Issued:
2020-03-26
Updated:
2020-03-26

RHSA-2020:0984 - Security Advisory

Synopsis

Important: ipmitool security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for ipmitool is now available for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The ipmitool packages contain a command-line utility for interfacing with devices that support the Intelligent Platform Management Interface (IPMI) specification. IPMI is an open standard for machine health, inventory, and remote power control.

Security Fix(es):

  • ipmitool: Buffer overflow in read_fru_area_section function in lib/ipmi_fru.c (CVE-2020-5208)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

After installing this update, the IPMI event daemon (ipmievd) will be restarted automatically.

Affected Products

  • Red Hat Enterprise Linux Server 7 x86_64
  • Red Hat Enterprise Linux for x86_64 - Extended Update Support 7.7 x86_64
  • Red Hat Enterprise Linux Workstation 7 x86_64
  • Red Hat Enterprise Linux for IBM z Systems 7 s390x
  • Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 7.7 s390x
  • Red Hat Enterprise Linux for Power, big endian 7 ppc64
  • Red Hat Enterprise Linux for Power, big endian - Extended Update Support 7.7 ppc64
  • Red Hat Enterprise Linux for Scientific Computing 7 x86_64
  • Red Hat Enterprise Linux EUS Compute Node 7.7 x86_64
  • Red Hat Enterprise Linux Server - AUS 7.7 x86_64
  • Red Hat Enterprise Linux for Power, little endian 7 ppc64le
  • Red Hat Enterprise Linux for Power, little endian - Extended Update Support 7.7 ppc64le
  • Red Hat Enterprise Linux Server - TUS 7.7 x86_64
  • Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 7.7 ppc64le
  • Red Hat Enterprise Linux Server - Update Services for SAP Solutions 7.7 x86_64

Fixes

  • BZ - 1798721 - CVE-2020-5208 ipmitool: Buffer overflow in read_fru_area_section function in lib/ipmi_fru.c

Red Hat Enterprise Linux Server 7

SRPM
ipmitool-1.8.18-9.el7_7.src.rpm SHA-256: 6e9e0cd8849b9cc8e5565d3af3c49d93f1bf07f61f9963eb23f17876c33181a5
x86_64
bmc-snmp-proxy-1.8.18-9.el7_7.noarch.rpm SHA-256: be626224ef4872ed4c7708703760135033fe4ef1caa4868ffb2f6d8d653c506d
exchange-bmc-os-info-1.8.18-9.el7_7.noarch.rpm SHA-256: d1320a15057a22c50c7821876cee666e5d2e726f877d83984ba28f9feee836ab
ipmitool-1.8.18-9.el7_7.x86_64.rpm SHA-256: 8fb927d010472bfdf3c79c6bfed413f5706133a0bad31f0cdc324f250724a11f
ipmitool-debuginfo-1.8.18-9.el7_7.x86_64.rpm SHA-256: 91466a9617443e424b64124424f6aa45e0c6b0c1a9bb86f5a7818213ea318677

Red Hat Enterprise Linux for x86_64 - Extended Update Support 7.7

SRPM
ipmitool-1.8.18-9.el7_7.src.rpm SHA-256: 6e9e0cd8849b9cc8e5565d3af3c49d93f1bf07f61f9963eb23f17876c33181a5
x86_64
bmc-snmp-proxy-1.8.18-9.el7_7.noarch.rpm SHA-256: be626224ef4872ed4c7708703760135033fe4ef1caa4868ffb2f6d8d653c506d
exchange-bmc-os-info-1.8.18-9.el7_7.noarch.rpm SHA-256: d1320a15057a22c50c7821876cee666e5d2e726f877d83984ba28f9feee836ab
ipmitool-1.8.18-9.el7_7.x86_64.rpm SHA-256: 8fb927d010472bfdf3c79c6bfed413f5706133a0bad31f0cdc324f250724a11f
ipmitool-debuginfo-1.8.18-9.el7_7.x86_64.rpm SHA-256: 91466a9617443e424b64124424f6aa45e0c6b0c1a9bb86f5a7818213ea318677

