Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2020.0342 Security Bulletin: IBM has announced releases for IBM Security Identity Governance and Intelligence in response to security vulnerabilities 30 January 2020 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: IBM Security Identity Governance and Intelligence Publisher: IBM Operating System: Network Appliance Impact/Access: Access Privileged Data -- Existing Account Denial of Service -- Remote/Unauthenticated Access Confidential Data -- Remote/Unauthenticated Resolution: Patch/Upgrade CVE Names: CVE-2019-11479 CVE-2019-11478 CVE-2019-11477 CVE-2019-3815 CVE-2018-16864 CVE-2018-15473 CVE-2018-12404 CVE-2018-11214 CVE-2018-11213 CVE-2018-11212 Reference: ASB-2020.0017 ASB-2019.0178.2 ESB-2020.0314 ESB-2020.0266 Original Bulletin: https://www.ibm.com/support/pages/node/1284784 https://www.ibm.com/support/pages/node/1284778 https://www.ibm.com/support/pages/node/1284772 https://www.ibm.com/support/pages/node/1284760 https://www.ibm.com/support/pages/node/1284766 Comment: This bulletin contains five (5) IBM security advisories. - --------------------------BEGIN INCLUDED TEXT-------------------- IBM has announced a release for IBM Security Identity Governance and Intelligence in response to security vulnerability (CVE-2018-11214, CVE-2018-11213, CVE-2018-11212) Security Bulletin Summary IBM has announced a release for IBM Security Identity Governance and Intelligence (IGI) in response to security vulnerability. The libjpeg-turbo packages contain a library of functions for manipulating JPEG images. They also contain simple client programs for accessing the libjpeg functions. These packages provide the same functionality and API as libjpeg but with better performance. Issues were discovered in libjpeg 9a library. Vulnerability Details CVEID: CVE-2018-11214 DESCRIPTION: An issue was discovered in libjpeg 9a. The get_text_rgb_row function in rdppm.c allows remote attackers to cause a denial of service (Segmentation fault) via a crafted file. CVSS Base score: 3.3 CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/ 143427 for the current score. CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) CVEID: CVE-2018-11213 DESCRIPTION: An issue was discovered in libjpeg 9a. The get_text_gray_row function in rdppm.c allows remote attackers to cause a denial of service (Segmentation fault) via a crafted file. CVSS Base score: 3.3 CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/ 143428 for the current score. CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) CVEID: CVE-2018-11212 DESCRIPTION: An issue was discovered in libjpeg 9a. The alloc_sarray function in jmemmgr.c allows remote attackers to cause a denial of service (divide-by-zero error) via a crafted file. CVSS Base score: 3.3 CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/ 143429 for the current score. CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) Affected Products and Versions +-------------------------------------------------+----------+ |Affected Product(s) |Version(s)| +-------------------------------------------------+----------+ |IBM Security Identity Governance and Intelligence|5.2.4 | +-------------------------------------------------+----------+ |IBM Security Identity Governance and Intelligence|5.2.5 | +-------------------------------------------------+----------+ Remediation/Fixes +-------------------------------------------+---------+-----------------------+ |Affected Product(s) |Version |First Fix | | |(s) | | +-------------------------------------------+---------+-----------------------+ |IBM Security Identity Governance and |5.2.4 |5.2.6.0-ISS-SIGI-FP0000| |Intelligence | | | +-------------------------------------------+---------+-----------------------+ |IBM Security Identity Governance and |5.2.5 |5.2.6.0-ISS-SIGI-FP0000| |Intelligence | | | +-------------------------------------------+---------+-----------------------+ Workarounds and Mitigations None Get Notified about Future Security Bulletins References - -------------------------------------------------------------------------------- IBM has announced a release for IBM Security Identity Governance and Intelligence in response to security vulnerability (CVE-2018-12404) Security Bulletin Summary IBM has announced a release for IBM Security Identity Governance and Intelligence (IGI) in response to security vulnerability. A cached side channel attack during handshakes using RSA encryption could allow for the decryption of encrypted content. This is a variant of the Adaptive Chosen Ciphertext attack (AKA Bleichenbacher attack) and affects all NSS versions prior to NSS 3.41. Vulnerability Details CVEID: CVE-2018-12404 DESCRIPTION: A cached side channel attack during handshakes using RSA encryption could allow for the decryption of encrypted content. This is a variant of the Adaptive Chosen Ciphertext attack (AKA Bleichenbacher attack) and affects all NSS versions prior to NSS 3.41. CVSS Base score: 5.1 CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/ 155087 for the current score. CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N) Affected Products and Versions +-------------------------------------------------+----------+ |Affected Product(s) |Version(s)| +-------------------------------------------------+----------+ |IBM Security Identity Governance and Intelligence|5.2.4 | +-------------------------------------------------+----------+ |IBM Security Identity Governance and Intelligence|5.2.5 | +-------------------------------------------------+----------+ Remediation/Fixes +-------------------------------------------+---------+-----------------------+ |Affected Product(s) |Version |First Fix | | |(s) | | +-------------------------------------------+---------+-----------------------+ |IBM Security Identity Governance and |5.2.4 |5.2.6.0-ISS-SIGI-FP0000| |Intelligence | | | +-------------------------------------------+---------+-----------------------+ |IBM Security Identity Governance and |5.2.5 |5.2.6.0-ISS-SIGI-FP0000| |Intelligence | | | +-------------------------------------------+---------+-----------------------+ Workarounds and Mitigations None Get Notified about Future Security Bulletins References - -------------------------------------------------------------------------------- IBM has announced a release for IBM Security Identity Governance and Intelligence in response to security vulnerability (CVE-2018-15473) Security Bulletin Summary IBM has announced a release for IBM Security Identity Governance and Intelligence (IGI) in response to security vulnerability. OpenSSH through 7.7 is prone to a user enumeration vulnerability due to not delaying bailout for an invalid authenticating user until after the packet containing the request has been fully parsed, related to auth2-gss.c, auth2-hostbased.c, and auth2-pubkey.c. Vulnerability Details CVEID: CVE-2018-15473 DESCRIPTION: OpenSSH through 7.7 is prone to a user enumeration vulnerability due to not delaying bailout for an invalid authenticating user until after the packet containing the request has been fully parsed, related to auth2-gss.c, auth2-hostbased.c, and auth2-pubkey.c. CVSS Base score: 5.3 CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/ 148397 for the current score. CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) Affected Products and Versions +-------------------------------------------------+----------+ |Affected Product(s) |Version(s)| +-------------------------------------------------+----------+ |IBM Security Identity Governance and Intelligence|5.2.4 | +-------------------------------------------------+----------+ |IBM Security Identity Governance and Intelligence|5.2.5 | +-------------------------------------------------+----------+ Remediation/Fixes +-------------------------------------------+---------+-----------------------+ |Affected Product(s) |Version |First Fix | | |(s) | | +-------------------------------------------+---------+-----------------------+ |IBM Security Identity Governance and |5.2.4 |5.2.6.0-ISS-SIGI-FP0000| |Intelligence | | | +-------------------------------------------+---------+-----------------------+ |IBM Security Identity Governance and |5.2.5 |5.2.6.0-ISS-SIGI-FP0000| |Intelligence | | | +-------------------------------------------+---------+-----------------------+ Workarounds and Mitigations None Get Notified about Future Security Bulletins References - -------------------------------------------------------------------------------- IBM has announced a release for IBM Security Identity Governance and Intelligence in response to security vulnerability (CVE-2019-11479, CVE-2019-11478, CVE-2019-11477) Security Bulletin Summary IBM has announced a release for IBM Security Identity Governance and Intelligence (IGI) in response to security vulnerability. The kernel packages contain the Linux kernel, the core of any Linux operating system. An integer overflow flaw was found in the way the Linux kernel's networking subsystem processed TCP Selective Acknowledgment (SACK) segments. Also, excessive resource consumption (while processing SACK blocks or for TCP connections with low MSS) allows remote denial of service. Vulnerability Details CVEID: CVE-2019-11479 DESCRIPTION: Jonathan Looney discovered that the Linux kernel default MSS is hard-coded to 48 bytes. This allows a remote peer to fragment TCP resend queues significantly more than if a larger MSS were enforced. A remote attacker could use this to cause a denial of service. This has been fixed in stable kernel releases 4.4.182, 4.9.182, 4.14.127, 4.19.52, 5.1.11, and is fixed in commits 967c05aee439e6e5d7d805e195b3a20ef5c433d6 and 5f3e2bf008c2221478101ee72f5cb4654b9fc363. CVSS Base score: 7.5 CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/ 162665 for the current score. CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) CVEID: CVE-2019-11478 DESCRIPTION: Jonathan Looney discovered that the TCP retransmission queue implementation in tcp_fragment in the Linux kernel could be fragmented when handling certain TCP Selective Acknowledgment (SACK) sequences. A remote attacker could use this to cause a denial of service. This has been fixed in stable kernel releases 4.4.182, 4.9.182, 4.14.127, 4.19.52, 5.1.11, and is fixed in commit f070ef2ac66716357066b683fb0baf55f8191a2e. CVSS Base