Multiple vulnerabilities in IBM API Connect

1) Input validation error

EUVDB-ID: #VU96493

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-43883

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the vhci_urb_enqueue(), vhci_shutdown_connection() and vhci_device_reset() functions in drivers/usb/usbip/vhci_hcd.c. A local user can perform a denial of service (DoS) attack.

Install update from vendor's website.

IBM API Connect: 10.0.5.0 - 10.0.8.2 ifix2

• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7236295

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Improper error handling

EUVDB-ID: #VU97814

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-46841

CWE-ID: CWE-388 - Error Handling

Exploit availability: No

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper error handling within the walk_down_proc() function in fs/btrfs/extent-tree.c. A local user can perform a denial of service (DoS) attack.

Install update from vendor's website.

IBM API Connect: 10.0.5.0 - 10.0.8.2 ifix2

• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7236295

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Improper locking

EUVDB-ID: #VU97808

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-46840

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the reada_walk_down(), walk_down_proc(), do_walk_down() and walk_up_proc() functions in fs/btrfs/extent-tree.c. A local user can perform a denial of service (DoS) attack.

Install update from vendor's website.

IBM API Connect: 10.0.5.0 - 10.0.8.2 ifix2

• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7236295

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) Improper locking

EUVDB-ID: #VU97803

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-46829

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the __rt_mutex_slowlock(), rt_mutex_handle_deadlock() and rt_mutex_slowlock() functions in kernel/locking/rtmutex.c. A local user can perform a denial of service (DoS) attack.

Install update from vendor's website.

IBM API Connect: 10.0.5.0 - 10.0.8.2 ifix2

• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7236295

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

5) Resource management error

EUVDB-ID: #VU97830

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-46817

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the amdgpu_dm_initialize_drm_device() function in drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c. A local user can perform a denial of service (DoS) attack.

Install update from vendor's website.

IBM API Connect: 10.0.5.0 - 10.0.8.2 ifix2

• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7236295

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

6) NULL pointer dereference

EUVDB-ID: #VU97516

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-46795

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the smb2_sess_setup() function in fs/ksmbd/smb2pdu.c. A local user can perform a denial of service (DoS) attack.

Install update from vendor's website.

IBM API Connect: 10.0.5.0 - 10.0.8.2 ifix2

• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7236295

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

7) Improper authorization

EUVDB-ID: #VU101777

Risk: Medium

CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:P/U:Green]

CVE-ID: CVE-2024-45337

CWE-ID: CWE-285 - Improper Authorization

Exploit availability: Yes

The vulnerability allows a remote attacker to gain unauthorized access to the application.

The vulnerability exists due to improper authorization caused by improper usage of the ServerConfig.PublicKeyCallback callback. A remote attacker can bypass authorization in certain cases and gain access to the application.

Install update from vendor's website.

IBM API Connect: 10.0.5.0 - 10.0.8.2 ifix2

• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7236295

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.

8) Information disclosure

EUVDB-ID: #VU103455

Risk: Low

CVSSv4.0: 0.5 [CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-45336

CWE-ID: CWE-200 - Exposure of sensitive information to an unauthorized actor

Exploit availability: No

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to the HTTP client will send Authorization header to a third-party domain after a chain of redirects. A remote attacker can gain unauthorized access to credentials.

Install update from vendor's website.

IBM API Connect: 10.0.5.0 - 10.0.8.2 ifix2

• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7236295

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

9) SQL injection

EUVDB-ID: #VU111069

Risk: Medium

CVSSv4.0: 6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2024-4533

CWE-ID: CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

Exploit availability: No

The vulnerability allows a remote privileged user to execute arbitrary SQL queries in database.

The vulnerability exists due to insufficient sanitization of user-supplied data. A remote privileged user can send a specially crafted request to the affected application and execute arbitrary SQL commands within the application database.

Successful exploitation of this vulnerability may allow a remote attacker to read, delete, modify data in database and gain complete control over the affected application.

Install update from vendor's website.

IBM API Connect: 10.0.5.0 - 10.0.8.2 ifix2

• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7236295

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

10) NULL pointer dereference

EUVDB-ID: #VU96529

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-43904

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the dcn30_apply_idle_power_optimizations() function in drivers/gpu/drm/amd/display/dc/hwss/dcn30/dcn30_hwseq.c. A local user can perform a denial of service (DoS) attack.

Install update from vendor's website.

IBM API Connect: 10.0.5.0 - 10.0.8.2 ifix2

• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7236295

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

11) Out-of-bounds read

EUVDB-ID: #VU96113

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-43858

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the diSync() and diRead() functions in fs/jfs/jfs_imap.c. A local user can perform a denial of service (DoS) attack.

Install update from vendor's website.

IBM API Connect: 10.0.5.0 - 10.0.8.2 ifix2

• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7236295

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

12) Off-by-one

EUVDB-ID: #VU97818

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-46852

CWE-ID: CWE-193 - Off-by-one Error

Exploit availability: No

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an off-by-one error within the cma_heap_vm_fault() function in drivers/dma-buf/heaps/cma_heap.c. A local user can perform a denial of service (DoS) attack.

Install update from vendor's website.

IBM API Connect: 10.0.5.0 - 10.0.8.2 ifix2

• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7236295

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

13) Improper locking

EUVDB-ID: #VU96147

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-43855

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the md_end_flush(), submit_flushes() and md_submit_flush_data() functions in drivers/md/md.c. A local user can perform a denial of service (DoS) attack.

