IBM577E6752CB94DC8755F2E4A38D9BA5117DD396F8C762252ACA978966E42D7766Security Bulletin: IBM Security Guardium is affected by a kernel vulnerability
0.001 Low
EPSS
Percentile
41.2%
Summary
IBM Security Guardium has fixed this vulnerability
Vulnerability Details
CVEID:CVE-2019-3846
**DESCRIPTION:**Linux Kernel is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the mwifiex_update_bss_desc_with_ie function in drivers/net/wireless/marvell/mwifiex/scan.c. By sending specially-crafted beacon packets, a remote attacker could overflow a buffer and execute arbitrary code or cause a denial of service condition on the system.
CVSS Base score: 8.1
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/161814 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H)
Affected Products and Versions
| Affected Product(s) | Version(s) |
|---|---|
| IBM Security Guardium | 10.5 |
| IBM Security Guardium | 10.6 |
| IBM Security Guardium | 11.0 |
| IBM Security Guardium | 11.1 |
Remediation/Fixes
| Product | Version | Fix |
|---|---|---|
| IBM Security Guardium | 10.5 |
IBM Security Guardium| 10.6| https://www.ibm.com/support/fixcentral/swg/selectFixes?parent=IBM%20Sec…
IBM Security Guardium| 11.0| http://www.ibm.com/support/fixcentral/swg/quickorder?parent=IBM%20Secur…
IBM Security Guardium| 11.1| | |
http://www.ibm.com/support/fixcentral/swg/quickorder?parent=IBM%20Secur…
—|—
Workarounds and Mitigations
None
| CPE | Name | Operator | Version |
|---|---|---|---|
| ibm security guardium | eq | 10.5 | |
| ibm security guardium | eq | 10.6 | |
| ibm security guardium | eq | 11.0 | |
| ibm security guardium | eq | 11.1 |
Related
0.001 Low
EPSS
Percentile
41.2%