SB2025020721 - Multiple vulnerabilities in IBM Flex System Chassis Management Module (CMM)
Published: February 7, 2025
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 8 secuirty vulnerabilities.
1) Buffer overflow (CVE-ID: CVE-2019-9641)
The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.
An issue was discovered in the EXIF component in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. There is an uninitialized read in exif_process_IFD_in_TIFF.
2) Out-of-bounds read (CVE-ID: CVE-2019-9020)
The vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition within the xml_elem_parse_buf() in ext/xmlrpc/libxmlrpc/xml_element.c when reading XML data via the xmlrpc_decode() PHP function. A remote attacker can create a specially crafted XML file, trick the victim into opening it, trigger out-of-bounds read error and read contents of memory on the system.
3) Out-of-bounds read (CVE-ID: CVE-2019-9640)
The vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition in exif_process_SOFn within the PHP EXIF component. A remote attacker can create a specially crafted image file, pass it to the affected application, trigger out-of-bounds read error and read contents of memory on the system.
4) Out-of-bounds read (CVE-ID: CVE-2019-9639)
The vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition in the EXIF component in exif_process_IFD_in_MAKERNOTE when handling the data_len variable. A remote attacker can trigger out-of-bounds read error and read contents of memory on the system.
5) Out-of-bounds read (CVE-ID: CVE-2019-9638)
The vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition in the EXIF component within exif_process_IFD_in_MAKERNOTE when converting maker_note->offset relationship to value_len. A remote attacker can trigger an out-of-bounds read error and read contents of memory on the system.
6) Race condition (CVE-ID: CVE-2019-9637)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a race condition when renaming files on the system, as the rename() PHP function temporary creates files with weak privileges. A local user can exploit this behavior to gain access to sensitive information.
7) Out-of-bounds read (CVE-ID: CVE-2019-9024)
The vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition within the base64_decode_xmlrpc() function in ext/xmlrpc/libxmlrpc/base64.c when parsing untrusted input via the xmlrpc_decode() PHP function. A remote attacker can setup a malicious XMLRPC server, trick the application into connecting to it, trigger out-of-bounds read error and read contents of memory on the system.
8) Out-of-bounds read (CVE-ID: CVE-2019-9023)
The vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a multiple boundary condition within the ext/mbstring/oniguruma/regcomp.c, ext/mbstring/oniguruma/regexec.c, ext/mbstring/oniguruma/regparse.c, ext/mbstring/oniguruma/enc/unicode.c, and ext/mbstring/oniguruma/src/utf32_be.c files when parsing multibyte data in regular expressions. A remote attacker can pass specially crafted input to the application, trigger out-of-bounds read error and read contents of memory on the system.
Remediation
Install update from vendor's website.