Install update from vendor's website.

IBM API Connect: 10.0.5.0 - 10.0.8.2 ifix2

• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7236295

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

14) Input validation error

EUVDB-ID: #VU96200

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-43849

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the pdr_locator_new_server(), pdr_locator_del_server() and pdr_get_domain_list() functions in drivers/soc/qcom/pdr_interface.c. A local user can perform a denial of service (DoS) attack.

Install update from vendor's website.

IBM API Connect: 10.0.5.0 - 10.0.8.2 ifix2

• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7236295

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

15) Resource management error

EUVDB-ID: #VU96187

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-43841

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the virt_wifi_inform_bss(), virt_wifi_connect() and virt_wifi_connect_complete() functions in drivers/net/wireless/virt_wifi.c. A local user can perform a denial of service (DoS) attack.

Install update from vendor's website.

IBM API Connect: 10.0.5.0 - 10.0.8.2 ifix2

• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7236295

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

16) Input validation error

EUVDB-ID: #VU96197

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-43839

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the bnad_tx_msix_register() and bnad_rx_msix_register() functions in drivers/net/ethernet/brocade/bna/bnad.c. A local user can perform a denial of service (DoS) attack.

Install update from vendor's website.

IBM API Connect: 10.0.5.0 - 10.0.8.2 ifix2

• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7236295

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

17) Improper locking

EUVDB-ID: #VU95561

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-42252

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the closure_put_after_sub() function in lib/closure.c. A local user can perform a denial of service (DoS) attack.

Install update from vendor's website.

IBM API Connect: 10.0.5.0 - 10.0.8.2 ifix2

• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7236295

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

18) Improper error handling

EUVDB-ID: #VU95022

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-41022

CWE-ID: CWE-388 - Error Handling

Exploit availability: No

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper error handling within the sdma_v4_0_process_trap_irq() function in drivers/gpu/drm/amd/amdgpu/sdma_v4_0.c. A local user can perform a denial of service (DoS) attack.

Install update from vendor's website.

IBM API Connect: 10.0.5.0 - 10.0.8.2 ifix2

• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7236295

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

19) Input validation error

EUVDB-ID: #VU94842

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-41015

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the ocfs2_check_dir_entry(), ocfs2_search_dirblock(), __ocfs2_delete_entry(), __ocfs2_add_entry(), ocfs2_dir_foreach_blk_id(), ocfs2_dir_foreach_blk_el(), ocfs2_find_dir_space_id() and ocfs2_find_dir_space_el() functions in fs/ocfs2/dir.c. A local user can perform a denial of service (DoS) attack.

Install update from vendor's website.

IBM API Connect: 10.0.5.0 - 10.0.8.2 ifix2

• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7236295

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

20) Improper locking

EUVDB-ID: #VU94277

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-39501

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the uevent_show() function in drivers/base/core.c. A local user can perform a denial of service (DoS) attack.

Install update from vendor's website.

IBM API Connect: 10.0.5.0 - 10.0.8.2 ifix2

• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7236295

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

21) Use-after-free

EUVDB-ID: #VU93819

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-39479

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the i915_hwmon_register() function in drivers/gpu/drm/i915/i915_hwmon.c. A local user can escalate privileges on the system.

Install update from vendor's website.

IBM API Connect: 10.0.5.0 - 10.0.8.2 ifix2

• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7236295

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

22) Out-of-bounds read

EUVDB-ID: #VU93820

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-39472

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the xlog_do_recovery_pass() function in fs/xfs/xfs_log_recover.c. A local user can perform a denial of service (DoS) attack.

Install update from vendor's website.

IBM API Connect: 10.0.5.0 - 10.0.8.2 ifix2

• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7236295

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

23) Use-after-free

EUVDB-ID: #VU97781

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-46849

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the axg_card_add_tdm_loopback() function in sound/soc/meson/axg-card.c. A local user can escalate privileges on the system.

Install update from vendor's website.

IBM API Connect: 10.0.5.0 - 10.0.8.2 ifix2

• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7236295

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

24) Memory leak

EUVDB-ID: #VU97776

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-46854

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the dpaa_start_xmit() function in drivers/net/ethernet/freescale/dpaa/dpaa_eth.c. A local user can perform a denial of service (DoS) attack.

Install update from vendor's website.

IBM API Connect: 10.0.5.0 - 10.0.8.2 ifix2

• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7236295

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

25) Buffer overflow

EUVDB-ID: #VU93344

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-38544

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory corruption within the rxe_comp_queue_pkt() function in drivers/infiniband/sw/rxe/rxe_comp.c. A local user can perform a denial of service (DoS) attack.

Install update from vendor's website.

IBM API Connect: 10.0.5.0 - 10.0.8.2 ifix2

• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7236295

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

26) Buffer overflow

EUVDB-ID: #VU106844

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-21927

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to memory corruption within the nvme_tcp_queue_id() and nvme_tcp_recv_pdu() functions in drivers/nvme/host/tcp.c. A local user can escalate privileges on the system.

Install update from vendor's website.

