Vulnerability-Lookup

CNVD-2017-29224

Vulnerability from cnvd - Published: 2017-10-09

Title

多款Intel产品拒绝服务漏洞

Description

Intel SSD 540s Series等都是美国英特尔（Intel）公司不同系列的固态硬盘产品。多款Intel产品中存在安全漏洞。攻击者可利用该漏洞造成拒绝服务（数据损坏）。

Severity

低

Patch Name

多款Intel产品拒绝服务漏洞的补丁

Patch Description

Intel SSD 540s Series等都是美国英特尔（Intel）公司不同系列的固态硬盘产品。多款Intel产品中存在安全漏洞。攻击者可利用该漏洞造成拒绝服务（数据损坏）。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description

厂商已发布了漏洞修复程序，请及时关注更新： https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00079&languageid;=en-fr

Reference

https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00079&languageid=en-fr

Impacted products

Name
['Intel SSD 540s Series 2.5" LSBG200', 'Intel SSD 540s Series 2.5" LSF031C', 'Intel SSD 540s Series 2.5" LSF036C', 'Intel SSD 540s Series 2.5" LBF010C', 'Intel SSD 540s Series M.2 LSBG100', 'Intel SSD 540s Series M.2 LSF031C', 'Intel SSD 540s Series M.2 LSF036C', 'Intel SSD 540s Series M.2 LBF010C', 'Intel SSD E 5400s Series 2.5" LSF031P', 'Intel SSD E 5400s Series 2.5" LSF036P', 'Intel SSD E 5400s Series 2.5" LBF010P', 'Intel SSD Pro 5400s Series M.2 LBF010P', 'Intel SSD E 5400s Series 2.5" LSMG200', 'Intel SSD E 5400s Series 2.5" LSF031E', 'Intel SSD E 5400s Series 2.5" LSF036E', 'Intel SSD E 5400s Series M.2 LSMG100', 'Intel SSD E 5400s Series M.2 LSF031E', 'Intel SSD E 5400s Series M.2 LSF036E', 'Intel SSD DC S3100 Series LSDG200', 'Intel SSD DC S3100 Series LSF031D', 'Intel SSD DC S3100 Series LSF036D']

Name

['Intel SSD 540s Series 2.5" LSBG200', 'Intel SSD 540s Series 2.5" LSF031C', 'Intel SSD 540s Series 2.5" LSF036C', 'Intel SSD 540s Series 2.5" LBF010C', 'Intel SSD 540s Series M.2 LSBG100', 'Intel SSD 540s Series M.2 LSF031C', 'Intel SSD 540s Series M.2 LSF036C', 'Intel SSD 540s Series M.2 LBF010C', 'Intel SSD E 5400s Series 2.5" LSF031P', 'Intel SSD E 5400s Series 2.5" LSF036P', 'Intel SSD E 5400s Series 2.5" LBF010P', 'Intel SSD Pro 5400s Series M.2 LBF010P', 'Intel SSD E 5400s Series 2.5" LSMG200', 'Intel SSD E 5400s Series 2.5" LSF031E', 'Intel SSD E 5400s Series 2.5" LSF036E', 'Intel SSD E 5400s Series M.2 LSMG100', 'Intel SSD E 5400s Series M.2 LSF031E', 'Intel SSD E 5400s Series M.2 LSF036E', 'Intel SSD DC S3100 Series LSDG200', 'Intel SSD DC S3100 Series LSF031D', 'Intel SSD DC S3100 Series LSF036D']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2017-5695"
    }
  },
  "description": "Intel SSD 540s Series\u7b49\u90fd\u662f\u7f8e\u56fd\u82f1\u7279\u5c14\uff08Intel\uff09\u516c\u53f8\u4e0d\u540c\u7cfb\u5217\u7684\u56fa\u6001\u786c\u76d8\u4ea7\u54c1\u3002\r\n\r\n\u591a\u6b3eIntel\u4ea7\u54c1\u4e2d\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u9020\u6210\u62d2\u7edd\u670d\u52a1\uff08\u6570\u636e\u635f\u574f\uff09\u3002",
  "discovererName": "Intel",
  "formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00079\u0026languageid;=en-fr",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2017-29224",
  "openTime": "2017-10-09",
  "patchDescription": "Intel SSD 540s Series\u7b49\u90fd\u662f\u7f8e\u56fd\u82f1\u7279\u5c14\uff08Intel\uff09\u516c\u53f8\u4e0d\u540c\u7cfb\u5217\u7684\u56fa\u6001\u786c\u76d8\u4ea7\u54c1\u3002\r\n\r\n\u591a\u6b3eIntel\u4ea7\u54c1\u4e2d\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u9020\u6210\u62d2\u7edd\u670d\u52a1\uff08\u6570\u636e\u635f\u574f\uff09\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "\u591a\u6b3eIntel\u4ea7\u54c1\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Intel SSD 540s Series 2.5\" LSBG200",
      "Intel SSD 540s Series 2.5\" LSF031C",
      "Intel SSD 540s Series 2.5\" LSF036C",
      "Intel SSD 540s Series 2.5\" LBF010C",
      "Intel SSD 540s Series M.2 LSBG100",
      "Intel SSD 540s Series M.2 LSF031C",
      "Intel SSD 540s Series M.2 LSF036C",
      "Intel SSD 540s Series M.2 LBF010C",
      "Intel SSD E 5400s Series 2.5\" LSF031P",
      "Intel SSD E 5400s Series 2.5\" LSF036P",
      "Intel SSD E 5400s Series 2.5\" LBF010P",
      "Intel SSD Pro 5400s Series M.2 LBF010P",
      "Intel SSD E 5400s Series 2.5\" LSMG200",
      "Intel SSD E 5400s Series 2.5\" LSF031E",
      "Intel SSD E 5400s Series 2.5\" LSF036E",
      "Intel SSD E 5400s Series M.2 LSMG100",
      "Intel SSD E 5400s Series M.2 LSF031E",
      "Intel SSD E 5400s Series M.2 LSF036E",
      "Intel SSD DC S3100 Series LSDG200",
      "Intel SSD DC S3100 Series LSF031D",
      "Intel SSD DC S3100 Series LSF036D"
    ]
  },
  "referenceLink": "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00079\u0026languageid=en-fr",
  "serverity": "\u4f4e",
  "submitTime": "2017-08-18",
  "title": "\u591a\u6b3eIntel\u4ea7\u54c1\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e"
}

