-2017.0067 McAfee Security Bulletin - Threat Intelligence Exchange server 2.0.1 Hotfix 1 fixes a Linux kernel vulnerability (CVE-2017-6214) 9 May 2017 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: McAfee Threat Intelligence Exchange Operating System: Windows Impact/Access: Denial of Service -- Remote/Unauthenticated Resolution: Patch/Upgrade CVE Names: CVE-2017-6214 Member content until: Thursday, June 8 2017 Reference: ESB-2017.1136 ESB-2017.0614 OVERVIEW A loop with unreachable exit condition bug has been patched for the linux kernel in McAfee Threat Intelligence Exchange prior and including 2.0.1 [1] IMPACT The vendor has provided the following information about the vulnerability: "TIE server 2.0.1 Hotfix 1 remediates CVE-2017-6214." [1] "CVE-2017-6214 The tcp_splice_read function in net/ipv4/tcp.c in the Linux kernel before 4.9.11 allows remote attackers to cause a denial of service (infinite loop and soft lockup) via vectors involving a TCP packet with the URG flag." [2] MITIGATION The vendor recommends applying the relevant patches address this issue. [1] "This issue is resolved in TIE server 2.0.1 Hotfix 1 and later. Go to the Product Downloads site and download the applicable product hotfix file: Product Type Version File Name Release Date TIE server Hotfix 2.0.1 Hotfix 1 TIEServer_2.0.1.188.x86_64-MAIN.ova April 26, 2017" [1] REFERENCES [1] McAfee Security Bulletin - Threat Intelligence Exchange server 2.0.1 Hotfix 1 fixes a Linux kernel vulnerability (CVE-2017-6214) https://www.mcafee.com/us/threat-center/product-security-bulletins.aspx [2] NVD CVE-2017-6214 Detail https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6214 AusCERT has made every effort to ensure that the information contained in this document is accurate. However, the decision to use the information described is the responsibility of each user or organisation. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBWRFE7Ix+lLeg9Ub1AQhRWg/7BgAzJVRbOe4So052Jo4VPo6rMIxJ2jJF X1Wbwd3FaG1TnghmJtCRrn0HazGLYN7yglVt944sSBqorGaKszIG237hGtAA6o42 MYkwsLl7xlUR0R4xwMOfF/fg4MdUNcb2VXY8iQVZmOITXUeKNPlQc4hk+lKL+eoP djchg7xc/4pnItdl+kn7WNhCOxZCXo9vCxdYeuDr4KW/p0aSGexrSCi8qCAk044E 07EZPn+99yiGojCLNixtmuhPaX3Md/2TTu9wd12Nyvrs1fxieUpW58CbzGyPwFe5 5JiUZQRW+Exzu64ePDcT8jqg7AIlapU3roQQES5VFDrEV7nqQyp05PnpfskuIJuT RWZ5j43Y+rKTECqTN2jw3WISRHTDKltxrh1om1GbvFuEm0aOwWOxkLMatvGOthMk IqCFq1+tVqXsv8jmGQejK19S1vxBEYcarNT6FzbUzv4ySanZV0hZE25mltV/txqV rSVi+zkrXLw8HgHzQzeuzZl89qMMl70Jj6iS6mIzhHTSsAPJjayKDoISK3xbjVXt EX4ZOxCVd2XxVmDQVcdZSl2RleKqufl0d5YB6WOO8TMUCD9RNyEFUDgbhUYSal5X Fa5ipbHl432GgZqzj+Db7Zz0vTUfwcDZAFsiMWjxod6X1pUkhSGKJaL62M48h+IT AaKLZjVbW6c= =ZKsi -----END PGP SIGNATURE-----