IBM API Connect: 10.0.5.0 - 10.0.8.2 ifix2

• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7236295

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

27) Inconsistent interpretation of HTTP requests

EUVDB-ID: #VU108124

Risk: Medium

CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2025-43859

CWE-ID: CWE-444 - Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling')

Exploit availability: No

The vulnerability allows a remote attacker to perform HTTP request smuggling attacks.

The vulnerability exists due to improper validation of HTTP requests in h11/_readers.py. A remote attacker can send a specially crafted HTTP request to the server and smuggle arbitrary HTTP headers.

Successful exploitation of vulnerability may allow an attacker to poison HTTP cache and perform phishing attacks.

Install update from vendor's website.

IBM API Connect: 10.0.5.0 - 10.0.8.2 ifix2

• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7236295

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

28) Integer overflow

EUVDB-ID: #VU108745

Risk: Medium

CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2025-3277,CVE-2025-29087

CWE-ID: CWE-190 - Integer overflow

Exploit availability: No

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to integer overflow within the concat_ws() function. A remote attacker who can control the separator argument can pass an on overly large string to the application and perform a denial of service (DoS) attack.

Install update from vendor's website.

IBM API Connect: 10.0.5.0 - 10.0.8.2 ifix2

• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7236295

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

29) Use-after-free

EUVDB-ID: #VU107155

Risk: High

CVSSv4.0: 4.9 [CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2025-31498

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a use-after-free error within the read_answers() function. A remote attacker can send specially crafted ICMP UNREACHABLE packets to the application, trigger a use-after-free error and execute arbitrary code on the system.

Install update from vendor's website.

IBM API Connect: 10.0.5.0 - 10.0.8.2 ifix2

• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7236295

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

30) Improper input validation

EUVDB-ID: #VU107522

Risk: Medium

CVSSv4.0: 1.7 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2025-30691

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

The vulnerability allows a remote non-authenticated attacker to read and manipulate data.

The vulnerability exists due to improper input validation within the Compiler component in Oracle Java SE. A remote non-authenticated attacker can exploit this vulnerability to read and manipulate data.

Install update from vendor's website.

IBM API Connect: 10.0.5.0 - 10.0.8.2 ifix2

• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7236295

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

31) Improper Authorization

EUVDB-ID: #VU107481

Risk: Medium

CVSSv4.0: 5.4 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:N/SI:H/SA:H/E:P/U:Green]

CVE-ID: CVE-2025-30215

CWE-ID: CWE-285 - Improper Authorization

Exploit availability: Yes

The vulnerability allows a remote attacker to bypass authorization checks.

The vulnerability exists due to the failure to authorize certain Jetstream admin APIs. A remote user can perform certain administrative actions on any JS asset in any other account.

Install update from vendor's website.

IBM API Connect: 10.0.5.0 - 10.0.8.2 ifix2

• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7236295

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.

32) Path traversal

EUVDB-ID: #VU105796

Risk: Medium

CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2025-27610

CWE-ID: CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Exploit availability: No

The vulnerability allows a remote attacker to perform directory traversal attacks.

The vulnerability exists due to input validation error when processing directory traversal sequences in Rack::Static. A remote attacker can read arbitrary files on the system.

Install update from vendor's website.

IBM API Connect: 10.0.5.0 - 10.0.8.2 ifix2

• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7236295

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

33) Input validation error

EUVDB-ID: #VU105387

Risk: Low

CVSSv4.0: 2 [CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-27516

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

The vulnerability allows a local user to compromise the target system.

The vulnerability exists due to sandbox breakout through attr filter selecting format method. A local user can execute arbitrary code on the system.

Install update from vendor's website.

IBM API Connect: 10.0.5.0 - 10.0.8.2 ifix2

• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7236295

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

34) Out-of-bounds write

EUVDB-ID: #VU105715

Risk: Critical

CVSSv4.0: 8.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:A/U:Red]

CVE-ID: CVE-2025-27363

CWE-ID: CWE-787 - Out-of-bounds write

Exploit availability: Yes

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a boundary error when processing untrusted input. A remote attacker can pass a specially crafted font to the application that is using an affected version of the library, trigger an out-of-bounds write and execute arbitrary code on the target system.

Install update from vendor's website.

IBM API Connect: 10.0.5.0 - 10.0.8.2 ifix2

• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7236295

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

Yes. This vulnerability is being exploited in the wild.

35) Improper Output Neutralization for Logs

EUVDB-ID: #VU105795

Risk: Medium

CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2025-27111

CWE-ID: CWE-117 - Improper Output Neutralization for Logs

Exploit availability: No

The vulnerability allows a remote attacker to manipulate log entries.

The vulnerability exists due to improper input validation of the X-Sendfile-Type header in Rack::Sendfile when handling. A remote attacker can send specially crafted data containing newline characters via the affected header and manipulate log files.

Install update from vendor's website.

IBM API Connect: 10.0.5.0 - 10.0.8.2 ifix2

• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7236295

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

36) Out-of-bounds read

EUVDB-ID: #VU104982

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-21785

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the populate_cache_leaves() function in arch/arm64/kernel/cacheinfo.c. A local user can perform a denial of service (DoS) attack.

Install update from vendor's website.

IBM API Connect: 10.0.5.0 - 10.0.8.2 ifix2

• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7236295

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

37) Use-after-free

EUVDB-ID: #VU97783

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-46858

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the mptcp_pm_del_add_timer() and remove_anno_list_by_saddr() functions in net/mptcp/pm_netlink.c. A local user can escalate privileges on the system.

