-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

===========================================================================
                         AUSCERT Security Bulletin

                               ASB-2019.0320
      INTEL-SA-00255 - Intel Ethernet 700 Series Controllers Advisory
                             13 November 2019

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:              Intel Ethernet 700 Series Controllers
Operating System:     Windows
                      Linux variants
Impact/Access:        Increased Privileges     -- Existing Account
                      Denial of Service        -- Existing Account
                      Access Confidential Data -- Existing Account
Resolution:           Patch/Upgrade
CVE Names:            CVE-2019-0150 CVE-2019-0149 CVE-2019-0148
                      CVE-2019-0147 CVE-2019-0146 CVE-2019-0145
                      CVE-2019-0144 CVE-2019-0143 CVE-2019-0142
                      CVE-2019-0140 CVE-2019-0139 
Member content until: Friday, December 13 2019

OVERVIEW

        Intel has discovered vulnerabilities in Intel Ethernet 700 Series
        Controllers before version 7.0


IMPACT

        Intel has provided the folllowing information regarding the 
        vulnerabilities:
        
        "Intel ID:                INTEL-SA-00255
        Advisory Category:        Firmware, Software
        Impact of vulnerability : Escalation of Privilege
                                  Denial of Service
                                  Information Disclosure
        Severity rating :         HIGH
        Original release:         11/12/2019
        Last revised:             11/12/2019" [1]
        
        
        "CVEID: CVE-2019-0140
        Description: Buffer overflow in firmware for Intel(R) Ethernet 700 
        Series Controllers before version 7.0 may allow an unauthenticated 
        user to potentially enable an escalation of privilege via an 
        adjacent access.
        CVSS Base Score: 8.8 High
        CVSS Vector: CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
        
        CVEID: CVE-2019-0145
        Description: Buffer overflow in i40e driver for Intel(R) Ethernet 
        700 Series Controllers versions before 7.0 may allow an 
        authenticated user to potentially enable an escalation of privilege
        via local access.
        CVSS Base Score: 7.8 High
        CVSS Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
        
        CVEID: CVE-2019-0142
        Description: Insufficient access control in ilp60x64.sys driver for
        Intel(R) Ethernet 700 Series Controllers before version 1.33.0.0 may
        allow a privileged user to potentially enable escalation of 
        privilege via local access.
        CVSS Base Score: 7.7 High
        CVSS Vector: CVSS:3.0/AV:L/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H
        
        CVEID: CVE-2019-0139
        Description: Insufficient access control in firmware for Intel(R) 
        Ethernet 700 Series Controllers before version 7.0 may allow a 
        privileged user to potentially enable an escalation of privilege, 
        denial of service, or information disclosure via local access.
        CVSS Base Score: 6.7 Medium
        CVSS Vector: CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
        
        CVEID: CVE-2019-0143
        Description: Unhandled exception in Kernel-mode drivers for Intel(R)
        Ethernet 700 Series Controllers versions before 7.0 may allow an 
        authenticated user to potentially enable a denial of service via 
        local access.
        CVSS Base Score: 4.4 Medium
        CVSS Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
        
        CVEID: CVE-2019-0144
        Description: Unhandled exception in firmware for Intel(R) Ethernet 
        700 Series Controllers before version 7.0 may allow an authenticated
        user to potentially enable a denial of service via local access.
        CVSS Base Score: 6.5 Medium
        CVSS Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
        
        CVEID: CVE-2019-0146
        Description: Resource leak in i40e driver for Intel(R) Ethernet 700
        Series Controllers versions before 2.8.43 may allow an authenticated
        user to potentially enable a denial of service via local access.
        CVSS Base Score: 6.5 Medium
        CVSS Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
        
        CVEID: CVE-2019-0147
        Description: Insufficient input validation in i40e driver for 
        Intel(R) Ethernet 700 Series Controllers versions before 7.0 may 
        allow an authenticated user to potentially enable a denial of 
        service via local access.
        CVSS Base Score: 5.6 Medium
        CVSS Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:H
        
        CVEID: CVE-2019-0148
        Description: Resource leak in i40e driver for Intel(R) Ethernet 700
        Series Controllers versions before 7.0 may allow an authenticated 
        user to potentially enable a denial of service via local access.
        CVSS Base Score: 6.5 Medium
        CVSS Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
        
        CVEID: CVE-2019-0149
        Description: Insufficient input validation in i40e driver for 
        Intel(R) Ethernet 700 Series Controllers versions before 2.8.43 may
        allow an authenticated user to potentially enable a denial of 
        service via local access.
        CVSS Base Score: 6.5 Medium
        CVSS Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
        
        CVEID: CVE-2019-0150
        Description: Insufficient access control in firmware Intel(R) 
        Ethernet 700 Series
        Controllers versions before 7.0 may allow a privileged user to 
        potentially enable a denial of service via local access.
        CVSS Base Score: 6.0 Medium
        CVSS Vector: CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H" [1]


MITIGATION

        Intel recommends:
        
        "...updating Intel Ethernet 700 Series Controller firmware to 7.0 or
        later.[2]" [1]
        
        "...updating Intel Ethernet 700 Series Software to 24.0 or 
        later.[2]"[1]


REFERENCES

        [1] INTEL-SA-00255 - Intel Ethernet 700 Series Controllers Advisory
            https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00255.html

        [2] Intel Ethernet 700 Series Updates
            https://downloadcenter.intel.com/product/46828/700-Series-Network-Adapters-up-to-40GbE-

AusCERT has made every effort to ensure that the information contained
in this document is accurate.  However, the decision to use the information
described is the responsibility of each user or organisation. The decision to
follow or act on information or advice contained in this security bulletin is
the responsibility of each user or organisation, and should be considered in
accordance with your organisation's site policies and procedures. AusCERT
takes no responsibility for consequences which may arise from following or
acting on information or advice contained in this security bulletin.

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours 
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBXcuAcWaOgq3Tt24GAQgOexAA0yCW5W4e9EZm1ImMZr3SzB3SiUkwoqoj
ppUwkf3rBvQbY8RAraCefrTfjoZR0SOU1+v0k/iMlB/RajrBm8ZLY8ztaOAk2q/q
K2lKftCBuT9S9zt+3/9vmPhhcruZUFU6Ia/u3k7cYksq9CiqtxmPXIM+IzRW7icv
RLabRwCzVefpDH8qDNWFhoFvybzww7KtTPXbZdF7ZReasx4QMzzEgAbWwRu+W/Ly
5t7ja58XBGBemCHqLHl1M7znjTDWVyvDMCMVBIH3KdKWyW1nzQ67cVPuvEkWKKnF
hobRsSPE6aI1+JiS5e3UlxHAFd9wo2s8EsD70AmN3tn9tGOa0iojJBAapJo2KlVA
Jbh5zSPJqqKFLv0BROad8iwc3PVaXV9aK8+m9HhzAuPgXBbvPUZKnaIoKnTh/UgV
Yipw6L/Y5Alr11M/S3YAclfPo7HtZ0IA7/yTGgOxTR3owKNo6mVnoPHUInYGT8Tj
zOvdr1wKp43davfDKYCSQs7+lriwsQZBCz5xioHnsF/Av2tB9IHySqwNgXgCf51A
KGrK/1Ozm3jDCv1ZBXA7na2yRXLf1JHILWBF7cvKMpZyRkskodF5sgECbIEuJpIU
oDQTUPvcgSMCRRqUb9OeEKpyTnqDF4nBBmMKPxjVRs+9Bqv9HbjIrX+/DJhkvhYP
KK6Y41/Wxx0=
=bMkH
-----END PGP SIGNATURE-----