← back
CVE-2018-1426

CVE-2018-1426

CVSS 7.4 HIGHEPSS 2.5%
IBM GSKit (IBM DB2 for Linux, UNIX and Windows 9.7, 10.1, 10.5, and 11.1) duplicates the PRNG state across fork() system calls when multiple ICC instances are loaded which could result in duplicate Session IDs and a risk of duplicate key material. IBM X-Force ID: 139071.
CVSS:3.0/A:N/AC:H/AV:N/C:H/I:H/PR:N/S:U/UI:N
Affected products
IBM · DB2 for Linux, UNIX and Windows

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://exchange.xforce.ibmcloud.com/vulnerabilities/139071http://www.ibm.com/support/docview.wss?uid=swg22013756http://www.securityfocus.com/bid/105580http://www.securitytracker.com/id/1041012