Install update from vendor's website.

IBM API Connect: 10.0.5.0 - 10.0.8.2 ifix2

• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7236295

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

38) Input validation error

EUVDB-ID: #VU103970

Risk: Critical

CVSSv4.0: 9.2 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:A/U:Red]

CVE-ID: CVE-2025-1094

CWE-ID: CWE-20 - Improper input validation

Exploit availability: Yes

The vulnerability allows a remote attacker to execute arbitrary SQL queries in the database.

The vulnerability exists due to insufficient validation of quoting syntax in PostgreSQL libpq functions PQescapeLiteral(), PQescapeIdentifier(), PQescapeString(), and PQescapeStringConn() and within the command line utility programs  when client_encoding is BIG5 and server_encoding is one of EUC_TW or MULE_INTERNAL. A remote attacker can pass specially crafted input to the application and execute arbitrary SQL queries in the database.

Note, the vulnerability is being actively exploited in the wild.

Install update from vendor's website.

IBM API Connect: 10.0.5.0 - 10.0.8.2 ifix2

• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7236295

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

Yes. This vulnerability is being exploited in the wild.

39) OS Command Injection

EUVDB-ID: #VU99357

Risk: Low

CVSSv4.0: 5.8 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-9287

CWE-ID: CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

Exploit availability: No

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to improper input validation in the venv module when creating a virtual environment. A local user can pass specially crafted strings to the application and execute arbitrary OS commands on the target system.

Install update from vendor's website.

IBM API Connect: 10.0.5.0 - 10.0.8.2 ifix2

• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7236295

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

40) Out-of-bounds write

EUVDB-ID: #VU102090

Risk: High

CVSSv4.0: 8.5 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:A/U:Amber]

CVE-ID: CVE-2024-53197

CWE-ID: CWE-787 - Out-of-bounds write

Exploit availability: No

The vulnerability allows a local user to compromise the affected system.

The vulnerability exists due to an out-of-bounds write error within the snd_usb_create_quirk(), snd_usb_extigy_boot_quirk(), mbox2_setup_48_24_magic() and snd_usb_mbox2_boot_quirk() functions in sound/usb/quirks.c. A local user can trigger an out-of-bounds write and execute arbitrary code on the system.

Note, the vulnerability is being actively exploited against Android devices.

Install update from vendor's website.

IBM API Connect: 10.0.5.0 - 10.0.8.2 ifix2

• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7236295

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

Yes. This vulnerability is being exploited in the wild.

41) Out-of-bounds read

EUVDB-ID: #VU101910

Risk: High

CVSSv4.0: 6.8 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:A/U:Amber]

CVE-ID: CVE-2024-53150

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the DESC_LENGTH_CHECK(), validate_clock_source() and validate_clock_selector() functions in sound/usb/clock.c. A local user can perform a denial of service (DoS) attack.

Install update from vendor's website.

IBM API Connect: 10.0.5.0 - 10.0.8.2 ifix2

• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7236295

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

Yes. This vulnerability is being exploited in the wild.

42) NULL pointer dereference

EUVDB-ID: #VU101103

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-53113

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the alloc_pages_bulk_noprof() function in mm/page_alloc.c. A local user can perform a denial of service (DoS) attack.

Install update from vendor's website.

IBM API Connect: 10.0.5.0 - 10.0.8.2 ifix2

• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7236295

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

43) Predictable Seed in Pseudo-Random Number Generator (PRNG)

EUVDB-ID: #VU101681

Risk: Medium

CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2024-52616

CWE-ID: CWE-337 - Predictable Seed in Pseudo-Random Number Generator (PRNG)

Exploit availability: No

The vulnerability allows a remote attacker to perform spoofing attack.

The vulnerability exists due to software initializes DNS transaction IDs randomly only once at startup, incrementing them sequentially after that. A remote attacker can predict subsequent transaction IDs and perform DNS spoofing attack.

Install update from vendor's website.

IBM API Connect: 10.0.5.0 - 10.0.8.2 ifix2

• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7236295

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

44) Memory leak

EUVDB-ID: #VU100611

Risk: Medium

CVSSv4.0: 6.8 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:A/U:Green]

CVE-ID: CVE-2024-50302

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the hid_alloc_report_buf() function in drivers/hid/hid-core.c. A local user can perform a denial of service (DoS) attack.

Note, the vulnerability is being actively exploited in the wild against Android devices.

Install update from vendor's website.

IBM API Connect: 10.0.5.0 - 10.0.8.2 ifix2

• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7236295

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

Yes. This vulnerability is being exploited in the wild.

45) Race condition

EUVDB-ID: #VU99125

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-50059

CWE-ID: CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Exploit availability: No

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a race condition within the switchtec_ntb_remove() function in drivers/ntb/hw/mscc/ntb_hw_switchtec.c. A local user can escalate privileges on the system.

Install update from vendor's website.

IBM API Connect: 10.0.5.0 - 10.0.8.2 ifix2

• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7236295

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

46) Integer overflow

EUVDB-ID: #VU101245

Risk: High

CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2024-47606

CWE-ID: CWE-190 - Integer overflow

Exploit availability: No

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to integer overflow in the MP4/MOV demuxer and memory allocator. A remote attacker can pass specially crafted data to the application, trigger an integer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Install update from vendor's website.

