SB2025051251 - RSA Authentication Manager update for third-party components
Published: May 12, 2025
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 23 secuirty vulnerabilities.
1) Heap-based buffer overflow (CVE-ID: CVE-2018-6913)
The vulnerability allows a local attacker to cause DoS condition or execute arbitrary code on the target system.The weakness exists due to heap-based buffer overflow. A local attacker can exploit a specially crafted pack() function, trigger memory corruption and cause the service to crash or run Perl code.
Successful exploitation of the vulnerability may result in system compromise.
2) Improper input validation (CVE-ID: CVE-2024-21138)
The vulnerability allows a remote non-authenticated attacker to perform service disruption.
The vulnerability exists due to improper input validation within the Hotspot component in Oracle GraalVM Enterprise Edition. A remote non-authenticated attacker can exploit this vulnerability to perform service disruption.
3) Improper input validation (CVE-ID: CVE-2024-21131)
The vulnerability allows a remote non-authenticated attacker to manipulate data.
The vulnerability exists due to improper input validation within the Hotspot component in Oracle GraalVM Enterprise Edition. A remote non-authenticated attacker can exploit this vulnerability to manipulate data.
4) Improper input validation (CVE-ID: CVE-2024-21140)
The vulnerability allows a remote non-authenticated attacker to read and manipulate data.
The vulnerability exists due to improper input validation within the Hotspot component in Oracle GraalVM Enterprise Edition. A remote non-authenticated attacker can exploit this vulnerability to read and manipulate data.
5) Improper input validation (CVE-ID: CVE-2024-21147)
The vulnerability allows a remote non-authenticated attacker to read and manipulate data.
The vulnerability exists due to improper input validation within the Hotspot component in Oracle GraalVM Enterprise Edition. A remote non-authenticated attacker can exploit this vulnerability to read and manipulate data.
6) Improper input validation (CVE-ID: CVE-2024-21183)
The vulnerability allows a remote non-authenticated attacker to gain access to sensitive information.
The vulnerability exists due to improper input validation within the Core component in Oracle WebLogic Server. A remote non-authenticated attacker can exploit this vulnerability to gain access to sensitive information.
7) Improper input validation (CVE-ID: CVE-2024-21182)
The vulnerability allows a remote non-authenticated attacker to gain access to sensitive information.
The vulnerability exists due to improper input validation within the Core component in Oracle WebLogic Server. A remote non-authenticated attacker can exploit this vulnerability to gain access to sensitive information.
8) Improper input validation (CVE-ID: CVE-2024-21175)
The vulnerability allows a remote non-authenticated attacker to manipulate data.
The vulnerability exists due to improper input validation within the Core component in Oracle WebLogic Server. A remote non-authenticated attacker can exploit this vulnerability to manipulate data.
9) Improper input validation (CVE-ID: CVE-2024-21181)
The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.
The vulnerability exists due to improper input validation within the Core component in Oracle WebLogic Server. A remote non-authenticated attacker can exploit this vulnerability to execute arbitrary code.
10) Heap-based buffer over-read (CVE-ID: CVE-2018-6798)
The vulnerability allows a local attacker to obtain potentially sensitive information or execute arbitrary code on the target system.The weakness exists due to heap-based buffer over-read. A local attacker can exploit a specially crafted locale dependent regular expression, trigger memory corruption and gain access to potentially sensitive information or run Perl code.
Successful exploitation of the vulnerability may result in system compromise.
11) Use-after-free (CVE-ID: CVE-2024-25062)
The vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a use-after-free error in xmlValidatePopElement when using the XML Reader interface with DTD validation and XInclude expansion enabled. A remote attacker can pass a specially crafted XML document to the application, trigger a use-after-free error and execute arbitrary code on the system.
Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.
12) Spoofing attack (CVE-ID: CVE-2023-52881)
The vulnerability allows a remote attacker to perform spoofing attack.
The vulnerability exists due to an error within the tcp_ack() function in net/ipv4/tcp_input.c, which can result in system accepting ACK responses for bytes that were never sent. A remote attacker can perform spoofing attack.
13) Use-after-free (CVE-ID: CVE-2024-4741)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a use-after-free error within the SSL_free_buffers() function. A remote attacker can trigger a use-after-free error and perform a denial of service (DoS) attack.
Note, the vulnerability affects only applications that call the vulnerable function.
14) Resource exhaustion (CVE-ID: CVE-2023-45288)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient limitations placed on the amount of CONTINUATION frames that can be sent within a single HTTP/2 stream. A remote attacker can send specially crafted HTTP/2 requests to the server and perform a denial of service (DoS) attack.15) Out-of-bounds read (CVE-ID: CVE-2024-37371)
The vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition when handling GSS message token. A remote attacker can send specially crafted token to the application, trigger an out-of-bounds read error and read contents of memory on the system.
16) Input validation error (CVE-ID: CVE-2024-37370)
The vulnerability allows a remote attacker to bypass implemented security restrictions.
The vulnerability exists due to insufficient validation of user-supplied input. A remote attacker can modify the plaintext Extra Count field of a confidential GSS krb5 wrap token, causing the unwrapped token to appear truncated to the application.
17) Resource management error (CVE-ID: CVE-2024-26614)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to improper management of internal resources within the reqsk_queue_alloc() function in net/core/request_sock.c. A remote attacker can send specially crafted ACK packets to the system and perform a denial of service (DoS) attack.
18) Use-after-free (CVE-ID: CVE-2023-1192)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the smb2_is_status_io_timeout() function in Linux kernel. A local user can set environment variable to a specific value, trigger a use-after-free error and execute arbitrary code with elevated privileges.
19) Input validation error (CVE-ID: CVE-2021-47001)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the rpcrdma_xprt_connect() and rpcrdma_post_sends() functions in net/sunrpc/xprtrdma/verbs.c, within the rpcrdma_reply_handler() function in net/sunrpc/xprtrdma/rpc_rdma.c. A local user can perform a denial of service (DoS) attack.
20) Out-of-bounds read (CVE-ID: CVE-2021-46955)
The vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition within the ovs_fragment() function in net/openvswitch/actions.c when running openvswitch on kernels built with KASAN. A remote attacker can send specially crafted IPv4 packets to the system, trigger an out-of-bounds read error and read contents of memory on the system or crash the kernel.
21) Integer underflow (CVE-ID: CVE-2024-26828)
The vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer underflow within the parse_server_interfaces() function in fs/smb/client/smb2ops.c. A local user can execute arbitrary code.
22) Use-after-free (CVE-ID: CVE-2023-47233)
The vulnerability allows an attacker to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the brcm80211 in a brcmf_cfg80211_detach in the device unplugging (disconnect the USB by hotplug) code. An attacker with physical access to device can trigger a use-after-free error and escalate privileges on the system.
23) Information disclosure (CVE-ID: CVE-2022-20132)
The vulnerability allows a local user to gain access to potentially sensitive information.
The vulnerability exists due to excessive data output in the USB HID component in Linux Kernel. A local user can trigger the vulnerability to gain access to potentially sensitive information.
Remediation
Install update from vendor's website.