Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ibmIBMB21E322EBFC512ECDC98906E22E800594BBF803083C0BFA068CC6E0D3D1145F7
HistoryJun 27, 2019 - 8:45 a.m.

Security Bulletin: IBM QRadar Network Security is affected by Linux kernel vulnerabilities (CVE-2019-7221, CVE-2019-6974, CVE-2018-17972, CVE-2018-9568)

2019-06-2708:45:01
www.ibm.com
10

8.1 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

JSON

Summary

IBM QRadar Network Security is affected by Linux kernel vulnerabilities

Vulnerability Details

CVEID:CVE-2019-7221
DESCRIPTION: Linux Kernel is vulnerable to a denial of service, caused by a use-after-free in the way KVM hypervisor emulates a preemption timer for L2 guests when nested (=1) virtualization is enabled… A local authenticated attacker could exploit this vulnerability to crash the host kernel and possibly gain privileged access to a system.
CVSS Base Score: 7.5
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/157079&gt; for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H)

CVEID:CVE-2019-6974
DESCRIPTION: Linux Kernel is vulnerable to a denial of service, caused by the improper handling of reference counting by kvm_ioctl_create_device in virt/kvm/kvm_main.c. A local authenticated attacker could exploit this vulnerability to trigger a use-after-free to crash the guest VM and possibly gain privileged access to a system.
CVSS Base Score: 7.8
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/157074&gt; for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H)

CVEID:CVE-2018-17972
DESCRIPTION: Linux Kernel could allow a local attacker to obtain sensitive information, caused by a flaw in the proc_pid_stack function in fs/proc/base.c. By sending a specially-crafted request, a local attacker could exploit this vulnerability to obtain kernel task stack contents.
CVSS Base Score: 6.2
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/150826&gt; for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)

CVEID:CVE-2018-9568
DESCRIPTION: Google Android could allow a local attacker to gain elevated privileges on the system, caused by a type confusion flaw in the sk_clone_lock function in sock.c. By sending a specially-crafted request, an attacker could exploit this vulnerability to gain elevated privileges.
CVSS Base Score: 8.4
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/153889&gt; for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)

Affected Products and Versions

IBM QRadar Network Security 5.4.0

IBM QRadar Network Security 5.5.0

Remediation/Fixes

Product VRMF Remediation/First Fix
IBM QRadar Network Security 5.4.0 Install Firmware 5.4.0.8 from the Available Updates page of the Local Management Interface, or by performing a One Time Scheduled Installation from SiteProtector.
Or
Download Firmware 5.4.0.8 from IBM Security License Key and Download Center and upload and install via the Available Updates page of the Local Management Interface.
IBM QRadar Network Security 5.5.0 Install Firmware 5.5.0.3 from the Available Updates page of the Local Management Interface, or by performing a One Time Scheduled Installation from SiteProtector.
Or
Download Firmware 5.5.0.3 from IBM Security License Key and Download Center and upload and install via the Available Updates page of the Local Management Interface.