IBM API Connect: 10.0.5.0 - 10.0.8.2 ifix2

• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7236295

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

47) Use-after-free

EUVDB-ID: #VU92310

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-38581

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the amdgpu_mes_remove_ring() function in drivers/gpu/drm/amd/amdgpu/amdgpu_mes.c. A local user can escalate privileges on the system.

Install update from vendor's website.

IBM API Connect: 10.0.5.0 - 10.0.8.2 ifix2

• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7236295

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

48) Use of uninitialized resource

EUVDB-ID: #VU92373

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-38538

CWE-ID: CWE-908 - Use of Uninitialized Resource

Exploit availability: No

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to use of uninitialized resource within the EXPORT_SYMBOL_GPL() and br_dev_xmit() functions in net/bridge/br_device.c. A local user can perform a denial of service (DoS) attack.

Install update from vendor's website.

IBM API Connect: 10.0.5.0 - 10.0.8.2 ifix2

• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7236295

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

49) Buffer overflow

EUVDB-ID: #VU88105

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52599

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a boundary error within the diNewExt() function in fs/jfs/jfs_imap.c. A local user can trigger memory corruption and execute arbitrary code with elevated privileges.

Install update from vendor's website.

IBM API Connect: 10.0.5.0 - 10.0.8.2 ifix2

• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7236295

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

50) Race condition

EUVDB-ID: #VU91477

Risk: Low

CVSSv4.0: 1.9 [CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52645

CWE-ID: CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Exploit availability: No

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a race condition within the scpsys_add_subdomain() and scpsys_remove_one_domain() functions in drivers/soc/mediatek/mtk-pm-domains.c. A local user can perform a denial of service (DoS) attack.

Install update from vendor's website.

IBM API Connect: 10.0.5.0 - 10.0.8.2 ifix2

• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7236295

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

51) Race condition

EUVDB-ID: #VU91483

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52639

CWE-ID: CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Exploit availability: No

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a race condition within the gmap_shadow() function in arch/s390/mm/gmap.c, within the acquire_gmap_shadow() function in arch/s390/kvm/vsie.c. A local user can escalate privileges on the system.

Install update from vendor's website.

IBM API Connect: 10.0.5.0 - 10.0.8.2 ifix2

• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7236295

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

52) Improper locking

EUVDB-ID: #VU90796

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52638

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the j1939_jsk_add(), j1939_sk_recv_match(), j1939_sk_recv(), j1939_sk_errqueue() and j1939_sk_netdev_event_netdown() functions in net/can/j1939/socket.c, within the j1939_netdev_start() function in net/can/j1939/main.c. A local user can perform a denial of service (DoS) attack.

Install update from vendor's website.

IBM API Connect: 10.0.5.0 - 10.0.8.2 ifix2

• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7236295

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

53) NULL pointer dereference

EUVDB-ID: #VU91240

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52631

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the fs/ntfs3/ntfs_fs.h. A local user can perform a denial of service (DoS) attack.

Install update from vendor's website.

IBM API Connect: 10.0.5.0 - 10.0.8.2 ifix2

• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7236295

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

54) Resource management error

EUVDB-ID: #VU93474

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52617

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the stdev_release(), stdev_create(), switchtec_init_pci() and switchtec_pci_remove() functions in drivers/pci/switch/switchtec.c. A local user can perform a denial of service (DoS) attack.

Install update from vendor's website.

IBM API Connect: 10.0.5.0 - 10.0.8.2 ifix2

• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7236295

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

55) Buffer overflow

EUVDB-ID: #VU91314

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52612

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to memory corruption within the scomp_acomp_comp_decomp() function in crypto/scompress.c. A local user can escalate privileges on the system.

Install update from vendor's website.

IBM API Connect: 10.0.5.0 - 10.0.8.2 ifix2

• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7236295

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

56) Race condition

EUVDB-ID: #VU91484

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52609

CWE-ID: CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Exploit availability: No

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a race condition within the binder_update_page_range() function in drivers/android/binder_alloc.c. A local user can escalate privileges on the system.

Install update from vendor's website.

IBM API Connect: 10.0.5.0 - 10.0.8.2 ifix2

• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7236295

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

57) Resource management error

EUVDB-ID: #VU92973

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52608

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the shmem_poll_done() function in drivers/firmware/arm_scmi/shmem.c, within the rx_callback() function in drivers/firmware/arm_scmi/mailbox.c. A local user can perform a denial of service (DoS) attack.

Install update from vendor's website.

IBM API Connect: 10.0.5.0 - 10.0.8.2 ifix2

• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7236295

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

58) NULL pointer dereference

EUVDB-ID: #VU90841

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52607

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the pgtable_cache_add() function in arch/powerpc/mm/init-common.c. A local user can perform a denial of service (DoS) attack.

Install update from vendor's website.

IBM API Connect: 10.0.5.0 - 10.0.8.2 ifix2

• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7236295

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

59) Use-after-free

EUVDB-ID: #VU88104

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52600

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error in fs/jfs/jfs_mount.c. A local user can trigger a use-after-free error and execute arbitrary code with elevated privileges.

Install update from vendor's website.

