![Meinberg Security Advisory: [MBGSA-2024.04] LANTIME-Firmware V7.08.014 - Meinberg News](/css/images/logos/meinberg-logo.svg){kind=logo}
![[Preview]Meinberg Security Advisory: [MBGSA-2024.04] LANTIME-Firmware V7.08.014 - Meinberg News](/css/buttons/xde.png.pagespeed.ic.STRk-ATSUv.png)
NEWSNews from 2024-07-22
Meinberg Security Advisory: [MBGSA-2024.04] LANTIME-Firmware V7.08.014
Meinberg recommends updating to LANTIME firmware version 7.08.014.
-
LANTIME Firmware V7.08.013:
severity level critical(0), high (6), medium (2), low (4), info (0), unknown (0)
- LANTIME Firmware: V7.08.014
-
Description of the Vulnerabilities
- Third-Party-Software:
- unbound:
-
CVE-2024-1488 - unrestricted reconfiguration enabled to anyone that may lead to local privilege escalation (high)
https://access.redhat.com/security/cve/CVE-2024-1488CVE-2023-50387 - CPU intensive and time costly DNSSEC validation path aka Keytrap (high)
CVE-2023-50868 - CPU intensive and time costly NSEC3 hash calculation path (high)
https://nlnetlabs.nl/downloads/unbound/CVE-2023-50387_CVE-2023-50868.txtCVE-2022-3204 - NRDelegation attack leads to uncontrolled resource consumption (Non-Responsive Delegation Attack) (high)
https://nlnetlabs.nl/downloads/unbound/CVE-2022-3204.txtCVE-2022-30699 - novel ghost domain attack that allows attackers to trigger continued resolvability of malicious domain names (medium)
CVE-2022-30698 - novel ghost domain attack that allows attackers to trigger continued resolvability of malicious domain names (medium)
https://nlnetlabs.nl/downloads/unbound/CVE-2022-30698_CVE-2022-30699.txtFixed in:
V7.08.011 MBGID-17470
-
- openssl:
-
CVE-2024-2511 - Unbounded memory growth with session handling in TLSv1.3 (low)
CVE-2024-4603 - Excessive time spent checking DSA keys and parameters (low)
CVE-2024-4741 - Use After Free with SSL_free_buffers (low)
https://www.openssl.org/news/vulnerabilities.htmlFixed in:
V7.08.012 MBGID-17433
-
- openssh:
-
CVE-2024-6387 - OpenSSH RegreSSHion Vulnerability (high)
NOCVE - Logic error in ssh(1) ObscureKeystrokeTiming (low)
https://www.openssh.com/releasenotes.htmlFixed in:
V7.08.014 MBGID-18362
-
- unbound:
- LTOS Web User Interface:
-
NOCVE - Insufficient input validation of the CSRF-Token (high)
The validation of the length of the CSRF token was flawed, which allowed the protection of the CSRF token from cross-site request forgery attacks to be undermined.Fixed in:
V7.08.013 MBGID-18184
-
- Third-Party-Software:
-
Systems Affected
All LANTIME firmware versions before 7.08.014 are affected by the corresponding vulnerabilities. The LANTIME firmware is used by all devices of the LANTIME M series (M100, M150, M200, M250, M300, M320, M400, M450, M600, M900) as well as all devices of the LANTIME IMS series (M500, M1000, M1000S, M2000S, M3000, M3000S, M4000) and the SyncFire product family (SF1000, SF1100, SF1200, SF1500) and LANTIME CPU Expansions (LCES).
Whether and to what extent individual clients or LANTIME systems are vulnerable depends on the individual configuration, network infrastructure, and other factors, and it is therefore not possible to provide a general statement on how vulnerable a given system in use actually is.
-
Possible Security Measures
The relevant security updates are included in the LANTIME firmware versions 7.08.014(-light). Updating to these versions eliminates the listed vulnerabilities.
Download the latest LANTIME firmware at:
All updates are now available for Meinberg customers. An update of the LANTIME firmware to the version 7.08.014 respectively 7.08.014-light is recommended. Clients who cannot install version 7.08.014 should install version 7.08.014-light instead.
-
Further Information
Further details and information are available from the following website:
If you have any questions or need assistance, please, do not hesitate to contact Meinberg’s technical support team.
-
Acknowledgments
We would like to express our gratitude to all those who have advised us of vulnerabilities or other bugs, and have also suggested improvements to us.
Thank you!
