SB2024121316 - Multiple vulnerabilities in IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data

Description

This security bulletin contains information about 7 secuirty vulnerabilities.

1) NULL pointer dereference (CVE-ID: CVE-2022-3857)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dereference error within the png_setup_paeth_row() function in pngwutil.c. A remote attacker can pass specially crafted data to the application and perform a denial of service (DoS) attack.

2) Improper input validation (CVE-ID: CVE-2023-36632)

The vulnerability allows a remote authenticated user to perform service disruption.

The vulnerability exists due to improper input validation within the RDBMS (Python) in Oracle Database Server. A remote authenticated user can exploit this vulnerability to perform service disruption.

3) Resource management error (CVE-ID: CVE-2023-6237)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to the way the EVP_PKEY_public_check() function handles RSA public keys. A remote attacker can supply an RSA key obtained from an untrusted source and perform a denial of service (DoS) attack.

4) Resource management error (CVE-ID: CVE-2024-1737)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to improper management of internal resources within the application when handling a very large number of RRs. Resolver caches and authoritative zone databases that hold significant numbers of RRs for the same hostname (of any RTYPE) can suffer from degraded performance as content is being added or updated, and also when handling client queries for this name.

5) Resource exhaustion (CVE-ID: CVE-2024-1975)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to application does not properly control consumption of internal resources. If a server hosts a zone containing a "KEY" Resource Record, or a resolver DNSSEC-validates a "KEY" Resource Record from a DNSSEC-signed domain in cache, a client can exhaust resolver CPU resources by sending a stream of SIG(0) signed requests.

6) Insufficient verification of data authenticity (CVE-ID: CVE-2024-34397)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to missing authorization for D-Bus signals. When a GDBus-based client subscribes to signals from a trusted system service such as NetworkManager on a shared computer, other users of the same computer can send spoofed D-Bus signals that the GDBus-based client will wrongly interpret as having been sent by the trusted system service.

7) Buffer Underwrite ('Buffer Underflow') (CVE-ID: CVE-2024-45490)

The vulnerability allows a remote attacker to compromise the affected system.

The vulnerability exists due to a boundary error in xmlparse.c when handling negative length for XML_ParseBuffer. A remote attacker can pass specially crafted input to the application, trigger buffer underflow and execute arbitrary code on the system.

Remediation

Install update from vendor's website.

References

• https://www.ibm.com/support/pages/node/7178712