CVE-2018-1426

2018-03-22T12:29:00
ID CVE-2018-1426
Type cve
Reporter cve@mitre.org
Modified 2020-08-24T17:37:00

Description

IBM GSKit (IBM DB2 for Linux, UNIX and Windows 9.7, 10.1, 10.5, and 11.1) duplicates the PRNG state across fork() system calls when multiple ICC instances are loaded which could result in duplicate Session IDs and a risk of duplicate key material. IBM X-Force ID: 139071.