Related

nessus 72
virtuozzo 7
redhat 12
openvas 38
oraclelinux 10
centos 4
amazon 4
fedora 12
ubuntu 2
photon 4
ubuntucve 4
cve 4
veracode 4
debiancve 4
redhatcve 4
prion 4
f5 3
googleprojectzero 1
osv 2
zdt 1
suse 1
mageia 1
ibm 1
nessus
nessus
RHEL 7 : kernel (RHSA-2019:0818)
2019-04-24 00:00:00
Scientific Linux Security Update : kernel on SL7.x x86_64 (20190423)
2019-04-25 00:00:00
Virtuozzo 7 : readykernel-patch (VZA-2019-042)
2020-02-04 00:00:00
virtuozzo
virtuozzo
Important kernel security update: Virtuozzo ReadyKernel patch 80.0 for Virtuozzo 7.0.7 to 7.0.8
2019-06-03 00:00:00
Important kernel security update: Virtuozzo ReadyKernel patch 80.0 for Virtuozzo 7.0 Update 9 and Virtuozzo Infrastructure Platform 2.5
2019-05-30 00:00:00
Important kernel security update: Virtuozzo ReadyKernel patch 80.0 for Virtuozzo 7.0.6 and 7.0.6 HF3
2019-06-03 00:00:00
redhat
redhat
(RHSA-2019:0818) Important: kernel security and bug fix update
2019-04-23 12:36:39
(RHSA-2019:0833) Important: kernel-rt security and bug fix update
2019-04-23 12:42:49
(RHSA-2019:0514) Important: kernel-rt security and bug fix update
2019-03-12 16:33:04
openvas
openvas
CentOS Update for kernel CESA-2019:0818 centos7
2019-05-01 00:00:00
CentOS Update for kernel CESA-2019:0512 centos7
2019-03-21 00:00:00
Fedora Update for kernel-tools FEDORA-2019-164946aa7f
2019-05-07 00:00:00
oraclelinux
oraclelinux
kernel security and bug fix update
2019-04-23 00:00:00
kernel security, bug fix, and enhancement update
2019-03-13 00:00:00
Unbreakable Enterprise kernel security update
2019-03-12 00:00:00
centos
centos
bpftool, kernel, perf, python security update
2019-04-30 12:00:45
bpftool, kernel, perf, python security update
2019-03-19 14:31:04
kernel, perf, python security update
2019-09-17 22:02:45
amazon
amazon
Important: kernel
2019-03-07 18:24:00
Important: kernel
2019-02-26 18:55:00
Important: kernel
2018-11-05 19:47:00
fedora
fedora
[SECURITY] Fedora 28 Update: kernel-tools-4.20.8-100.fc28
2019-02-16 01:25:12
[SECURITY] Fedora 29 Update: kernel-headers-4.20.8-200.fc29
2019-02-16 01:58:04
[SECURITY] Fedora 29 Update: kernel-tools-4.20.8-200.fc29
2019-02-16 01:58:04
ubuntu
ubuntu
Linux kernel (Trusty HWE) vulnerabilities
2019-02-04 00:00:00
Linux kernel vulnerabilities
2019-02-04 00:00:00
photon
photon
Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2019-2.0-0142
2019-03-19 00:00:00
Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2019-1.0-0221
2019-04-01 00:00:00
Critical Photon OS Security Update - PHSA-2019-0221
2019-04-01 00:00:00
ubuntucve
ubuntucve
CVE-2018-9568
2018-12-06 00:00:00
CVE-2018-17972
2018-10-03 00:00:00
CVE-2019-7221
2019-03-21 00:00:00
cve
cve
CVE-2018-9568
2018-12-06 14:29:00
CVE-2018-17972
2018-10-03 22:29:00
CVE-2019-7221
2019-03-21 16:01:00
veracode
veracode
Privilege Escalation
2019-05-16 03:58:18
Information Disclosure
2019-05-16 03:58:18
User-After-Free
2019-05-16 03:59:55
debiancve
debiancve
CVE-2018-9568
2018-12-06 14:29:00
CVE-2018-17972
2018-10-03 22:29:00
CVE-2019-7221
2019-03-21 16:01:00
redhatcve
redhatcve
CVE-2018-17972
2020-04-08 22:15:56
CVE-2018-9568
2020-04-06 23:05:01
CVE-2019-7221
2019-02-07 18:50:31
prion
prion
Stack overflow
2018-10-03 22:29:00
Type confusion
2018-12-06 14:29:00
Double free
2019-03-21 16:01:00
f5
f5
K27673650 : Linux kernel vulnerability CVE-2018-17972
2019-02-12 00:00:00
K08413011 : Linux kernel vulnerability CVE-2019-7221
2019-06-14 00:00:00
Linux kernel KVM subsystem vulnerability CVE-2019-6974
2019-04-19 16:32:00
googleprojectzero
googleprojectzero
Mitigations are attack surface, too
2020-02-12 00:00:00
osv
osv
CVE-2019-7221
2019-03-21 16:01:10
CVE-2019-6974
2019-02-15 15:29:00
zdt
zdt
Linux - kvm_ioctl_create_device() NULL Pointer Dereference Exploit
2019-02-17 00:00:00
suse
suse
Security update for the Linux Kernel (important)
2019-02-18 00:00:00
mageia
mageia
Updated kernel packages fix security vulnerabilities
2019-02-21 02:50:36
ibm
ibm
Security Bulletin: IBM Security QRadar Packet Capture is vulnerable to Using Components with Known Vulnerabilities
2020-10-28 17:16:55

8.1 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

JSON
Related for B21E322EBFC512ECDC98906E22E800594BBF803083C0BFA068CC6E0D3D1145F7
nessus72virtuozzo7redhat12openvas38oraclelinux10centos4amazon4fedora12ubuntu2photon4ubuntucve4cve4veracode4debiancve4redhatcve4prion4f53googleprojectzero1osv2zdt1suse1mageia1ibm1