score: 7.5 CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/ 162664 for the current score. CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) CVEID: CVE-2019-11477 DESCRIPTION: Jonathan Looney discovered that the TCP_SKB_CB(skb)->tcp_gso_segs value was subject to an integer overflow in the Linux kernel when handling TCP Selective Acknowledgments (SACKs). A remote attacker could use this to cause a denial of service. This has been fixed in stable kernel releases 4.4.182, 4.9.182, 4.14.127, 4.19.52, 5.1.11, and is fixed in commit 3b4929f65b0d8249f19a50245cd88ed1a2f78cff. CVSS Base score: 7.5 CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/ 162662 for the current score. CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) Affected Products and Versions +-------------------------------------------------+----------+ |AffectedProduct (s) |Version(s)| +-------------------------------------------------+----------+ |IBM Security Identity Governance and Intelligence|5.2.4 | +-------------------------------------------------+----------+ |IBM Security Identity Governance and Intelligence|5.2.5.1 | +-------------------------------------------------+----------+ Remediation/Fixes +-------------------------------------------+---------+-----------------------+ |Affected Product(s) |Version |First Fix | | |(s) | | +-------------------------------------------+---------+-----------------------+ |IBM Security Identity Governance and |5.2.4 |5.2.6.0-ISS-SIGI-FP0000| |Intelligence | | | +-------------------------------------------+---------+-----------------------+ |IBM Security Identity Governance and |5.2.5 |5.2.6.0-ISS-SIGI-FP0000| |Intelligence | | | +-------------------------------------------+---------+-----------------------+ Workarounds and Mitigations None Get Notified about Future Security Bulletins References - -------------------------------------------------------------------------------- IBM has announced a release for IBM Security Identity Governance and Intelligence in response to security vulnerability (CVE-2019-3815) Security Bulletin Summary IBM has announced a release for IBM Security Identity Governance and Intelligence (IGI) in response to security vulnerability. The systemd packages contain systemd, a system and service manager for Linux, compatible with the SysV and LSB init scripts. A memory leak was discovered in the backport of fixes for CVE-2018-16864 in Red Hat Enterprise Linux. Function dispatch_message_real() in journald-server.c does not free the memory allocated by set_iovec_field_free() to store the `_CMDLINE=` entry. A local attacker may use this flaw to make systemd-journald crash. Vulnerability Details CVEID: CVE-2019-3815 DESCRIPTION: A memory leak was discovered in the backport of fixes for CVE-2018-16864 in Red Hat Enterprise Linux. Function dispatch_message_real() in journald-server.c does not free the memory allocated by set_iovec_field_free() to store the `_CMDLINE=` entry. A local attacker may use this flaw to make systemd-journald crash. This issue only affects versions shipped with Red Hat Enterprise since v219-62.2. CVSS Base score: 4 CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/ 156227 for the current score. CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) Affected Products and Versions +-------------------------------------------------+----------+ |Affected Product(s) |Version(s)| +-------------------------------------------------+----------+ |IBM Security Identity Governance and Intelligence|5.2.4 | +-------------------------------------------------+----------+ |IBM Security Identity Governance and Intelligence|5.2.5 | +-------------------------------------------------+----------+ Remediation/Fixes +-------------------------------------------+---------+-----------------------+ |Affected Product(s) |Version |First Fix | | |(s) | | +-------------------------------------------+---------+-----------------------+ |IBM Security Identity Governance and |5.2.4 |5.2.6.0-ISS-SIGI-FP0000| |Intelligence | | | +-------------------------------------------+---------+-----------------------+ |IBM Security Identity Governance and |5.2.5 |5.2.6.0-ISS-SIGI-FP0000| |Intelligence | | | +-------------------------------------------+---------+-----------------------+ Workarounds and Mitigations None Get Notified about Future Security Bulletins References - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBXjJUDmaOgq3Tt24GAQjAcg/9FaBpv0f8RcvTIiQi3eOfY6ARKKV9Q0+x 7nW/N3EOJYlwv3O1Ky/o0ASwzV5dnw+idduxfkqYZKIlLmKqa+h/SFbzORYj+81L 2C5zOiIGwERRBAS/hu74qjCQ9tXEeyZc7d2vrgi9l58J+FtNxakmYJcJ1to/XcSO e8PthXRp0lMQ0EKy68zH32cNGy72cumf8642EKqG/9z/Mt6iLzA3m5LxcMa9TTx6 Pvamuclp51VJyo/LQWRrKN2sHuxKxmhVb8Bsla2YbrvDyBk8QPCMClN9q+ElshkD +QNOmM8TrnYX7zb/on+k4EnnTgwaWUOWwuIy1YGVwOJdfldsgZJKY8llRash6517 n70xRrQkxK6Y1EkDubadW7kzb0syU3tnsGQ7fMXApsGVAhdLjFOviu0ZZPi7sKV0 sLULncZqCNRme5bRIgFjJgGP/Xt2a69IoSUonZXLLpDK4mx4t5SPWroKDBjnmsk2 Zmqt6LoW77UqKrs8cqaCmWjcgfHnyiXE0o+UQgGsFyNQr9bgxKRbJxDJ2COIFZ1M PSAOWVJtIu99Rwyn4MQ/UKIWw4U3WZr9espDqN6oh0oD0ysVvvTclrdavhIbPggh AVy63gZ8M8Y9coYgtA44dP47OMtofuI5RwWWJOV4eztU0o3CP7rZP382X0M9AaBG ogylVoieig0= =2W7P -----END PGP SIGNATURE-----