Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ibmIBMED8A3D1B7861E9FADE2E56F3710C2F426BD0F046968D24A2807B0DBC778A1AA1
HistoryAug 10, 2020 - 3:57 p.m.

Security Bulletin: Publicly disclosed vulnerabilities from Kernel affect IBM Netezza Host Management

2020-08-1015:57:19
www.ibm.com
24

EPSS

0.008

Percentile

81.7%

JSON

Summary

Kernel is used by IBM Netezza Host Management. IBM Netezza Host Management has addressed the applicable CVEs

Vulnerability Details

CVEID:CVE-2019-18660
**DESCRIPTION:**Linux Kernel for PowerPC could allow a local authenticated attacker to obtain sensitive information, caused by the failure to activate the mitigation for Spectre-RSB on context switch. By using side channel attacks, an attacker could exploit this vulnerability to obtain sensitive information, and use this information to launch further attacks against the affected system.
CVSS Base score: 5.6
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/172297 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N)

CVEID:CVE-2019-17666
**DESCRIPTION:**Linux Kernel is vulnerable to a buffer overflow, caused by improper bounds checking by the rtl_p2p_noa_ie function in drivers/net/wireless/realtek/rtlwifi/ps.c. By sending a specially-crafted request, a remote attacker could overflow a buffer and execute arbitrary code on the system.
CVSS Base score: 8.8
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/169487 for the current score.
CVSS Vector: (CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)

CVEID:CVE-2020-10711
**DESCRIPTION:**Linux Kernel is vulnerable to a denial of service, caused by a NULL pointer dereference while receiving CIPSO packet with null category in the SELinux subsystem. By sending a specially-crafted CIPSO packet, a remote attacker could exploit this vulnerability to the system to crash.
CVSS Base score: 7.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/181809 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)

Affected Products and Versions

Affected Product(s) Version(s)
IBM Netezza Host Management All IBM Netezza Host Management 5.4.9.0 - 5.4.27.0

Remediation/Fixes

To resolve the reported CVEs for Red Hat Enterprise Linux (RHEL) on following platforms :

PureData System for Analytics N3001
PureData System for Analytics N200x

Update to the following IBM Netezza Host Management release :

Product

|

VRMF

|

Remediation/Fix

—|—|—

IBM Netezza Host Management

|

5.4.28.0

|

Fix Central Link

The Netezza Host Management software contains the latest RHEL updates for the operating systems certified for use on IBM Netezza/PureData System for Analytics appliances. IBM recommends upgrading to the latest Netezza Host Management version to ensure that your hosts have the latest fixes, security changes, and operating system updates. IBM Support can assist you with planning for the Netezza Host Management and operating system upgrades to your appliances.

For more details on IBM Netezza Host Management security patching:

