Linux Kernel Vulnerabilities May-June 2019

SYMSA1492
Last Updated January 27, 2020
Initial Publication Date September 05, 2019
Copy Article Title/URL
Feedback
Subscribe
  • Status: Open
  • Severity: High
  • CVSS Base Score: 8.1

Symantec Network Protection products using affected versions of the Linux kernel are susceptible to multiple vulnerabilities. A remote attacker can cause denial of service through resource exhaustion and memory corruption. A local attacker can escalate their privileges on the system.

Content Analysis (CA)
CVE Supported Version(s) Remediation
CVE-2019-11477, CVE-2019-11478,
CVE-2019-11479		 2.3 Not available at this time
2.4 Not available at this time

 

Director
CVE Supported Version(s) Remediation
CVE-2019-11478, CVE-2019-11479 6.1 Not available at this time

 

Mail Threat Defense (MTD)
CVE Supported Version(s) Remediation
CVE-2019-11477, CVE-2019-11478,
CVE-2019-11479		 1.1 Not available at this time

 

Malware Analysis (MA)
CVE Supported Version(s) Remediation
CVE-2019-11477, CVE-2019-11478,
CVE-2019-11479		 4.2 Upgrade to a version of Content Analysis with fixes.

 

Management Center (MC)
CVE Supported Version(s) Remediation
CVE-2019-11477, CVE-2019-11478,
CVE-2019-11479		 2.2 and later Not available at this time

 

PacketShaper (PS) S-Series
CVE Supported Version(s) Remediation
CVE-2019-11477, CVE-2019-11478,
CVE-2019-11479		 11.6 Not available at this time
11.9 Not available at this time
11.10 Not available at this time

 

PolicyCenter (PC) S-Series
CVE Supported Version(s) Remediation
CVE-2019-11477, CVE-2019-11478,
CVE-2019-11479		 1.1 Not available at this time

 

Reporter
CVE Supported Version(s) Remediation
CVE-2019-11477, CVE-2019-11478,
CVE-2019-11479		 10.3 Not available at this time
10.4 Not available at this time

 

Security Analytics (SA)
CVE Supported Version(s) Remediation
CVE-2019-11477, CVE-2019-11478,
CVE-2019-11479		 7.2 Not available at this time
7.3 Not available at this time
8.0 Not available at this time

 

SSL Visibility (SSLV)
CVE Supported Version(s) Remediation
CVE-2019-11477, CVE-2019-11478,
CVE-2019-11479		 3.10 Not available at this time
3.12 Not available at this time
4.4 Not available at this time
4.5 Not available at this time
5.0 Not available at this time

 

Web Isolation (WI)
CVE Supported Version(s) Remediation
CVE-2019-11477, CVE-2019-11478,
CVE-2019-11479		 1.12 Upgrade to 1.12.21+433.
1.13 and later Not vulnerable, fixed.

 

X-Series XOS
CVE Supported Version(s) Remediation
CVE-2019-11477 10.0 Not vulnerable
11.0 Not available at this time
CVE-2019-11478, CVE-2019-11479 10.0, 11.0 Not available at this time
CVE-2019-11815 10.0, 11.0 Under investigation

 

The following products are not vulnerable:
Advanced Secure Gateway
AuthConnector
BCAAA
CacheFlow (CF)
Cloud Data Protection (CDP) for Salesforce
Cloud Data Protection (CDP) for ServiceNow
Cloud Data Protection (CDP) for Oracle CRM on Demand
Cloud Data Protection (CDP) Communication Server
Cloud Data Protection (CDP) Integration Server
General Auth Connector Login Application
PacketShaper (PS)
PolicyCenter (PC)
ProxyAV
ProxyAV ConLog and ConLogXP
ProxySG
Symantec HSM Agent for the Luna SP
Unified Agent (UA)
WSS Agent (WSSA)
WSS Mobile Agent

CVE-2019-11815
Severity / CVSSv3 High / 8.1 (AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H)
References SecurityFocus: BID 108283 / NVD: CVE-2019-11815
Impact Denial of service, privilege escalation
Description A user-after-free flaw in the RDS over TCP implementation allows a remote attacker to corrupt the target's memory or a local attacker to escalate their privileges on the system.

 

CVE-2019-11477
Severity / CVSSv3 High / 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
References SecurityFocus: BID 108801 / NVD: CVE-2019-11477
Impact Denial of service
Description An integer overflow flag in TCP SACK processing allows a remote attacker to send crafted SACK segments on a TCP connection and cause denial of service through memory corruption.

 

CVE-2019-11478
Severity / CVSSv3 High / 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
References SecurityFocus: BID 108798 / NVD: CVE-2019-11478
Impact Denial of service
Description An excessive resource consumption flaw in TCP SACK processing allows a remote attacker to send crafted SACK segments on a TCP connection and cause denial of service.

 

CVE-2019-11479
Severity / CVSSv3 High / 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
References SecurityFocus: BID 108818 / NVD: CVE-2019-11479
Impact Denial of service
Description An excessive resource consumption flaw in TCP processing allows a remote attacker to send network traffic with low MSS on a TCP connection and cause denial of service.

 

[NFLX-2019-001] Linux and FreeBSD Kernel: Multiple TCP-based remote denial of service vulnerabilities - https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-001.md

2020-01-26 MC 2.4 is vulnerable to CVE-2019-11477, CVE-2019-11478, and CVE-2019-11479.
2020-01-19 A fix for Malware Analysis will not be provided. Please upgrade to a version of Content Analysis with the vulnerability fixes.
2019-10-07 WI 1.13 is not vulnerable.
2019-09-26 Advanced Secure Gateway (ASG) is not vulnerable.
2019-09-05 initial public release

Thanks for your feedback. Let us know if you have additional comments below. (requires login)

    © 1995-2020 Broadcom. All Rights Reserved. The term “Broadcom” refers to Broadcom Inc. and/or its subsidiaries.