IBM API Connect: 10.0.5.0 - 10.0.8.2 ifix2

• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7236295

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

60) Security features bypass

EUVDB-ID: #VU92172

Risk: Low

CVSSv4.0: 1.7 [CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52597

CWE-ID: CWE-254 - Security Features

Exploit availability: No

The vulnerability allows a local privileged user to perform a denial of service (DoS) attack.

The vulnerability exists due to application does not properly control consumption of internal resources. A local privileged can trigger resource exhaustion and perform a denial of service (DoS) attack.

Install update from vendor's website.

IBM API Connect: 10.0.5.0 - 10.0.8.2 ifix2

• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7236295

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

61) Reachable Assertion

EUVDB-ID: #VU90905

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52759

CWE-ID: CWE-617 - Reachable Assertion

Exploit availability: No

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to reachable assertion within the qd_check_sync() function in fs/gfs2/quota.c. A local user can perform a denial of service (DoS) attack.

Install update from vendor's website.

IBM API Connect: 10.0.5.0 - 10.0.8.2 ifix2

• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7236295

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

62) Improper locking

EUVDB-ID: #VU91541

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52587

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the ipoib_mcast_join() function in drivers/infiniband/ulp/ipoib/ipoib_multicast.c. A local user can perform a denial of service (DoS) attack.

Install update from vendor's website.

IBM API Connect: 10.0.5.0 - 10.0.8.2 ifix2

• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7236295

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

63) Inadequate encryption strength

EUVDB-ID: #VU84537

Risk: Low

CVSSv4.0: 2.9 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P/U:Clear]

CVE-ID: CVE-2023-48795

CWE-ID: CWE-326 - Inadequate Encryption Strength

Exploit availability: Yes

The vulnerability allows a remote attacker to perform MitM attack.

The vulnerability exists due to incorrect implementation of the SSH Binary Packet Protocol (BPP), which mishandles the handshake phase and the use of sequence numbers. A remote attacker can perform MitM attack and delete the SSH2_MSG_EXT_INFO message sent before authentication starts, allowing the attacker to disable a subset of the keystroke timing obfuscation features introduced in OpenSSH 9.5.

The vulnerability was dubbed "Terrapin attack" and it affects both client and server implementations.

Install update from vendor's website.

IBM API Connect: 10.0.5.0 - 10.0.8.2 ifix2

• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7236295

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.

64) Use-after-free

EUVDB-ID: #VU80506

Risk: Low

CVSSv4.0: 1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-4752

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

The vulnerability allows a remote attacker to crash the application.

The vulnerability exists due to a use-after-free error within the ins_compl_get_exp() function in insexpand.c. A remote attacker can trick the victim to open a specially crafted file and crash the application.

Install update from vendor's website.

IBM API Connect: 10.0.5.0 - 10.0.8.2 ifix2

• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7236295

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

65) Incorrect authorization

EUVDB-ID: #VU111068

Risk: Medium

CVSSv4.0: 4.9 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2023-47090

CWE-ID: CWE-863 - Incorrect Authorization

Exploit availability: No

The vulnerability allows a remote user to gain access to potentially sensitive information.

The vulnerability exists due to authentication bypass. A remote user in an authorization block can sometimes be used for unauthenticated access, even when the intention of the configuration was for each user to have an account

Install update from vendor's website.

IBM API Connect: 10.0.5.0 - 10.0.8.2 ifix2

• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7236295

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

66) Use of Hard-coded Cryptographic Key

EUVDB-ID: #VU82552

Risk: Medium

CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2023-46129

CWE-ID: CWE-321 - Use of Hard-coded Cryptographic Key

Exploit availability: No

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to the usage of a hard-coded cryptograhic key. A remote attacker can gain unauthorized access to sensitive information on the system.

Install update from vendor's website.

IBM API Connect: 10.0.5.0 - 10.0.8.2 ifix2

• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7236295

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

67) Memory leak

EUVDB-ID: #VU104262

Risk: Low

CVSSv4.0: 1.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:U/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-49376

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the sd_probe() function in drivers/scsi/sd.c. A local user can perform a denial of service (DoS) attack.

Install update from vendor's website.

IBM API Connect: 10.0.5.0 - 10.0.8.2 ifix2

• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7236295

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

68) Input validation error

EUVDB-ID: #VU104932

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-49180

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the selinux_fs_context_parse_param() function in security/selinux/hooks.c, within the security_fs_context_dup() function in security/security.c. A local user can perform a denial of service (DoS) attack.

Install update from vendor's website.

IBM API Connect: 10.0.5.0 - 10.0.8.2 ifix2

• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7236295

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

69) Memory leak

EUVDB-ID: #VU89997

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-48650

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the __qlt_24xx_handle_abts() function in drivers/scsi/qla2xxx/qla_target.c. A local user can perform a denial of service (DoS) attack.

Install update from vendor's website.

IBM API Connect: 10.0.5.0 - 10.0.8.2 ifix2

• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7236295

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

70) Out-of-bounds write

EUVDB-ID: #VU19178

Risk: High

CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2019-12900

CWE-ID: CWE-787 - Out-of-bounds write

Exploit availability: No

Install update from vendor's website.

IBM API Connect: 10.0.5.0 - 10.0.8.2 ifix2

• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7236295

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

71) Memory leak

EUVDB-ID: #VU89988

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52670

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the virtio_rpmsg_release_device() function in drivers/rpmsg/virtio_rpmsg_bus.c. A local user can perform a denial of service (DoS) attack.