Workarounds and Mitigations

None

Related

cve 3
f5 3
symantec 2
nvd 3
debiancve 3
nessus 71
redhat 29
prion 3
redhatcve 3
veracode 2
ubuntucve 3
cvelist 3
openvas 20
fedora 6
osv 1
archlinux 4
oraclelinux 11
amazon 3
cbl_mariner 1
centos 3
mageia 3
ibm 2
threatpost 1
virtuozzo 3
photon 5
suse 2
ubuntu 6
cve
cve
CVE-2019-18660
2019-11-27 23:15:10
CVE-2019-17666
2019-10-17 02:15:13
CVE-2020-10711
2020-05-22 15:15:11
f5
f5
K15079139 : Linux kernel vulnerability CVE-2019-18660
2022-05-20 00:00:00
K56851402 : Linux kernel vulnerability CVE-2019-17666
2020-09-11 00:00:00
K02354867 : Kernel vulnerability CVE-2020-10711
2020-09-22 00:00:00
symantec
symantec
Linux Kernel CVE-2019-18660 Side Channel Attack Information Disclosure Vulnerability
2019-11-27 00:00:00
Linux Kernel CVE-2019-17666 Buffer Overflow Vulnerability
2019-10-16 00:00:00
nvd
nvd
CVE-2019-18660
2019-11-27 23:15:10
CVE-2019-17666
2019-10-17 02:15:13
CVE-2020-10711
2020-05-22 15:15:11
debiancve
debiancve
CVE-2019-18660
2019-11-27 23:15:10
CVE-2019-17666
2019-10-17 02:15:13
CVE-2020-10711
2020-05-22 15:15:11
nessus
nessus
RHEL 7 : kernel (RHSA-2020:1984)
2020-04-30 00:00:00
RHEL 8 : kernel (RHSA-2020:2429)
2020-06-09 00:00:00
Scientific Linux Security Update : kernel on SL6.x i386/x86_64 (20200715)
2020-07-16 00:00:00
redhat
redhat
(RHSA-2020:2429) Important: kernel security and bug fix update
2020-06-09 18:18:09
(RHSA-2020:1984) Moderate: kernel security and bug fix update
2020-04-30 12:36:29
(RHSA-2020:2933) Moderate: kernel security and bug fix update
2020-07-15 06:54:14
prion
prion
Design/Logic Flaw
2019-11-27 23:15:00
Buffer overflow
2019-10-17 02:15:00
Null pointer dereference
2020-05-22 15:15:00
redhatcve
redhatcve
CVE-2019-18660
2020-04-05 23:06:31
CVE-2019-17666
2019-10-21 11:20:57
CVE-2020-10711
2020-05-12 12:10:08
veracode
veracode
Information Disclosure
2020-06-10 05:02:48
Denial Of Service (DoS)
2020-05-13 03:30:31
ubuntucve
ubuntucve
CVE-2019-18660
2019-11-27 00:00:00
CVE-2019-17666
2019-10-17 00:00:00
CVE-2020-10711
2020-05-12 00:00:00
cvelist
cvelist
CVE-2019-18660
2019-11-27 22:11:42
CVE-2019-17666
2019-10-17 01:47:59
CVE-2020-10711
2020-05-22 14:09:46
openvas
openvas
Mageia: Security Advisory (MGASA-2019-0306)
2022-01-28 00:00:00
Fedora Update for kernel FEDORA-2019-6a67ff8793
2020-01-09 00:00:00
Fedora Update for kernel-tools FEDORA-2019-6a67ff8793
2020-01-09 00:00:00
fedora
fedora
[SECURITY] Fedora 31 Update: kernel-tools-5.3.7-300.fc31
2019-10-24 17:10:10
[SECURITY] Fedora 31 Update: kernel-5.3.7-301.fc31
2019-10-24 17:10:09
[SECURITY] Fedora 32 Update: kernel-5.6.13-300.fc32
2020-05-20 03:22:33
osv
osv
CVE-2020-10711
2020-05-22 15:15:11
archlinux
archlinux
[ASA-201911-10] linux: arbitrary code execution
2019-11-13 00:00:00
[ASA-201911-12] linux-zen: arbitrary code execution
2019-11-13 00:00:00
[ASA-201911-9] linux-hardened: arbitrary code execution
2019-11-07 00:00:00
oraclelinux
oraclelinux
kernel security update
2020-05-13 00:00:00
kernel security and bug fix update
2020-07-17 00:00:00
kernel security update
2020-04-23 00:00:00
amazon
amazon
Important: kernel
2020-05-11 20:37:00
Important: kernel
2020-06-23 06:02:00
Important: kernel
2020-05-11 20:43:00
cbl_mariner
cbl_mariner
CVE-2020-10711 affecting package kernel 5.4.91-6
2021-03-03 03:44:27
centos
centos
kernel, perf, python security update
2020-05-21 14:25:29
kernel, perf, python security update
2020-04-28 00:28:59
bpftool, kernel, perf, python security update
2020-03-18 19:22:23
mageia
mageia
Updated kernel packages fix security vulnerabilities
2019-10-29 17:54:30
Updated kernel packages fix security vulnerability
2020-05-24 21:04:47
Updated kernel-linus packages fix security vulnerabilities
2020-05-24 21:04:47
ibm
ibm
Security Bulletin: IBM Security Guardium is affected by a kernel vulnerability
2020-10-19 17:20:51
Security Bulletin: IBM Security QRadar Packet Capture is vulnerable to Using Components with Known Vulnerabilities
2020-10-28 17:16:55
threatpost
threatpost
Four-Year-Old Critical Linux Wi-Fi Bug Allows System Compromise
2019-10-18 15:55:37
virtuozzo
virtuozzo
Important kernel security update: New kernel 2.6.32-042stab144.1; Virtuozzo 6.0 Update 12 Hotfix 51 (6.0.12-3757)
2020-05-21 00:00:00
Important kernel security update: New kernel 2.6.32-042stab144.1 for Virtuozzo Containers for Linux 4.7, Server Bare Metal 5.0
2020-05-21 00:00:00
Important kernel security update: Virtuozzo ReadyKernel patch 110.0 for Virtuozzo Hybrid Server 7.0 and Virtuozzo Infrastructure Platform 2.5, 3.0 and Virtuozzo Hybrid Infrastructure 3.5
2020-07-06 00:00:00
photon
photon
Important Photon OS Security Update - PHSA-2020-0089
2020-05-13 00:00:00
Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2020-1.0-0293
2020-05-12 00:00:00
Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2020-2.0-0242
2020-05-13 00:00:00
suse
suse
Security update for the Linux Kernel (important)
2019-10-27 00:00:00
Security update for the Linux Kernel (important)
2019-11-05 00:00:00
ubuntu
ubuntu
Linux kernel vulnerabilities
2020-07-06 00:00:00
Linux kernel vulnerabilities
2020-07-06 00:00:00
Linux kernel vulnerabilities
2020-07-02 00:00:00

EPSS

0.008

Percentile

81.7%

JSON
Related for ED8A3D1B7861E9FADE2E56F3710C2F426BD0F046968D24A2807B0DBC778A1AA1
cve3f53symantec2nvd3debiancve3nessus71redhat29prion3redhatcve3veracode2ubuntucve3cvelist3openvas20fedora6osv1archlinux4oraclelinux11amazon3cbl_mariner1centos3mageia3ibm2threatpost1virtuozzo3photon5suse2ubuntu6