Multiple vulnerabilities in IBM Cloud Pak System

1) Out-of-bounds write

EUVDB-ID: #VU87132

Risk: Low

CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-22254

CWE-ID: CWE-787 - Out-of-bounds write

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a boundary error when processing untrusted input. A local user with privileges within the VMX process can trigger an out-of-bounds write and escape sandbox restrictions.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Cloud Pak System: before 2.3.4.1

CPE2.3

• cpe:2.3:a:ibm_corporation:ibm_cloud_pak_system:*:*:*:*:*:*:*:*

External links

https://www.ibm.com/support/pages/node/7173469

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.

The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Out-of-bounds write

EUVDB-ID: #VU96785

Risk: Medium

CVSSv4.0: 4.8 [CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2024-22273

CWE-ID: CWE-787 - Out-of-bounds write

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a boundary error within the storage controllers functionality. An attacker with access to a virtual machine with storage controllers enabled can trigger an out-of-bounds write and execute arbitrary code on the hypervisor from a virtual machine.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Cloud Pak System: before 2.3.4.1

CPE2.3

• cpe:2.3:a:ibm_corporation:ibm_cloud_pak_system:*:*:*:*:*:*:*:*

External links

https://www.ibm.com/support/pages/node/7173469

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Out-of-bounds read

EUVDB-ID: #VU93318

Risk: Medium

CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2024-37086

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a malicious user on the guest OS to perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary condition. An attacker with access to the guest OS can trigger an out-of-bounds read and crash the host OS.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Cloud Pak System: before 2.3.4.1

CPE2.3

• cpe:2.3:a:ibm_corporation:ibm_cloud_pak_system:*:*:*:*:*:*:*:*

External links

https://www.ibm.com/support/pages/node/7173469

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.