Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2020.0342
Security Bulletin: IBM has announced releases for IBM Security Identity
Governance and Intelligence in response to security vulnerabilities
30 January 2020
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: IBM Security Identity Governance and Intelligence
Publisher: IBM
Operating System: Network Appliance
Impact/Access: Access Privileged Data -- Existing Account
Denial of Service -- Remote/Unauthenticated
Access Confidential Data -- Remote/Unauthenticated
Resolution: Patch/Upgrade
CVE Names: CVE-2019-11479 CVE-2019-11478 CVE-2019-11477
CVE-2019-3815 CVE-2018-16864 CVE-2018-15473
CVE-2018-12404 CVE-2018-11214 CVE-2018-11213
CVE-2018-11212
Reference: ASB-2020.0017
ASB-2019.0178.2
ESB-2020.0314
ESB-2020.0266
Original Bulletin:
https://www.ibm.com/support/pages/node/1284784
https://www.ibm.com/support/pages/node/1284778
https://www.ibm.com/support/pages/node/1284772
https://www.ibm.com/support/pages/node/1284760
https://www.ibm.com/support/pages/node/1284766
Comment: This bulletin contains five (5) IBM security advisories.
- --------------------------BEGIN INCLUDED TEXT--------------------
IBM has announced a release for IBM Security Identity Governance and
Intelligence in response to security vulnerability (CVE-2018-11214,
CVE-2018-11213, CVE-2018-11212)
Security Bulletin
Summary
IBM has announced a release for IBM Security Identity Governance and
Intelligence (IGI) in response to security vulnerability. The libjpeg-turbo
packages contain a library of functions for manipulating JPEG images. They also
contain simple client programs for accessing the libjpeg functions. These
packages provide the same functionality and API as libjpeg but with better
performance. Issues were discovered in libjpeg 9a library.
Vulnerability Details
CVEID: CVE-2018-11214
DESCRIPTION: An issue was discovered in libjpeg 9a. The get_text_rgb_row
function in rdppm.c allows remote attackers to cause a denial of service
(Segmentation fault) via a crafted file.
CVSS Base score: 3.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/
143427 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L)
CVEID: CVE-2018-11213
DESCRIPTION: An issue was discovered in libjpeg 9a. The get_text_gray_row
function in rdppm.c allows remote attackers to cause a denial of service
(Segmentation fault) via a crafted file.
CVSS Base score: 3.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/
143428 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L)
CVEID: CVE-2018-11212
DESCRIPTION: An issue was discovered in libjpeg 9a. The alloc_sarray function
in jmemmgr.c allows remote attackers to cause a denial of service
(divide-by-zero error) via a crafted file.
CVSS Base score: 3.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/
143429 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L)
Affected Products and Versions
+-------------------------------------------------+----------+
|Affected Product(s) |Version(s)|
+-------------------------------------------------+----------+
|IBM Security Identity Governance and Intelligence|5.2.4 |
+-------------------------------------------------+----------+
|IBM Security Identity Governance and Intelligence|5.2.5 |
+-------------------------------------------------+----------+
Remediation/Fixes
+-------------------------------------------+---------+-----------------------+
|Affected Product(s) |Version |First Fix |
| |(s) | |
+-------------------------------------------+---------+-----------------------+
|IBM Security Identity Governance and |5.2.4 |5.2.6.0-ISS-SIGI-FP0000|
|Intelligence | | |
+-------------------------------------------+---------+-----------------------+
|IBM Security Identity Governance and |5.2.5 |5.2.6.0-ISS-SIGI-FP0000|
|Intelligence | | |
+-------------------------------------------+---------+-----------------------+
Workarounds and Mitigations
None
Get Notified about Future Security Bulletins
References
- --------------------------------------------------------------------------------
IBM has announced a release for IBM Security Identity Governance and
Intelligence in response to security vulnerability (CVE-2018-12404)
Security Bulletin
Summary
IBM has announced a release for IBM Security Identity Governance and
Intelligence (IGI) in response to security vulnerability. A cached side channel
attack during handshakes using RSA encryption could allow for the decryption of
encrypted content. This is a variant of the Adaptive Chosen Ciphertext attack
(AKA Bleichenbacher attack) and affects all NSS versions prior to NSS 3.41.
Vulnerability Details
CVEID: CVE-2018-12404
DESCRIPTION: A cached side channel attack during handshakes using RSA
encryption could allow for the decryption of encrypted content. This is a
variant of the Adaptive Chosen Ciphertext attack (AKA Bleichenbacher attack)
and affects all NSS versions prior to NSS 3.41.
