SB2023012604 - Multiple vulnerabilities in IBM Spectrum Copy Data Management

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2023012604

SB2023012604 - Multiple vulnerabilities in IBM Spectrum Copy Data Management

Published: January 26, 2023 Updated: June 26, 2024

Security Bulletin ID SB2023012604
Severity
Medium
Patch available
YES
Number of vulnerabilities 15
Exploitation vector Remote access
Highest impact Code execution

Breakdown by Severity

Medium 7% Low 93%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 15 secuirty vulnerabilities.


1) Use-after-free (CVE-ID: CVE-2022-2586)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the the netfilter subsystem implementation in Linux kernel when preventing one nft object from referencing an nft set in another nft table. A local user can trigger a use-after-free error and execute arbitrary code on the system with elevated privileges.


2) Integer underflow (CVE-ID: CVE-2022-2639)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to integer underflow within the reserve_sfa_size() function in the openvswitch kernel module in Linux kernel. A local user can trigger an out-of-bounds read error and crash the system or escalate privileges.



3) Buffer overflow (CVE-ID: CVE-2022-2078)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a boundary error within the nft_set_desc_concat_parse() function in Linux kernel. A local user can trigger memory corruption and execute arbitrary code with elevated privileges.



4) Memory leak (CVE-ID: CVE-2022-0854)

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due memory leak in the Linux kernel’s DMA subsystem when processing DMA_FROM_DEVICE calls. A local user can trigger a memory leak error and read random memory from the kernel space.


5) Use-after-free (CVE-ID: CVE-2022-1016)

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to a use-after-free error in net/netfilter/nf_tables_core.c:nft_do_chain in Linux kernel.. A local user can trigger a use-after-free error and gain access to sensitive information.


6) Double Free (CVE-ID: CVE-2022-28390)

The vulnerability allows a local user to execute arbitrary code with elevated privileges.

The vulnerability exists due to boundary error in ems_usb_start_xmit in drivers/net/can/usb/ems_usb.c. A local user can pass specially crafted data to the application, trigger double free error and execute arbitrary code with elevated privileges.


7) NULL pointer dereference (CVE-ID: CVE-2020-36558)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dereference error in the Linux kernel before 5.5.7 involving a VT_RESIZEX. A local user can perform a denial of service (DoS) attack.


8) Use-after-free (CVE-ID: CVE-2022-1184)

The vulnerability allows a local user to perform a denial of service attack.

The vulnerability exists due to a use-after-free error in fs/ext4/namei.c:dx_insert_block() function in the Linux kernel’s filesystem sub-component.. A local user can trigger use-after-free and perform a denial of service attack.


9) Use-after-free (CVE-ID: CVE-2022-1055)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the tc_new_tfilter in Linux kernel. A local user can run a specially crafted program to trigger a use-after-free error and execute arbitrary code with elevated privileges.


10) Input validation error (CVE-ID: CVE-2022-36946)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of user-supplied input within the nfqnl_mangle() function in net/netfilter/nfnetlink_queue.c in the Linux kernel when processing IPv6 packets. A remote attacker can send specially crafted packets to the system and perform a denial of service (DoS) attack.


11) Input validation error (CVE-ID: CVE-2022-41716)

The vulnerability allows a local user to execute arbitrary OS commands on the system.

The vulnerability exists due to insecure processing of unsanitized NUL values in syscall.StartProcess and os/exec.Cmd. A local user on the Windows operating system can set a specially crafted environment variable and execute arbitrary OS commands on the system.


12) Use-after-free (CVE-ID: CVE-2022-28893)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the SUNRPC subsystem in the Linux kernel. A local user can trigger a use-after-free error and execute arbitrary code with elevated privileges.


13) Improper update of reference count (CVE-ID: CVE-2022-29581)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to improper update of reference count in net/sched in Linux kernel. A local user can execute arbitrary code with root privileges.


14) Use-after-free (CVE-ID: CVE-2022-2938)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error in Linux kernel implementation of Pressure Stall Information. A local user can trigger a use-after-free error and execute arbitrary code with elevated privileges.


15) Use-after-free (CVE-ID: CVE-2021-3640)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error in sco_sock_sendmsg() function of the Linux kernel HCI subsystem. A privileged local user can call ioct UFFDIO_REGISTER or other way trigger race condition to escalate privileges on the system.


Remediation

Install update from vendor's website.

References