CVE-2019-6260

Name of the Vulnerable Software and Affected Versions OpenBMC versions (affected versions not specified) ASPEED ast2400 and ast2500 Baseband Management Controller (BMC) hardware and firmware

Description The issue is related to access control errors in the OpenBMC software, which can be exploited by a remote attacker to execute malicious code, read and write arbitrary data, change configuration settings, or cause a denial of service. The ASPEED ast2400 and ast2500 BMC hardware and firmware implement Advanced High-performance Bus (AHB) bridges, allowing arbitrary read and write access to the BMC's physical address space from the host or network. This can enable an attacker to migrate from the host server to the BMC and implement attacks on the server management network, gaining additional permissions for other BMCs in the network and potentially compromising access to other servers.

Recommendations For OpenBMC, at the moment, there is no information about a newer version that contains a fix for this vulnerability. For ASPEED ast2400 and ast2500 Baseband Management Controller (BMC) hardware and firmware, consider restricting access to the BMC's physical address space to minimize the risk of exploitation. As a temporary workaround, consider disabling the iLPC2AHB bridge Pt I, iLPC2AHB bridge Pt II, PCIe VGA P2A bridge, X-DMA, UART-based SoC Debug interface, LPC2AHB bridge, PCIe BMC P2A bridge, and Watchdog setup functions until a patch is available. Avoid using the BMC console uart in unusual cases where it is attached to a serial concentrator until the issue is resolved.