CVSS Base score: 5.1
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/
155087 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N)
Affected Products and Versions
+-------------------------------------------------+----------+
|Affected Product(s) |Version(s)|
+-------------------------------------------------+----------+
|IBM Security Identity Governance and Intelligence|5.2.4 |
+-------------------------------------------------+----------+
|IBM Security Identity Governance and Intelligence|5.2.5 |
+-------------------------------------------------+----------+
Remediation/Fixes
+-------------------------------------------+---------+-----------------------+
|Affected Product(s) |Version |First Fix |
| |(s) | |
+-------------------------------------------+---------+-----------------------+
|IBM Security Identity Governance and |5.2.4 |5.2.6.0-ISS-SIGI-FP0000|
|Intelligence | | |
+-------------------------------------------+---------+-----------------------+
|IBM Security Identity Governance and |5.2.5 |5.2.6.0-ISS-SIGI-FP0000|
|Intelligence | | |
+-------------------------------------------+---------+-----------------------+
Workarounds and Mitigations
None
Get Notified about Future Security Bulletins
References
- --------------------------------------------------------------------------------
IBM has announced a release for IBM Security Identity Governance and
Intelligence in response to security vulnerability (CVE-2018-15473)
Security Bulletin
Summary
IBM has announced a release for IBM Security Identity Governance and
Intelligence (IGI) in response to security vulnerability. OpenSSH through 7.7
is prone to a user enumeration vulnerability due to not delaying bailout for an
invalid authenticating user until after the packet containing the request has
been fully parsed, related to auth2-gss.c, auth2-hostbased.c, and
auth2-pubkey.c.
Vulnerability Details
CVEID: CVE-2018-15473
DESCRIPTION: OpenSSH through 7.7 is prone to a user enumeration vulnerability
due to not delaying bailout for an invalid authenticating user until after the
packet containing the request has been fully parsed, related to auth2-gss.c,
auth2-hostbased.c, and auth2-pubkey.c.
CVSS Base score: 5.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/
148397 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
Affected Products and Versions
+-------------------------------------------------+----------+
|Affected Product(s) |Version(s)|
+-------------------------------------------------+----------+
|IBM Security Identity Governance and Intelligence|5.2.4 |
+-------------------------------------------------+----------+
|IBM Security Identity Governance and Intelligence|5.2.5 |
+-------------------------------------------------+----------+
Remediation/Fixes
+-------------------------------------------+---------+-----------------------+
|Affected Product(s) |Version |First Fix |
| |(s) | |
+-------------------------------------------+---------+-----------------------+
|IBM Security Identity Governance and |5.2.4 |5.2.6.0-ISS-SIGI-FP0000|
|Intelligence | | |
+-------------------------------------------+---------+-----------------------+
|IBM Security Identity Governance and |5.2.5 |5.2.6.0-ISS-SIGI-FP0000|
|Intelligence | | |
+-------------------------------------------+---------+-----------------------+
Workarounds and Mitigations
None
Get Notified about Future Security Bulletins
References
- --------------------------------------------------------------------------------
IBM has announced a release for IBM Security Identity Governance and
Intelligence in response to security vulnerability (CVE-2019-11479,
CVE-2019-11478, CVE-2019-11477)
Security Bulletin
Summary
IBM has announced a release for IBM Security Identity Governance and
Intelligence (IGI) in response to security vulnerability. The kernel packages
contain the Linux kernel, the core of any Linux operating system. An integer
overflow flaw was found in the way the Linux kernel's networking subsystem
processed TCP Selective Acknowledgment (SACK) segments. Also, excessive
resource consumption (while processing SACK blocks or for TCP connections with
low MSS) allows remote denial of service.
Vulnerability Details
CVEID: CVE-2019-11479
DESCRIPTION: Jonathan Looney discovered that the Linux kernel default MSS is
hard-coded to 48 bytes. This allows a remote peer to fragment TCP resend queues
significantly more than if a larger MSS were enforced. A remote attacker could
use this to cause a denial of service. This has been fixed in stable kernel
releases 4.4.182, 4.9.182, 4.14.127, 4.19.52, 5.1.11, and is fixed in commits
967c05aee439e6e5d7d805e195b3a20ef5c433d6 and
5f3e2bf008c2221478101ee72f5cb4654b9fc363.
CVSS Base score: 7.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/
162665 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
CVEID: CVE-2019-11478
DESCRIPTION: Jonathan Looney discovered that the TCP retransmission queue
implementation in tcp_fragment in the Linux kernel could be fragmented when
handling certain TCP Selective Acknowledgment (SACK) sequences. A remote
attacker could use this to cause a denial of service. This has been fixed in
stable kernel releases 4.4.182, 4.9.182, 4.14.127, 4.19.52, 5.1.11, and is
fixed in commit f070ef2ac66716357066b683fb0baf55f8191a2e.
CVSS Base score: 7.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/
162664 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
CVEID: CVE-2019-11477
DESCRIPTION: Jonathan Looney discovered that the TCP_SKB_CB(skb)->tcp_gso_segs
value was subject to an integer overflow in the Linux kernel when handling TCP
Selective Acknowledgments (SACKs). A remote attacker could use this to cause a
denial of service. This has been fixed in stable kernel releases 4.4.182,
4.9.182, 4.14.127, 4.19.52, 5.1.11, and is fixed in commit
3b4929f65b0d8249f19a50245cd88ed1a2f78cff.