Red Hat Enterprise Linux Workstation 7

SRPM
ipmitool-1.8.18-9.el7_7.src.rpm SHA-256: 6e9e0cd8849b9cc8e5565d3af3c49d93f1bf07f61f9963eb23f17876c33181a5
x86_64
bmc-snmp-proxy-1.8.18-9.el7_7.noarch.rpm SHA-256: be626224ef4872ed4c7708703760135033fe4ef1caa4868ffb2f6d8d653c506d
exchange-bmc-os-info-1.8.18-9.el7_7.noarch.rpm SHA-256: d1320a15057a22c50c7821876cee666e5d2e726f877d83984ba28f9feee836ab
ipmitool-1.8.18-9.el7_7.x86_64.rpm SHA-256: 8fb927d010472bfdf3c79c6bfed413f5706133a0bad31f0cdc324f250724a11f
ipmitool-debuginfo-1.8.18-9.el7_7.x86_64.rpm SHA-256: 91466a9617443e424b64124424f6aa45e0c6b0c1a9bb86f5a7818213ea318677

Red Hat Enterprise Linux for IBM z Systems 7

SRPM
ipmitool-1.8.18-9.el7_7.src.rpm SHA-256: 6e9e0cd8849b9cc8e5565d3af3c49d93f1bf07f61f9963eb23f17876c33181a5
s390x
bmc-snmp-proxy-1.8.18-9.el7_7.noarch.rpm SHA-256: be626224ef4872ed4c7708703760135033fe4ef1caa4868ffb2f6d8d653c506d
exchange-bmc-os-info-1.8.18-9.el7_7.noarch.rpm SHA-256: d1320a15057a22c50c7821876cee666e5d2e726f877d83984ba28f9feee836ab
ipmitool-1.8.18-9.el7_7.s390x.rpm SHA-256: 6b1f21e28f3a68b8ef1392c458e0a050d9e5906929b4ec730c0e39aeaae6588d
ipmitool-debuginfo-1.8.18-9.el7_7.s390x.rpm SHA-256: 5a2d1c7fec23d9ab542d91d4b0e785fee81778c8687d1ea0a0182fedc7d1f109

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 7.7

SRPM
ipmitool-1.8.18-9.el7_7.src.rpm SHA-256: 6e9e0cd8849b9cc8e5565d3af3c49d93f1bf07f61f9963eb23f17876c33181a5
s390x
bmc-snmp-proxy-1.8.18-9.el7_7.noarch.rpm SHA-256: be626224ef4872ed4c7708703760135033fe4ef1caa4868ffb2f6d8d653c506d
exchange-bmc-os-info-1.8.18-9.el7_7.noarch.rpm SHA-256: d1320a15057a22c50c7821876cee666e5d2e726f877d83984ba28f9feee836ab
ipmitool-1.8.18-9.el7_7.s390x.rpm SHA-256: 6b1f21e28f3a68b8ef1392c458e0a050d9e5906929b4ec730c0e39aeaae6588d
ipmitool-debuginfo-1.8.18-9.el7_7.s390x.rpm SHA-256: 5a2d1c7fec23d9ab542d91d4b0e785fee81778c8687d1ea0a0182fedc7d1f109

Red Hat Enterprise Linux for Power, big endian 7

SRPM
ipmitool-1.8.18-9.el7_7.src.rpm SHA-256: 6e9e0cd8849b9cc8e5565d3af3c49d93f1bf07f61f9963eb23f17876c33181a5
ppc64
bmc-snmp-proxy-1.8.18-9.el7_7.noarch.rpm SHA-256: be626224ef4872ed4c7708703760135033fe4ef1caa4868ffb2f6d8d653c506d
exchange-bmc-os-info-1.8.18-9.el7_7.noarch.rpm SHA-256: d1320a15057a22c50c7821876cee666e5d2e726f877d83984ba28f9feee836ab
ipmitool-1.8.18-9.el7_7.ppc64.rpm SHA-256: f29c7d05bd1fae1764f5b42b306ca66cb0739504e46aef8f5d5ba39211e07d76
ipmitool-debuginfo-1.8.18-9.el7_7.ppc64.rpm SHA-256: 87ddc85da2c212a7074528713a5feeb5f5e52786bf4badf031cd3eaf88c57b5b

Red Hat Enterprise Linux for Power, big endian - Extended Update Support 7.7

SRPM
ipmitool-1.8.18-9.el7_7.src.rpm SHA-256: 6e9e0cd8849b9cc8e5565d3af3c49d93f1bf07f61f9963eb23f17876c33181a5
ppc64
bmc-snmp-proxy-1.8.18-9.el7_7.noarch.rpm SHA-256: be626224ef4872ed4c7708703760135033fe4ef1caa4868ffb2f6d8d653c506d
exchange-bmc-os-info-1.8.18-9.el7_7.noarch.rpm SHA-256: d1320a15057a22c50c7821876cee666e5d2e726f877d83984ba28f9feee836ab
ipmitool-1.8.18-9.el7_7.ppc64.rpm SHA-256: f29c7d05bd1fae1764f5b42b306ca66cb0739504e46aef8f5d5ba39211e07d76
ipmitool-debuginfo-1.8.18-9.el7_7.ppc64.rpm SHA-256: 87ddc85da2c212a7074528713a5feeb5f5e52786bf4badf031cd3eaf88c57b5b

