Lucene search

K
ibmIBM7E908C54FE9150C3B09D4779711C48C66901453652E1833B9998EC652FE7B869
HistoryOct 09, 2020 - 7:46 p.m.

Security Bulletin: IBM Security Guardium is affected by a kernel vulnerability

2020-10-0919:46:09
www.ibm.com
19

EPSS

0

Percentile

5.1%

Summary

IBM Security Guardium has addressed the following vulnerabilities.

Vulnerability Details

CVEID:CVE-2019-14898
**DESCRIPTION:**Linux Kernel is vulnerable to a denial of service, caused by a race condition in between mmget_not_zero()/get_task_mm() and core dumping. By using a specially-crafted system call, a local authenticated attacker could exploit this vulnerability to cause the system to crash or obtain sensitive information.
CVSS Base score: 6.1
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/175727 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H)

Affected Products and Versions

Affected Product(s) Version(s)
IBM Security Guardium 11.0
IBM Security Guardium 11.1

Remediation/Fixes

Product

|

VRMF

|

Remediation / First Fix

—|—|—
IBM Security Guardium | 11.0 | http://www.ibm.com/support/fixcentral/swg/quickorder?parent=IBM Security&product=ibm/Information+Management/InfoSphere+Guardium&release=11.0&platform=All&function=fixId&fixids=SqlGuard_11.0p30_Bundle_Aug-25-2020&includeSupersedes=0&source=fc
IBM Security Guardium | 11.1 | | |

http://www.ibm.com/support/fixcentral/swg/quickorder?parent=IBM Security&product=ibm/Information+Management/InfoSphere+Guardium&release=11.0&platform=All&function=fixId&fixids=SqlGuard_11.0p115_Bundle_May-19-2020&includeSupersedes=0&source=fc

Workarounds and Mitigations

None

EPSS

0

Percentile

5.1%