If admins use OpenBMC to monitor and maintain servers, they should quickly install the latest security update for security reasons. If this is not done, malicious code can get onto systems.
Anzeige
The threat
According to a warning message, the vulnerability (CVE-2024-41660) is classified as “critical” and attackers can use it to completely compromise systems. The vulnerability specifically affects the slpd-lite component. In a default build of OpenBMC, the vulnerable package is included and active by default.
If an attacker has access to a BMC management network, they can exploit the vulnerability. Security researchers from Tetrel show in a paper that the slpd service runs as root and listens on UDP port 427. Due to insufficient checks, a prepared UDP packet sent by attackers is waved through, which triggers a memory error. This allows malicious code to get onto systems.
However, such management interfaces are often also accessible via the Internet, which increases the attack surface.
Securing systems
So far, there are no reports of attacks already underway. To protect OpenBMC systems, admins must install the security patch from the openbmc/slpd-lite repository. If admins are currently unable to install the update, they must disable the slpd service or block UDP port 427 until the patch can be installed.
The security researchers state that they contacted the OpenBMC managers in May 2024. The developers closed the vulnerability at the end of May. Technical information on the vulnerability has only just been published.
(des)
