PAN-SA-2016-0025 Kernel Vulnerabilities
Attack Vector
NETWORK
Scope
UNCHANGED
Attack Complexity
LOW
Confidentiality Impact
NONE
Privileges Required
NONE
Integrity Impact
NONE
User Interaction
NONE
Availability Impact
HIGH
Description
The kernel in use by the Management Plane of PAN-OS is vulnerable to CVE-2015-5364 and CVE-2015-5366.
(Ref # PAN-52379/87408)
The CVSS Score of CVE-2015-5364 is 7.8, High; while the CVSS Score of CVE-2015-5366 is 5.0, Medium. Those could lead to a Denial of Service attack.
This issue affects PAN-OS 5.0.19 and earlier; PAN-OS 5.1.12 and earlier; PAN-OS 6.0.14 and earlier; PAN-OS 6.1.14 and earlier; PAN-OS 7.0.10 and earlier; PAN-OS 7.1.4 and earlier
| CVE | CVSS | Summary |
|---|---|---|
| CVE-2015-5364 | 7.8 AV:N/AC:L/Au:N/C:N/I:N/A:C | The (1) udp_recvmsg and (2) udpv6_recvmsg functions in the Linux kernel before 4.0.6 do not properly consider yielding a processor, which allows remote attackers to cause a denial of service (system hang) via incorrect checksums within a UDP packet flood. |
| CVE-2015-5366 | 5.0 AV:N/AC:L/Au:N/C:N/I:N/A:P | The (1) udp_recvmsg and (2) udpv6_recvmsg functions in the Linux kernel before 4.0.6 provide inappropriate -EAGAIN return values, which allows remote attackers to cause a denial of service (EPOLLET epoll application read outage) via an incorrect checksum in a UDP packet, a different vulnerability than CVE-2015-5364. |
Product Status
| Versions | Affected | Unaffected |
|---|---|---|
| PAN-OS 7.1 | <= 7.1.4 | >= 7.1.5 |
| PAN-OS 7.0 | <= 7.0.10 | >= 7.0.11 |
| PAN-OS 6.1 | <= 6.1.14 | >= 6.1.15 |
| PAN-OS 6.0 | <= 6.0.14 | >= 6.0.15 |
| PAN-OS 5.1 | <= 5.1.12 | >= 5.1.13 |
| PAN-OS 5.0 | <= 5.0.19 | >= 5.0.20 |
Severity: HIGH
CVSSv3.1 Base Score: 7.5 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
Weakness Type
Solution
PAN-OS 5.0.20 and later; PAN-OS 5.1.13 and later; PAN-OS 6.0.15 and later; PAN-OS 6.1.15 and later; PAN-OS 7.0.11 and later; PAN-OS 7.1.5 and later
Workarounds and Mitigations
N/A