SB2024011507 - Multiple vulnerabilities in IBM Spectrum Copy Data Management

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2024011507

SB2024011507 - Multiple vulnerabilities in IBM Spectrum Copy Data Management

Published: January 15, 2024 Updated: February 27, 2024

Security Bulletin ID SB2024011507
Severity
Low
Patch available
YES
Number of vulnerabilities 13
Exploitation vector Local access
Highest impact Code execution

Breakdown by Severity

Low 100%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 13 secuirty vulnerabilities.


1) Out-of-bounds write (CVE-ID: CVE-2023-3812)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a boundary error within the TUN/TAP device driver in Linux kernel. A local user can trigger an out-of-bounds write and execute arbitrary code with elevated privileges.


2) Use-after-free (CVE-ID: CVE-2023-4208)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the the cls_u32 component in Linux kernel packet scheduler. A local user can trigger a use-after-free error and execute arbitrary code with elevated privileges.


3) Race condition (CVE-ID: CVE-2023-35823)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a race condition within the saa7134_finidev() function in drivers/media/pci/saa7134/saa7134-core.c. A local user can exploit the race and gain unauthorized access to sensitive information and escalate privileges on the system.


4) Use-after-free (CVE-ID: CVE-2023-4207)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the the cls_fw component in Linux kernel packet scheduler. A local user can trigger a use-after-free error and execute arbitrary code with elevated privileges.


5) Use-after-free (CVE-ID: CVE-2023-4206)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the the cls_route component in Linux kernel packet scheduler. A local user can trigger a use-after-free error and execute arbitrary code on the system.


6) Out-of-bounds write (CVE-ID: CVE-2023-3611)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a boundary error in the qfq_change_agg() function in net/sched/sch_qfq.c within the Linux kernel net/sched: sch_qfq component. A local user trigger an out-of-bounds write and execute arbitrary code on the target system.


7) Use-after-free (CVE-ID: CVE-2023-35824)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the dm1105_remove() function in drivers/media/pci/dm1105/dm1105.c. A local user can trigger a use-after-free error and execute arbitrary code with elevated privileges.


8) Double Free (CVE-ID: CVE-2022-28388)

The vulnerability allows a local user to execute arbitrary code with elevated privileges.

The vulnerability exists due to boundary error in the usb_8dev_start_xmit in drivers/net/can/usb/usb_8dev.c. A local user can pass specially crafted data to the application, trigger double free error and execute arbitrary code with elevated privileges.


9) Use-after-free (CVE-ID: CVE-2023-4128)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within net/sched/cls_fw.c in classifiers (cls_fw, cls_u32, and cls_route) in the Linux Kernel. A local user can trigger a use-after-free error and execute arbitrary code with elevated privileges.


10) Use-after-free (CVE-ID: CVE-2023-5178)

The vulnerability allows a local authenticated user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the drivers/nvme/target/tcp.c in nvmet_tcp_free_crypto due to a logical bug in the NVMe-oF/TCP subsystem in the Linux kernel. A local authenticated user can trigger a use-after-free error and escalate privileges on the system.


11) Use-after-free (CVE-ID: CVE-2023-1989)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the btsdio_remove() function in driversluetoothtsdio.c. A local user can trigger a use-after-free error and escalate privileges on the system.


12) Input validation error (CVE-ID: CVE-2023-30456)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to insufficient validation of consistency for for CR0 and CR4 in arch/x86/kvm/vmx/nested.c in the Linux kernel. A local user can execute arbitrary code with elevated privileges.


13) Out-of-bounds read (CVE-ID: CVE-2023-3268)

The vulnerability allows a local user to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition within the relay_file_read_start_pos() function in kernel/relay.c in the relayfs. A local user can trigger an out-of-bounds read error and read contents of memory on the system or crash the kernel.


Remediation

Install update from vendor's website.

References