TPS-2016-012 Four SmartOS IOCTL Vulnerabilities (Eight CVEs)
Overview
This notice is to advise Joyent’s Triton Cloud (public cloud) customers, Triton Enterprise software customers and Open Source Triton users of four SmartOS/file system vulnerabilities reported by Cisco Talos.
Description
On 13-December-2016, Cisco Talos reported three privilege escalation
vulnerabilities that result from exploits on the ioctl()
function. Based on
our investigation, the exploits are actually not possible as either a regular
user or as root from within a zone.
Following are the vulnerabilities' TALOS/CVE sets:
- TALOS-2016-0248 (CVE-2016-8733) and TALOS-2016-0249 (CVE-2016-9031)
- TALOS-2016-0250 (CVE-2016-9032) and TALOS-2016-0252 (CVE-2016-9034)
- TALOS-2016-0251 (CVE-2016-9033) and TALOS-2016-0253 (CVE-2016-9035)
- [UPDATED 30-Jan-2017 to include this fourth vulnerability set:] TALOS-2016-0257 (CVE-2016-9039) and TALOS-2016-0258 (CVE-2016-9040)
For further details, see this Cisco Talos blog.
Actions Taken by Joyent
While we do not believe these CVEs are of concern, we have made improvements in validation and error handling in the related area.
Actions You Need to Take
For the reasons noted above, no action is required/recommended for any Joyent customer or Open Source user.
Support
If you are a Joyent customer and have any further questions or concerns after reading the information provided above, please contact Joyent Support.
If you are an Open Source Triton user, please direct any further questions to the SmartOS Community Mailing Lists and IRC.