Red Hat Enterprise Linux for Scientific Computing 7

SRPM
ipmitool-1.8.18-9.el7_7.src.rpm SHA-256: 6e9e0cd8849b9cc8e5565d3af3c49d93f1bf07f61f9963eb23f17876c33181a5
x86_64
bmc-snmp-proxy-1.8.18-9.el7_7.noarch.rpm SHA-256: be626224ef4872ed4c7708703760135033fe4ef1caa4868ffb2f6d8d653c506d
exchange-bmc-os-info-1.8.18-9.el7_7.noarch.rpm SHA-256: d1320a15057a22c50c7821876cee666e5d2e726f877d83984ba28f9feee836ab
ipmitool-1.8.18-9.el7_7.x86_64.rpm SHA-256: 8fb927d010472bfdf3c79c6bfed413f5706133a0bad31f0cdc324f250724a11f
ipmitool-debuginfo-1.8.18-9.el7_7.x86_64.rpm SHA-256: 91466a9617443e424b64124424f6aa45e0c6b0c1a9bb86f5a7818213ea318677

Red Hat Enterprise Linux EUS Compute Node 7.7

SRPM
ipmitool-1.8.18-9.el7_7.src.rpm SHA-256: 6e9e0cd8849b9cc8e5565d3af3c49d93f1bf07f61f9963eb23f17876c33181a5
x86_64
bmc-snmp-proxy-1.8.18-9.el7_7.noarch.rpm SHA-256: be626224ef4872ed4c7708703760135033fe4ef1caa4868ffb2f6d8d653c506d
exchange-bmc-os-info-1.8.18-9.el7_7.noarch.rpm SHA-256: d1320a15057a22c50c7821876cee666e5d2e726f877d83984ba28f9feee836ab
ipmitool-1.8.18-9.el7_7.x86_64.rpm SHA-256: 8fb927d010472bfdf3c79c6bfed413f5706133a0bad31f0cdc324f250724a11f
ipmitool-debuginfo-1.8.18-9.el7_7.x86_64.rpm SHA-256: 91466a9617443e424b64124424f6aa45e0c6b0c1a9bb86f5a7818213ea318677

Red Hat Enterprise Linux Server - AUS 7.7

SRPM
ipmitool-1.8.18-9.el7_7.src.rpm SHA-256: 6e9e0cd8849b9cc8e5565d3af3c49d93f1bf07f61f9963eb23f17876c33181a5
x86_64
bmc-snmp-proxy-1.8.18-9.el7_7.noarch.rpm SHA-256: be626224ef4872ed4c7708703760135033fe4ef1caa4868ffb2f6d8d653c506d
exchange-bmc-os-info-1.8.18-9.el7_7.noarch.rpm SHA-256: d1320a15057a22c50c7821876cee666e5d2e726f877d83984ba28f9feee836ab
ipmitool-1.8.18-9.el7_7.x86_64.rpm SHA-256: 8fb927d010472bfdf3c79c6bfed413f5706133a0bad31f0cdc324f250724a11f
ipmitool-debuginfo-1.8.18-9.el7_7.x86_64.rpm SHA-256: 91466a9617443e424b64124424f6aa45e0c6b0c1a9bb86f5a7818213ea318677

Red Hat Enterprise Linux for Power, little endian 7

SRPM
ipmitool-1.8.18-9.el7_7.src.rpm SHA-256: 6e9e0cd8849b9cc8e5565d3af3c49d93f1bf07f61f9963eb23f17876c33181a5
ppc64le
bmc-snmp-proxy-1.8.18-9.el7_7.noarch.rpm SHA-256: be626224ef4872ed4c7708703760135033fe4ef1caa4868ffb2f6d8d653c506d
exchange-bmc-os-info-1.8.18-9.el7_7.noarch.rpm SHA-256: d1320a15057a22c50c7821876cee666e5d2e726f877d83984ba28f9feee836ab
ipmitool-1.8.18-9.el7_7.ppc64le.rpm SHA-256: 36e8c55d7f3cbaedbe39db5674ca67674fdcff52cd51b66266ef8e4c05e27b1f
ipmitool-debuginfo-1.8.18-9.el7_7.ppc64le.rpm SHA-256: 5c7b6e8ffc8872dc3a97be61d34f12e910403307d7123ce9c3ed6e45c399c068