Install update from vendor's website.

IBM API Connect: 10.0.5.0 - 10.0.8.2 ifix2

• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7236295

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

72) Improper locking

EUVDB-ID: #VU91504

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52774

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the dasd_profile_start() function in drivers/s390/block/dasd.c. A local user can perform a denial of service (DoS) attack.

Install update from vendor's website.

IBM API Connect: 10.0.5.0 - 10.0.8.2 ifix2

• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7236295

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

73) Use-after-free

EUVDB-ID: #VU91597

Risk: Critical

CVSSv4.0: 8.5 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:A/U:Red]

CVE-ID: CVE-2024-36971

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

The vulnerability allows a remote attacker to execute arbitrary code on the system.

The vulnerability exists due to a use-after-free error within the xfrm_link_failure() function in net/xfrm/xfrm_policy.c, within the dst_entry ip6_dst_check() and ip6_dst_check() functions in net/ipv6/route.c, within the dst_entry ipv4_dst_check() and ip_do_redirect() functions in net/ipv4/route.c. A remote attacker can send specially crafted packets to the system and execute arbitrary code.

Note, the vulnerability is being actively exploited in the wild.

Install update from vendor's website.

IBM API Connect: 10.0.5.0 - 10.0.8.2 ifix2

• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7236295

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

Yes. This vulnerability is being exploited in the wild.

74) Resource management error

EUVDB-ID: #VU93206

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-26707

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the send_hsr_supervision_frame() and send_prp_supervision_frame() functions in net/hsr/hsr_device.c. A local user can perform a denial of service (DoS) attack.

Install update from vendor's website.

IBM API Connect: 10.0.5.0 - 10.0.8.2 ifix2

• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7236295

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

75) Out-of-bounds read

EUVDB-ID: #VU90819

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-36960

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the vmw_event_fence_action_create() function in drivers/gpu/drm/vmwgfx/vmwgfx_fence.c. A local user can perform a denial of service (DoS) attack.

Install update from vendor's website.

IBM API Connect: 10.0.5.0 - 10.0.8.2 ifix2

• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7236295

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

76) Use-after-free

EUVDB-ID: #VU90047

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-36904

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the tcp_twsk_unique() function in net/ipv4/tcp_ipv4.c. A local user can escalate privileges on the system.

Install update from vendor's website.

IBM API Connect: 10.0.5.0 - 10.0.8.2 ifix2

• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7236295

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

77) Out-of-bounds read

EUVDB-ID: #VU93022

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-36477

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the tpm_tis_spi_write_bytes() function in drivers/char/tpm/tpm_tis_spi_main.c. A local user can perform a denial of service (DoS) attack.

Install update from vendor's website.

IBM API Connect: 10.0.5.0 - 10.0.8.2 ifix2

• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7236295

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

78) NULL pointer dereference

EUVDB-ID: #VU90542

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-35940

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the psz_kmsg_read() function in fs/pstore/zone.c. A local user can perform a denial of service (DoS) attack.

Install update from vendor's website.

IBM API Connect: 10.0.5.0 - 10.0.8.2 ifix2

• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7236295

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

79) Use-after-free

EUVDB-ID: #VU90180

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-27052

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the rtl8xxxu_stop() function in drivers/net/wireless/realtek/rtl8xxxu/rtl8xxxu_core.c. A local user can escalate privileges on the system.

Install update from vendor's website.

IBM API Connect: 10.0.5.0 - 10.0.8.2 ifix2

• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7236295

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

80) NULL pointer dereference

EUVDB-ID: #VU90555

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-27028

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the mtk_spi_interrupt() function in drivers/spi/spi-mt65xx.c. A local user can perform a denial of service (DoS) attack.

Install update from vendor's website.

IBM API Connect: 10.0.5.0 - 10.0.8.2 ifix2

• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7236295

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

81) Input validation error

EUVDB-ID: #VU90857

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-26982

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the squashfs_new_inode() function in fs/squashfs/inode.c. A local user can perform a denial of service (DoS) attack.

Install update from vendor's website.

IBM API Connect: 10.0.5.0 - 10.0.8.2 ifix2

• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7236295

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

82) Memory leak

EUVDB-ID: #VU93765

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-26825

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the nci_free_device() function in net/nfc/nci/core.c. A local user can perform a denial of service (DoS) attack.

Install update from vendor's website.

IBM API Connect: 10.0.5.0 - 10.0.8.2 ifix2

• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7236295

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

83) Race condition

EUVDB-ID: #VU88938

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-26737

CWE-ID: CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Exploit availability: No

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a race condition between the bpf_timer_cancel_and_free and bpf_timer_cancel calls in kernel/bpf/helpers.c. A local user can exploit the race and escalate privileges on the system.

Install update from vendor's website.

IBM API Connect: 10.0.5.0 - 10.0.8.2 ifix2

• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7236295

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

84) Out-of-bounds read

EUVDB-ID: #VU91100

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-26702

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the rm3100_common_probe() function in drivers/iio/magnetometer/rm3100-core.c. A local user can perform a denial of service (DoS) attack.

Install update from vendor's website.

