IBM BladeCenter Advanced Management Module (AMM) has addressed the following Linux kernel vulnerability.
CVEID:CVE-2019-11477
**DESCRIPTION:**Jonathan Looney discovered that the TCP_SKB_CB(skb)->tcp_gso_segs value was subject to an integer overflow in the Linux kernel when handling TCP Selective Acknowledgments (SACKs). A remote attacker could use this to cause a denial of service. This has been fixed in stable kernel releases 4.4.182, 4.9.182, 4.14.127, 4.19.52, 5.1.11, and is fixed in commit 3b4929f65b0d8249f19a50245cd88ed1a2f78cff.
CVSS Base score: 7.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/162662 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
Product(s)
|
Version
β|β
IBM BladeCenter Advanced Management Module (AMM)
|
bpet
IBM BladeCenter T Advanced Management Module (AMM)
|
bbet
Firmware fix versions are available on Fix Central: http://www.ibm.com/support/fixcentral/
Product(s)
|
Fixed Version
β|β
IBM BladeCenter Advanced Management Module (AMM)
(ibm_fw_amm_bpet68m-3.68m_anyos_noarch)
|
bpet68m-3.68m
IBM BladeCenter T Advanced Management Module (AMM)
(ibm_fw_amm_bbet68m-3.68m_anyos_noarch)
|
bbet68m-3.68m
None