Lucene search
IBM4C8CA1383C163507ED1B7874FEE70E6DCE4EDA7CBB08F7BF310F30881A0E0070HistoryFeb 09, 2021 - 9:53 a.m.
Security Bulletin: Vulnerability in psutil affects IBM Spectrum Protect Plus backup and restore of Db2 and MongoDB databases (CVE-2019-18874)
2021-02-0909:53:06
www.ibm.com
9
0.003 Low
EPSS
Percentile
70.5%
Summary
Denial of service vulnerability in psutil may affect IBM Spectrum Protect Plus backup and restore of Db2 and MongoDB databases.
Vulnerability Details
CVEID:CVE-2019-18874
**DESCRIPTION:**psutil is vulnerable to a denial of service, caused by a double free. By using specially-crafted data, a remote attacker could exploit this vulnerability to cause the application to crash.
CVSS Base score: 5.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/171612 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)
Affected Products and Versions
| Affected Product(s) | Version(s) |
|---|---|
| IBM Spectrum Protect Plus Db2 database backup and restore | |
| 10.1.2-10.1.7 | |
| IBM Spectrum Protect Plus MongoDB database backup and restore | 10.1.3-10.1.7 |
Remediation/Fixes
| IBM Spectrum Protect Plus Release | First Fixing VRM Level | Platform | Link to Fix |
|---|---|---|---|
| 10.1 | 10.1.7 ifix2 | ||
| (10.1.7.2) | |||
| AIX | |||
| Linux | https://www.ibm.com/support/pages/node/6330495 |
Workarounds and Mitigations
None
| CPE | Name | Operator | Version |
|---|---|---|---|
| ibm spectrum protect plus | eq | 10.1 |
Related
alpinelinux
alpinelinux
CVE-2019-18874
2019-11-12 02:15:10
cbl_mariner
cbl_mariner
CVE-2019-18874 affecting package python-psutil 5.6.3-4
2021-08-11 06:39:26
osv
osv
CVE-2019-18874
2019-11-12 02:15:10
PYSEC-2019-41
2019-11-12 02:15:00
Double Free in psutil
2020-03-12 17:02:50
openvas
openvas
Mageia: Security Advisory (MGASA-2019-0370)
2022-01-28 00:00:00
Debian: Security Advisory (DLA-1998-1)
2019-11-26 00:00:00
Ubuntu: Security Advisory (USN-4204-1)
2019-11-29 00:00:00
nvd
nvd
CVE-2019-18874
2019-11-12 02:15:10
fedora
fedora
[SECURITY] Fedora 31 Update: python-psutil-5.6.7-1.fc31
2020-03-11 22:46:54
[SECURITY] Fedora 30 Update: python-psutil-5.6.7-1.fc30
2020-02-25 14:39:38
redhatcve
redhatcve
CVE-2019-18874
2019-11-13 13:08:07
ubuntucve
ubuntucve
CVE-2019-18874
2019-11-12 00:00:00
debiancve
debiancve
CVE-2019-18874
2019-11-12 02:15:10
redhat
redhat
mageia
mageia
Updated python-psutil packages fix security vulnerability
2019-12-06 17:15:42
rocky
rocky
python-psutil security update
2021-11-09 09:01:04
python38:3.8 and python38-devel:3.8 security update
2021-11-09 12:47:54
freebsd
freebsd
py-psutil -- double free vulnerability
2019-11-12 00:00:00
cvelist
cvelist
CVE-2019-18874
2019-11-12 01:30:29
cve
cve
CVE-2019-18874
2019-11-12 02:15:10
nessus
nessus
RHEL 7 : OpenShift Container Platform 4.3.26 python-psutil (RHSA-2020:2635)
2020-06-24 00:00:00
AlmaLinux 8 : python-psutil (ALSA-2021:4324)
2022-02-09 00:00:00
oraclelinux
oraclelinux
python-psutil security update
2021-11-16 00:00:00
python38:3.8 and python38-devel:3.8 security update
2021-11-16 00:00:00
ibm
ibm
Security Bulletin: Security vulnerability affects IBM Cloud Object Storage SDK Python (January 2020 Bulletin)
2020-01-17 16:59:43
altlinux
altlinux
github
github
Double Free in psutil
2020-03-12 17:02:50
ubuntu
ubuntu
psutil vulnerability
2019-11-28 00:00:00
veracode
veracode
Arbitrary Code Execution
2019-11-13 03:53:48
prion
prion
Double free
2019-11-12 02:15:00
debian
debian
[SECURITY] [DLA 1998-1] python-psutil security update
2019-11-18 18:55:02
almalinux
almalinux
Moderate: python-psutil security update
2021-11-09 09:01:04
Moderate: python38:3.8 and python38-devel:3.8 security update
2021-11-09 12:47:54
0.003 Low
EPSS
Percentile
70.5%
Related for 4C8CA1383C163507ED1B7874FEE70E6DCE4EDA7CBB08F7BF310F30881A0E0070