This notice is to advise Joyent's Triton Cloud (public cloud) customers, Triton Enterprise software customers and Open Source Triton users of four SmartOS/file system vulnerabilities reported by Cisco Talos.
On 13-December-2016, Cisco Talos reported three privilege escalation vulnerabilities that result from exploits on the IOCTL function. Based on our investigation, the exploits are actually not possible as either a regular user or as root from within a zone.
Following are the vulnerabilities' TALOS/CVE sets:
- TALOS-2016-0248 (CVE-2016-8733) and TALOS-2016-0249 (CVE-2016-9031)
- TALOS-2016-0250 (CVE-2016-9032) and TALOS-2016-0252 (CVE-2016-9034)
- TALOS-2016-0251 (CVE-2016-9033) and TALOS-2016-0253 (CVE-2016-9035)
- [UPDATED 30-Jan-2017 to include this fourth vulnerability set:] TALOS-2016-0257 (CVE-2016-9039) and TALOS-2016-0258 (CVE-2016-9040)
For further details, see this Cisco Talos blog.
Actions Taken by Joyent
While we do not believe these CVEs are of concern, we have made improvements in validation and error handling in the related area.
Actions You Need to Take
For the reasons noted above, no action is required/recommended for any Joyent customer or Open Source user.
If you are a Joyent customer and have any further questions or concerns after reading the information provided above, please contact Joyent Support.
If you are an Open Source Triton user, please direct any further questions to the SmartOS Community Mailing Lists and IRC.