Vulnerability in GNU Binutils affecting IBM Netezza Platform Software
We'd like to bring to your attention this IBM Security Bulletin, referring to a vulnerability in GNU Binutils affects IBM Netezza Platform Software.
Looking at this other post is it fair to say customers are only affected if a malicious user is able to log into their host environment and replace an existing specific file (st"bs.c) with a compromised one. Therefore, if the Host is fairly well locked down against malicious access, and/or a stabs.c file does not exist anywhere in the file system, then the chances of a heap-based buffer overflow occurring are extremely minimal.
Having investigated this further we have determined that:
- IBM has not published a public workaround or solution to this problem as yet
- GNU Binutils is most likely pre-installed on every Host (i.e. is not an ‘optional extra’ component like log4j was previously) but we’ve done some checking on a number of systems and haven’t detected the existence of a stabs.c file (using find / -name stabs.c -print 2>/dev/null) which is the vector for the vulnerability.
- Even if you were to find a stabs.c file on your Host, according to RedHat in order for a system to be compromised: “the attack needs to be initiated locally where an attacker could convince a victim to read a specially crafted file that is processed by objdump, leading to the disclosure of memory and possibly leading to the execution of arbitrary code or causing the utility to crash.”
In other words: if you’re not using your Netezza Host as a file server (e.g. by NFS mounting Netezza file systems on remote devices), which you absolutely shouldn’t be doing - then it won't be possible for such a specially crafted file to be placed on the system without your permission or knowledge, unless an employee manually copies it there themselves. And even then, the specially crafted file needs to not only need to be placed on the Host itself, but also compiled and executed on the system as well by someone logged in as root. We would argue that if anyone is able to do that on your network without your knowledge or permission, then you have much bigger security problems than this particular vulnerability. Given the above, we do not think this vulnerability is a huge concern for our Netezza customers.
However, if we learn anything more that contradicts the above initial findings, or if IBM publishes a workaround to mitigate the vulnerability, we will issue an update to this blog.
If you want any further information, feel free to contact us.