CVE-2019-12265:

Overview

Remediation

• Apply the vendor-provided patch or firmware update that fixes the IGMPv3/IPNET memory leak (e.g., the Wind River IPNET urgent11 update). Verify patch applicability for your VxWorks version and install it on affected devices.
• If an official patch is not yet available, implement mitigations:
• Disable IGMPv3 or limit IGMPv3 functionality on devices where it is not required.
• Restrict IGMP traffic to trusted network segments and apply strict firewall/ACL rules to control multicast traffic.
• Segment networks to limit exposure of IGMP traffic to impacted devices.
• Monitor memory usage and enable relevant logging to detect unusual IGMP activity or memory growth.
• Validate remediation with testing in a controlled environment and recheck that the patch version is active on all affected systems.
• Maintain an inventory of affected devices and track vendor advisories for new updates or further mitigations.

References

• - Wind River Security: IPNET urgent11 advisory
• https://www.windriver.com/security/announcements/tcp-ip-network-stack-ipnet-urgent11/
• - Wind River CVE view: CVE-2019-12265
• https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2019-12265
• - Wind River security notices
• https://support2.windriver.com/index.php?page=security-notices
• - SonicWall PSIRT: SNWLID-2019-0009
• https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0009
• - Siemens SSA-632562.pdf
• https://cert-portal.siemens.com/productcert/pdf/ssa-632562.pdf
• - NetApp Advisory: NTAP-20190802-0001
• https://security.netapp.com/advisory/ntap-20190802-0001/
• - F5 Article: K41190253
• https://support.f5.com/csp/article/K41190253
• - Siemens SSA-189842.pdf
• https://cert-portal.siemens.com/productcert/pdf/ssa-189842.pdf
• - Siemens SSA-352504.pdf
• https://cert-portal.siemens.com/productcert/pdf/ssa-352504.pdf