IBM API Connect: 10.0.5.0 - 10.0.8.2 ifix2

• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7236295

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

85) NULL pointer dereference

EUVDB-ID: #VU90448

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52844

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the vidtv_psi_service_desc_init() and kstrdup() functions in drivers/media/test-drivers/vidtv/vidtv_psi.c. A local user can perform a denial of service (DoS) attack.

Install update from vendor's website.

IBM API Connect: 10.0.5.0 - 10.0.8.2 ifix2

• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7236295

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

86) Information disclosure

EUVDB-ID: #VU91365

Risk: Low

CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-26697

CWE-ID: CWE-200 - Exposure of sensitive information to an unauthorized actor

Exploit availability: No

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to information disclosure within the nilfs_prepare_segment_for_recovery(), nilfs_recovery_copy_block() and nilfs_recover_dsync_blocks() functions in fs/nilfs2/recovery.c. A local user can gain access to sensitive information.

Install update from vendor's website.

IBM API Connect: 10.0.5.0 - 10.0.8.2 ifix2

• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7236295

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

87) Improper locking

EUVDB-ID: #VU90795

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-26696

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the nilfs_page_mkwrite() function in fs/nilfs2/file.c. A local user can perform a denial of service (DoS) attack.

Install update from vendor's website.

IBM API Connect: 10.0.5.0 - 10.0.8.2 ifix2

• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7236295

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

88) Integer overflow

EUVDB-ID: #VU91180

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-26668

CWE-ID: CWE-190 - Integer overflow

Exploit availability: No

The vulnerability allows a local user to execute arbitrary code.

The vulnerability exists due to integer overflow within the nft_limit_eval() and nft_limit_init() functions in net/netfilter/nft_limit.c. A local user can execute arbitrary code.

Install update from vendor's website.

IBM API Connect: 10.0.5.0 - 10.0.8.2 ifix2

• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7236295

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

89) Improper authentication

EUVDB-ID: #VU103771

Risk: Medium

CVSSv4.0: 1.7 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2024-12797

CWE-ID: CWE-287 - Improper Authentication

Exploit availability: No

The vulnerability allows a remote attacker to perform MitM attack.

The vulnerability exists due to an error when using RFC7250 Raw Public Keys (RPKs) to authenticate a server. TLS and DTLS connections using raw public keys are vulnerable to man-in-middle attacks when server authentication failure is not detected by clients.

Note, the vulnerability can be exploited only when TLS clients explicitly enable RPK use by the server, and the server, likewise, enables sending of an RPK instead of an X.509 certificate chain.

Install update from vendor's website.

IBM API Connect: 10.0.5.0 - 10.0.8.2 ifix2

• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7236295

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

90) Use of Uninitialized Variable

EUVDB-ID: #VU102730

Risk: Medium

CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2024-12085

CWE-ID: CWE-457 - Use of Uninitialized Variable

Exploit availability: No

The vulnerability allows a remote attacker to gain access to sensitive information.

The vulnerability exists due to information leak when comparing file checksums. A remote attacker can pass specially crafted data to the daemon and read 1 byte of uninitialized memory from stack.

Install update from vendor's website.

IBM API Connect: 10.0.5.0 - 10.0.8.2 ifix2

• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7236295

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

91) Resource exhaustion

EUVDB-ID: #VU103436

Risk: Medium

CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2024-11187

CWE-ID: CWE-400 - Resource exhaustion

Exploit availability: No

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to application does not properly control consumption of internal resources when handling DNS zones with numerous records in the Additional section. A remote attacker can trigger resource exhaustion by sending multiple queries to he affected server and perform a denial of service (DoS) attack.

Install update from vendor's website.

IBM API Connect: 10.0.5.0 - 10.0.8.2 ifix2

• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7236295

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

92) Input validation error

EUVDB-ID: #VU100516

Risk: Medium

CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2024-11168

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

The vulnerability allows a remote attacker to bypass security restrictions.

The vulnerability exists due to insufficient validation of bracketed hosts (e.g. []) within the urllib.parse.urlsplit() and urlparse() functions allowing hosts that weren't IPv6 or IPvFuture. A remote attacker can pass specially crafted IP address to the application to bypass implemented IP-based security checks or perform SSRF attacks.

Install update from vendor's website.

IBM API Connect: 10.0.5.0 - 10.0.8.2 ifix2

• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7236295

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

93) Use-after-free

EUVDB-ID: #VU106161

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-53025

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the fs/nfsd/nfs4proc.c. A local user can escalate privileges on the system.

Install update from vendor's website.

IBM API Connect: 10.0.5.0 - 10.0.8.2 ifix2

• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7236295

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

94) Use-after-free

EUVDB-ID: #VU106163

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-53021

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the taprio_reset() and taprio_destroy() functions in net/sched/sch_taprio.c. A local user can escalate privileges on the system.

Install update from vendor's website.

IBM API Connect: 10.0.5.0 - 10.0.8.2 ifix2

• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7236295

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

95) NULL pointer dereference

EUVDB-ID: #VU90433

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-52858

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the mtk_topckgen_init(), mtk_infrasys_init() and mtk_pericfg_init() functions in drivers/clk/mediatek/clk-mt7629.c. A local user can perform a denial of service (DoS) attack.

Install update from vendor's website.

IBM API Connect: 10.0.5.0 - 10.0.8.2 ifix2

• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.5.2:*:*:*:*:*:*:*

https://www.ibm.com/support/pages/node/7236295

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.