Red Hat Enterprise Linux for Power, little endian - Extended Update Support 7.7

SRPM
ipmitool-1.8.18-9.el7_7.src.rpm SHA-256: 6e9e0cd8849b9cc8e5565d3af3c49d93f1bf07f61f9963eb23f17876c33181a5
ppc64le
bmc-snmp-proxy-1.8.18-9.el7_7.noarch.rpm SHA-256: be626224ef4872ed4c7708703760135033fe4ef1caa4868ffb2f6d8d653c506d
exchange-bmc-os-info-1.8.18-9.el7_7.noarch.rpm SHA-256: d1320a15057a22c50c7821876cee666e5d2e726f877d83984ba28f9feee836ab
ipmitool-1.8.18-9.el7_7.ppc64le.rpm SHA-256: 36e8c55d7f3cbaedbe39db5674ca67674fdcff52cd51b66266ef8e4c05e27b1f
ipmitool-debuginfo-1.8.18-9.el7_7.ppc64le.rpm SHA-256: 5c7b6e8ffc8872dc3a97be61d34f12e910403307d7123ce9c3ed6e45c399c068

Red Hat Enterprise Linux Server - TUS 7.7

SRPM
ipmitool-1.8.18-9.el7_7.src.rpm SHA-256: 6e9e0cd8849b9cc8e5565d3af3c49d93f1bf07f61f9963eb23f17876c33181a5
x86_64
bmc-snmp-proxy-1.8.18-9.el7_7.noarch.rpm SHA-256: be626224ef4872ed4c7708703760135033fe4ef1caa4868ffb2f6d8d653c506d
exchange-bmc-os-info-1.8.18-9.el7_7.noarch.rpm SHA-256: d1320a15057a22c50c7821876cee666e5d2e726f877d83984ba28f9feee836ab
ipmitool-1.8.18-9.el7_7.x86_64.rpm SHA-256: 8fb927d010472bfdf3c79c6bfed413f5706133a0bad31f0cdc324f250724a11f
ipmitool-debuginfo-1.8.18-9.el7_7.x86_64.rpm SHA-256: 91466a9617443e424b64124424f6aa45e0c6b0c1a9bb86f5a7818213ea318677

Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 7.7

SRPM
ipmitool-1.8.18-9.el7_7.src.rpm SHA-256: 6e9e0cd8849b9cc8e5565d3af3c49d93f1bf07f61f9963eb23f17876c33181a5
ppc64le
bmc-snmp-proxy-1.8.18-9.el7_7.noarch.rpm SHA-256: be626224ef4872ed4c7708703760135033fe4ef1caa4868ffb2f6d8d653c506d
exchange-bmc-os-info-1.8.18-9.el7_7.noarch.rpm SHA-256: d1320a15057a22c50c7821876cee666e5d2e726f877d83984ba28f9feee836ab
ipmitool-1.8.18-9.el7_7.ppc64le.rpm SHA-256: 36e8c55d7f3cbaedbe39db5674ca67674fdcff52cd51b66266ef8e4c05e27b1f
ipmitool-debuginfo-1.8.18-9.el7_7.ppc64le.rpm SHA-256: 5c7b6e8ffc8872dc3a97be61d34f12e910403307d7123ce9c3ed6e45c399c068

Red Hat Enterprise Linux Server - Update Services for SAP Solutions 7.7

SRPM
ipmitool-1.8.18-9.el7_7.src.rpm SHA-256: 6e9e0cd8849b9cc8e5565d3af3c49d93f1bf07f61f9963eb23f17876c33181a5
x86_64
bmc-snmp-proxy-1.8.18-9.el7_7.noarch.rpm SHA-256: be626224ef4872ed4c7708703760135033fe4ef1caa4868ffb2f6d8d653c506d
exchange-bmc-os-info-1.8.18-9.el7_7.noarch.rpm SHA-256: d1320a15057a22c50c7821876cee666e5d2e726f877d83984ba28f9feee836ab
ipmitool-1.8.18-9.el7_7.x86_64.rpm SHA-256: 8fb927d010472bfdf3c79c6bfed413f5706133a0bad31f0cdc324f250724a11f
ipmitool-debuginfo-1.8.18-9.el7_7.x86_64.rpm SHA-256: 91466a9617443e424b64124424f6aa45e0c6b0c1a9bb86f5a7818213ea318677

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.