Lucene search

IBM475B1D5AA0EDB6A4A0012EA2C2D64B9388A6ACC5779414E8E1A98AC9B641F6AF

HistoryJun 22, 2018 - 2:26 a.m.

Security Bulletin: IBM Security Access Manager Appliance is affected by a kernel vulnerability (CVE-2017-5970)

2018-06-2202:26:47

www.ibm.com

0.008 Low

EPSS

Percentile

82.0%

JSON

Summary

IBM Security Access Manager Appliance has addressed the following vulnerability.

Vulnerability Details

CVEID: CVE-2017-5970**
DESCRIPTION:** Linux kernel is vulnerable to a denial of service, caused by an error in the ipv4_pktinfo_prepare function in net/ipv4/ip_sockglue.c. By using a specially-crafted application that makes malformed system calls or IPv4 traffic with invalid IP options, a remote attacker could exploit this vulnerability to cause system to crash.
CVSS Base Score: 7.5
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/122003 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)

Affected Products and Versions

IBM Security Access Manager appliance, versions 9.0.3.0 - 9.0.4.0

Remediation/Fixes

Product

VRMF

APAR

Remediation

—|—|—|—
IBM Security Access Manager| 9.0.3.0-9.0.4.0| IJ03415| Upgrade to 9.0.5.0:
9.0.5-ISS-ISAM-FP0000

Workarounds and Mitigations

None

CPENameOperatorVersion
ibm security access managereq9.0.3
ibm security access managereq9.0.4

CPE	Name	Operator	Version
	ibm security access manager	eq	9.0.3
	ibm security access manager	eq	9.0.4

0.008 Low

EPSS

Percentile

82.0%

JSON

Related for 475B1D5AA0EDB6A4A0012EA2C2D64B9388A6ACC5779414E8E1A98AC9B641F6AF