SB2026022716 - Multiple vulnerabilities in IBM QRadar SIEM

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2026022716

SB2026022716 - Multiple vulnerabilities in IBM QRadar SIEM

Published: February 27, 2026

Security Bulletin ID SB2026022716
Severity
Critical
Patch available
YES
Number of vulnerabilities 11
Exploitation vector Remote access
Highest impact Code execution

Breakdown by Severity

Critical 9% High 9% Medium 18% Low 64%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 11 secuirty vulnerabilities.


1) Stack-based buffer overflow (CVE-ID: CVE-2025-68615)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error within the SnmpTrapd service. A remote unauthenticated attacker can send specially crafted input to port 162/UDP, trigger a stack-based buffer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.


2) Integer overflow (CVE-ID: CVE-2025-13601)

The vulnerability allows a remote attacker to crash the application.

The vulnerability exists due to integer overflow within the g_escape_uri_string() function. A remote attacker can pass specially crafted data to the application, trigger an integer overflow and perform a denial of service attack. 


3) Out-of-bounds write (CVE-ID: CVE-2025-9230)

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a boundary error when trying to decrypt CMS messages encrypted using password based encryption. A remote attacker can trigger an out-of-bounds write and execute arbitrary code on the target system.

Successful exploitation of the vulnerability requires that password based (PWRI) encryption support in CMS messages is enabled. 


4) Use-after-free (CVE-ID: CVE-2023-53673)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the hci_cs_disconnect() function in net/bluetooth/hci_event.c. A local user can escalate privileges on the system.


5) Out-of-bounds read (CVE-ID: CVE-2025-40154)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the log_quirks() function in sound/soc/intel/boards/bytcr_rt5640.c. A local user can perform a denial of service (DoS) attack.


6) Use-after-free (CVE-ID: CVE-2025-40248)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the vsock_connect() function in net/vmw_vsock/af_vsock.c. A local user can escalate privileges on the system.


7) Out-of-bounds read (CVE-ID: CVE-2025-40277)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the vmw_cmd_check() function in drivers/gpu/drm/vmwgfx/vmwgfx_execbuf.c. A local user can perform a denial of service (DoS) attack.


8) Out-of-bounds write (CVE-ID: CVE-2025-68973)

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a boundary error within the armor_filter() function in g10/armor.c. A remote attacker can pass specially crafted input to the application, trigger an out-of-bounds write and execute arbitrary code on the target system.


9) Use-after-free (CVE-ID: CVE-2025-39993)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the display_open(), send_packet(), vfd_write(), lcd_write() and imon_disconnect() functions in drivers/media/rc/imon.c. A local user can escalate privileges on the system.


10) NULL pointer dereference (CVE-ID: CVE-2025-40240)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the sctp_inq_pop() function in net/sctp/inqueue.c. A local user can perform a denial of service (DoS) attack.


11) Use-after-free (CVE-ID: CVE-2025-68285)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the monmap_show() and osdmap_show() functions in net/ceph/debugfs.c. A local user can escalate privileges on the system.


Remediation

Install update from vendor's website.

References