CVSS Base score: 7.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/
162662 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
Affected Products and Versions
+-------------------------------------------------+----------+
|AffectedProduct (s) |Version(s)|
+-------------------------------------------------+----------+
|IBM Security Identity Governance and Intelligence|5.2.4 |
+-------------------------------------------------+----------+
|IBM Security Identity Governance and Intelligence|5.2.5.1 |
+-------------------------------------------------+----------+
Remediation/Fixes
+-------------------------------------------+---------+-----------------------+
|Affected Product(s) |Version |First Fix |
| |(s) | |
+-------------------------------------------+---------+-----------------------+
|IBM Security Identity Governance and |5.2.4 |5.2.6.0-ISS-SIGI-FP0000|
|Intelligence | | |
+-------------------------------------------+---------+-----------------------+
|IBM Security Identity Governance and |5.2.5 |5.2.6.0-ISS-SIGI-FP0000|
|Intelligence | | |
+-------------------------------------------+---------+-----------------------+
Workarounds and Mitigations
None
Get Notified about Future Security Bulletins
References
- --------------------------------------------------------------------------------
IBM has announced a release for IBM Security Identity Governance and
Intelligence in response to security vulnerability (CVE-2019-3815)
Security Bulletin
Summary
IBM has announced a release for IBM Security Identity Governance and
Intelligence (IGI) in response to security vulnerability. The systemd packages
contain systemd, a system and service manager for Linux, compatible with the
SysV and LSB init scripts. A memory leak was discovered in the backport of
fixes for CVE-2018-16864 in Red Hat Enterprise Linux. Function
dispatch_message_real() in journald-server.c does not free the memory allocated
by set_iovec_field_free() to store the `_CMDLINE=` entry. A local attacker may
use this flaw to make systemd-journald crash.
Vulnerability Details
CVEID: CVE-2019-3815
DESCRIPTION: A memory leak was discovered in the backport of fixes for
CVE-2018-16864 in Red Hat Enterprise Linux. Function dispatch_message_real() in
journald-server.c does not free the memory allocated by set_iovec_field_free()
to store the `_CMDLINE=` entry. A local attacker may use this flaw to make
systemd-journald crash. This issue only affects versions shipped with Red Hat
Enterprise since v219-62.2.
CVSS Base score: 4
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/
156227 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)
Affected Products and Versions
+-------------------------------------------------+----------+
|Affected Product(s) |Version(s)|
+-------------------------------------------------+----------+
|IBM Security Identity Governance and Intelligence|5.2.4 |
+-------------------------------------------------+----------+
|IBM Security Identity Governance and Intelligence|5.2.5 |
+-------------------------------------------------+----------+
Remediation/Fixes
+-------------------------------------------+---------+-----------------------+
|Affected Product(s) |Version |First Fix |
| |(s) | |
+-------------------------------------------+---------+-----------------------+
|IBM Security Identity Governance and |5.2.4 |5.2.6.0-ISS-SIGI-FP0000|
|Intelligence | | |
+-------------------------------------------+---------+-----------------------+
|IBM Security Identity Governance and |5.2.5 |5.2.6.0-ISS-SIGI-FP0000|
|Intelligence | | |
+-------------------------------------------+---------+-----------------------+
Workarounds and Mitigations
None
Get Notified about Future Security Bulletins
References
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
https://www.auscert.org.au/bulletins/
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQIVAwUBXjJUDmaOgq3Tt24GAQjAcg/9FaBpv0f8RcvTIiQi3eOfY6ARKKV9Q0+x
7nW/N3EOJYlwv3O1Ky/o0ASwzV5dnw+idduxfkqYZKIlLmKqa+h/SFbzORYj+81L
2C5zOiIGwERRBAS/hu74qjCQ9tXEeyZc7d2vrgi9l58J+FtNxakmYJcJ1to/XcSO
e8PthXRp0lMQ0EKy68zH32cNGy72cumf8642EKqG/9z/Mt6iLzA3m5LxcMa9TTx6
Pvamuclp51VJyo/LQWRrKN2sHuxKxmhVb8Bsla2YbrvDyBk8QPCMClN9q+ElshkD
+QNOmM8TrnYX7zb/on+k4EnnTgwaWUOWwuIy1YGVwOJdfldsgZJKY8llRash6517
n70xRrQkxK6Y1EkDubadW7kzb0syU3tnsGQ7fMXApsGVAhdLjFOviu0ZZPi7sKV0
sLULncZqCNRme5bRIgFjJgGP/Xt2a69IoSUonZXLLpDK4mx4t5SPWroKDBjnmsk2
Zmqt6LoW77UqKrs8cqaCmWjcgfHnyiXE0o+UQgGsFyNQr9bgxKRbJxDJ2COIFZ1M
PSAOWVJtIu99Rwyn4MQ/UKIWw4U3WZr9espDqN6oh0oD0ysVvvTclrdavhIbPggh
AVy63gZ8M8Y9coYgtA44dP47OMtofuI5RwWWJOV4eztU0o3CP7rZP382X0M9AaBG
ogylVoieig0=
=2W7P
-----END PGP SIGNATURE-----