Are you interested in our Early Access Program (EAP)? This program allows you to preview code, test in your lab and provide feedback prior to General Availability (GA) release of all Infoblox products. If so, please click the link here.

NIOS DNS DHCP IPAM

Reply

CVE-2019-11477
ÅNordin_1
Techie
Posts: 4

‎06-20-2019 07:31 AM

5830     0

Hi,

 

There are good reasons to believe that NIOS, being built on Linux, is susceptible to among others CVE-2019-11477, the selective ACK kernel panic vulnerability recently disclosed by Netflix. I got the mail today about KB 2899: security alerts being recently updated, but nothing about this SACK panic "feature".

- Anyone got any news on this?
- Anyone tested an appliance against it?

 

Netflix advisory: https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-001.md

RedHat advisory: https://access.redhat.com/security/vulnerabilities/tcpsack

 

BR,

 

Reply
0 Kudos

Re: CVE-2019-11477
MAdkins
Expert
Posts: 65

‎06-20-2019 10:17 AM

5830     0

KB 10615 posted yesterday for NIOS 8.4.0-8.4.3.  Hotfix available for 8.4.3.

https://support.infoblox.com/app/answers/detail/a_id/10615

Reply
0 Kudos

Re: CVE-2019-11477

[ Edited ]
ÅNordin_1
Techie
Posts: 4

‎06-20-2019 12:08 PM - edited ‎06-20-2019 12:08 PM

5830     0

No cookie. That hotfix addresses CVE-2019-6471, not CVE-2019-11477.

 

BR,

 

 

Reply
0 Kudos

Re: CVE-2019-11477
MAdkins
Expert
Posts: 65

‎06-20-2019 01:37 PM

5830     0

Sorry, I read it too fast... yesterday I heard from someone on the NetMRI team that NetMRI is not affected and that a KB would be posted today, as soon as the NIOS one was posted.   So expect it soon.

Reply
0 Kudos

Re: CVE-2019-11477
ÅNordin_1
Techie
Posts: 4

‎06-22-2019 02:57 PM

5830     0

The vulnerability notice, with associated hotfix and instruction, was made available some 20 hours ago: https://support.infoblox.com/app/answers/detail/a_id/10622

 

Reply
0 Kudos

Re: CVE-2019-11477
ssk_fredrik
Member
Posts: 1

‎06-26-2019 04:02 AM

5830     0

Hi,

 

applied this hotfix on a test Grid, worked fine.

No affect on DNS Service at all

 

Thanks,

Fredrik

Reply
0 Kudos

Re: CVE-2019-11477
ÅNordin_1
Techie
Posts: 4

‎06-28-2019 02:04 AM

5830     0

Thank you. Good to know it was a smooth process.

 

Reply
0 Kudos
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Recommended for You

Latest Annoucements

Infoblox Experts Community

You have reached the maximum number of topics allowed as a visitor. Please Login or Join the community to continue to read.

Join for free

TOPICS REMAINING

Register for unlimited browsing. Registration is FREE.

Join Community