CVE-2017-5695 (GCVE-0-2017-5695)

Vulnerability from cvelistv5 – Published: 2017-08-09 14:00 – Updated: 2024-09-16 23:51

Summary

Data corruption vulnerability in firmware in Intel Solid-State Drive Consumer, Professional, Embedded, Data Center affected firmware versions LSBG200, LSF031C, LSF036C, LBF010C, LSBG100, LSF031C, LSF036C, LBF010C, LSF031P, LSF036P, LBF010P, LSF031P, LSF036P, LBF010P, LSMG200, LSF031E, LSF036E, LSMG100, LSF031E, LSF036E, LSDG200, LSF031D, LSF036D allows local users to cause a denial of service via unspecified vectors.

Severity ?

No CVSS data available.

CWE

Denial of Service

Assigner

intel

References

URL

Tags

	https://security-center.intel.com/advisory.aspx?i…	x_refsource_CONFIRM
	http://support.lenovo.com/us/en/solutions/LEN-26626	x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	Intel Corporation	Solid-State Drive Consumer, Professional, Embedded, Data Center	Affected: LSBG200, LSF031C, LSF036C, LBF010C, LSBG100, LSF031C, LSF036C, LBF010C, LSF031P, LSF036P, LBF010P, LSF031P, LSF036P, LBF010P, LSMG200, LSF031E, LSF036E, LSMG100, LSF031E, LSF036E, LSDG200, LSF031D, LSF036D

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T15:11:48.446Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00079\u0026languageid=en-fr"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.lenovo.com/us/en/solutions/LEN-26626"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Solid-State Drive Consumer, Professional, Embedded, Data Center",
          "vendor": "Intel Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "LSBG200, LSF031C, LSF036C, LBF010C, LSBG100, LSF031C, LSF036C, LBF010C, LSF031P, LSF036P, LBF010P, LSF031P, LSF036P, LBF010P, LSMG200, LSF031E, LSF036E, LSMG100, LSF031E, LSF036E, LSDG200, LSF031D, LSF036D"
            }
          ]
        }
      ],
      "datePublic": "2017-08-08T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Data corruption vulnerability in firmware in Intel Solid-State Drive Consumer, Professional, Embedded, Data Center affected firmware versions LSBG200, LSF031C, LSF036C, LBF010C, LSBG100, LSF031C, LSF036C, LBF010C, LSF031P, LSF036P, LBF010P, LSF031P, LSF036P, LBF010P, LSMG200, LSF031E, LSF036E, LSMG100, LSF031E, LSF036E, LSDG200, LSF031D, LSF036D allows local users to cause a denial of service via unspecified vectors."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Denial of Service",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-04-18T18:06:09",
        "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
        "shortName": "intel"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00079\u0026languageid=en-fr"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.lenovo.com/us/en/solutions/LEN-26626"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secure@intel.com",
          "DATE_PUBLIC": "2017-08-08T00:00:00",
          "ID": "CVE-2017-5695",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Solid-State Drive Consumer, Professional, Embedded, Data Center",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "LSBG200, LSF031C, LSF036C, LBF010C, LSBG100, LSF031C, LSF036C, LBF010C, LSF031P, LSF036P, LBF010P, LSF031P, LSF036P, LBF010P, LSMG200, LSF031E, LSF036E, LSMG100, LSF031E, LSF036E, LSDG200, LSF031D, LSF036D"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Intel Corporation"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Data corruption vulnerability in firmware in Intel Solid-State Drive Consumer, Professional, Embedded, Data Center affected firmware versions LSBG200, LSF031C, LSF036C, LBF010C, LSBG100, LSF031C, LSF036C, LBF010C, LSF031P, LSF036P, LBF010P, LSF031P, LSF036P, LBF010P, LSMG200, LSF031E, LSF036E, LSMG100, LSF031E, LSF036E, LSDG200, LSF031D, LSF036D allows local users to cause a denial of service via unspecified vectors."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Denial of Service"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00079\u0026languageid=en-fr",
              "refsource": "CONFIRM",
              "url": "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00079\u0026languageid=en-fr"
            },
            {
              "name": "http://support.lenovo.com/us/en/solutions/LEN-26626",
              "refsource": "CONFIRM",
              "url": "http://support.lenovo.com/us/en/solutions/LEN-26626"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
    "assignerShortName": "intel",
    "cveId": "CVE-2017-5695",
    "datePublished": "2017-08-09T14:00:00Z",
    "dateReserved": "2017-02-01T00:00:00",
    "dateUpdated": "2024-09-16T23:51:12.311Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CNVD-2017-29224

CVE-2017-5695 (GCVE-0-2017-5695)

Tags

Sightings

Nomenclature