High Severity

Security Bulletin: IBM has announced a release for IBM Security Identity Governance and Intelligence in response to security vulnerability (CVE-2019-11479, CVE-2019-11478, CVE-2019-11477)

Share this post:

IBM has announced a release for IBM Security Identity Governance and Intelligence (IGI) in response to security vulnerability. The kernel packages contain the Linux kernel, the core of any Linux operating system. An integer overflow flaw was found in the way the Linux kernel’s networking subsystem processed TCP Selective Acknowledgment (SACK) segments. Also, excessive resource consumption (while processing SACK blocks or for TCP connections with low MSS) allows remote denial of service.

Affected product(s) and affected version(s):

AffectedProduct(s) Version(s)
IBM Security Identity Governance and Intelligence 5.2.4
IBM Security Identity Governance and Intelligence 5.2.5.1

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/1284760

More stories

Security Bulletin: Log Analysis is vulnerable to Injection Attacks

Apr 6, 2020 8:00 pm EDT | High Severity

Operating system commands can be included in user input as parameters and be executed on the system which lead to injection attacks. ...read more


Security Bulletin: IBM Security Guardium is affected by a kernel vulnerability

Apr 3, 2020 8:00 pm EDT | High Severity

IBM Security Guardium has addressed the following vulnerabilities. ...read more


Security Bulletin: IBM Security Guardium is affected by a kernel vulnerability

Apr 3, 2020 8:00 pm EDT | High Severity

IBM Security Guardium has fixed this vulnerability ...read more