IBM has announced a release for IBM Security Identity Governance and Intelligence (IGI) in response to security vulnerability. The kernel packages contain the Linux kernel, the core of any Linux operating system. An integer overflow flaw was found in the way the Linux kernel’s networking subsystem processed TCP Selective Acknowledgment (SACK) segments. Also, excessive resource consumption (while processing SACK blocks or for TCP connections with low MSS) allows remote denial of service.
Affected product(s) and affected version(s):
| AffectedProduct(s) | Version(s) |
| IBM Security Identity Governance and Intelligence | 5.2.4 |
| IBM Security Identity Governance and Intelligence | 5.2.5.1 |
Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: https://www.ibm.com/support/pages/node/1284760
The post Security Bulletin: IBM has announced a release for IBM Security Identity Governance and Intelligence in response to security vulnerability (CVE-2019-11479, CVE-2019-11478, CVE-2019-11477) appeared first on IBM PSIRT Blog.
from IBM Product Security Incident Response Team https://ift.tt/3aPedcV
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.