- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Printer Friendly Page
06-20-2019 07:31 AM
There are good reasons to believe that NIOS, being built on Linux, is susceptible to among others CVE-2019-11477, the selective ACK kernel panic vulnerability recently disclosed by Netflix. I got the mail today about KB 2899: security alerts being recently updated, but nothing about this SACK panic "feature".
- Anyone got any news on this?
- Anyone tested an appliance against it?
Netflix advisory: https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-001.md
RedHat advisory: https://access.redhat.com/security/vulnerabilities/tcpsack
Solved! Go to Solution.
06-20-2019 10:17 AM
KB 10615 posted yesterday for NIOS 8.4.0-8.4.3. Hotfix available for 8.4.3.
Re: CVE-2019-11477[ Edited ]
06-20-2019 12:08 PM - edited 06-20-2019 12:08 PM
No cookie. That hotfix addresses CVE-2019-6471, not CVE-2019-11477.
06-20-2019 01:37 PM
Sorry, I read it too fast... yesterday I heard from someone on the NetMRI team that NetMRI is not affected and that a KB would be posted today, as soon as the NIOS one was posted. So expect it soon.
06-22-2019 02:57 PM
The vulnerability notice, with associated hotfix and instruction, was made available some 20 hours ago: https://support.infoblox.com/app/answers/detail/a_id/10622
06-26-2019 04:02 AM
applied this hotfix on a test Grid, worked fine.
No affect on DNS Service at all
06-28-2019 02:04 AM
Thank you. Good to know it was a smooth process.