CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
AI Score
Confidence
High
IBM Security Guardium has addressed these vulnerabilities in an update.
**CVEID:**CVE-2024-0443 **DESCRIPTION:**Linux Kernel is vulnerable to a denial of service, caused by a flaw in the blkgs destruction path in block/blk-cgroup.c. A local authenticated attacker could exploit this vulnerability to cause system instability. **CWE:**CWE-402: Transmission of Private Resources into a New Sphere (‘Resource Leak’) **CVSS Source:**IBM X-Force **CVSS Base score:**5.5 CVSS Vector:(CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)
**CVEID:**CVE-2023-52628 **DESCRIPTION:**Linux Kernel could allow a local authenticated attacker to obtain sensitive information, caused by stack-based buffer overflow in the nft_exthdr_sctp_eval, nft_exthdr_tcp_eval and nft_exthdr_ipv6_eval functions. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information or cause a denial of service condition. **CWE:**CWE-121: Stack-based Buffer Overflow **CVSS Source:**IBM X-Force **CVSS Base score:**7.3 CVSS Vector:(CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:L)
**CVEID:**CVE-2024-26598 **DESCRIPTION:**Linux Kernel is vulnerable to a denial of service, caused by a use-after-free in LPI translation cache. A local attacker could exploit this vulnerability to cause a denial of service. **CWE:**CWE-416: Use After Free **CVSS Source:**IBM X-Force **CVSS Base score:**6.2 CVSS Vector:(CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
**CVEID:**CVE-2024-26585 **DESCRIPTION:**Linux Kernel is vulnerable to a denial of service, caused by a race condition when submitting thread in the tls subsystem. By sending a specially crafted request, a local attacker could exploit this vulnerability to cause a denial of service condition. **CWE:**CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization (‘Race Condition’) **CVSS Source:**IBM X-Force **CVSS Base score:**5.1 CVSS Vector:(CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H)
**CVEID:**CVE-2024-35960 **DESCRIPTION:**Linux Kernel is vulnerable to a denial of service, caused by incorrectly referencing a just-added rule in the same flow handle. By sending a specially crafted request, a local authenticated attacker could exploit this vulnerability to cause a denial of service condition. **CWE:**CWE-1287: Improper Validation of Specified Type of Input **CVSS Source:**IBM X-Force **CVSS Base score:**5.5 CVSS Vector:(CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)
**CVEID:**CVE-2023-52439 **DESCRIPTION:**Linux Kernel could allow a local authenticated attacker to gain elevated privileges on the system, caused by a use-after-free memory flaw in the uio_open function. By sending a specially crafted request, an authenticated attacker could exploit this vulnerability to gain elevated privileges or cause the system to crash. **CWE:**CWE-416: Use After Free **CVSS Source:**IBM X-Force **CVSS Base score:**7 CVSS Vector:(CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H)
**CVEID:**CVE-2024-25744 **DESCRIPTION:**Linux Kernel could allow a local authenticated attacker to bypass security restrictions, caused by a flaw in rch/x86/coco/tdx/tdx.c and arch/x86/mm/mem_encrypt_amd.c. By sending a specially crafted request, an attacker could exploit this vulnerability to trigger int80 syscall handling at any given point. **CWE:**CWE-287: Improper Authentication **CVSS Source:**IBM X-Force **CVSS Base score:**7.8 CVSS Vector:(CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H)
**CVEID:**CVE-2024-26808 **DESCRIPTION:**Linux Kernel is vulnerable to a denial of service, caused by an error related to handling NETDEV_UNREGISTER for inet/ingress basechain. A local authenticated attacker could exploit this vulnerability to cause a denial of service. **CWE:**CWE-20: Improper Input Validation **CVSS Source:**IBM X-Force **CVSS Base score:**5.5 CVSS Vector:(CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)
**CVEID:**CVE-2024-26993 **DESCRIPTION:**Linux Kernel is vulnerable to a denial of service, caused by a reference leak in sysfs_break_active_protection(). By sending a specially crafted request, a local authenticated attacker could exploit this vulnerability to cause a denial of service. **CWE:**CWE-20: Improper Input Validation **CVSS Source:**IBM X-Force **CVSS Base score:**5.5 CVSS Vector:(CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)
**CVEID:**CVE-2023-52450 **DESCRIPTION:**Linux Kernel is vulnerable to a denial of service, caused by a NULL pointer dereference issue in upi_fill_topology(). A local attacker could exploit this vulnerability to cause a denial of service. **CWE:**CWE-476: NULL Pointer Dereference **CVSS Source:**IBM X-Force **CVSS Base score:**6.2 CVSS Vector:(CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
**CVEID:**CVE-2023-5090 **DESCRIPTION:**KVM is vulnerable to a denial of service, caused by an improper check in svm_set_x2apic_msr_interception(). A local authenticated attacker could exploit this vulnerability to gain direct access to host x2apic msrs when the guest resets its apic, potentially leading to a denial of service. **CWE:**CWE-755: Improper Handling of Exceptional Conditions **CVSS Source:**IBM X-Force **CVSS Base score:**5.5 CVSS Vector:(CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)
**CVEID:**CVE-2024-0565 **DESCRIPTION:**Linux Kernel could allow a remote authenticated attacker to execute arbitrary code on the system, caused by an out-of-bounds memory read due to an integer underflow on the memcpy length. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary code or cause a denial of service condition on the system. **CWE:**CWE-191: Integer Underflow (Wrap or Wraparound) **CVSS Source:**CVE.org **CVSS Base score:**6.8 CVSS Vector:(CVSS:3.1/AV:A/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H)
**CVEID:**CVE-2024-27397 **DESCRIPTION:**Linux Kernel could allow a local authenticated attacker to gain elevated privileges on the system, caused by a use-after-free flaw in the netfilter subsystem. By sending a specially crafted request, an authenticated attacker could exploit this vulnerability to gain elevated privileges or cause the system to crash. **CWE:**CWE-416: Use After Free **CVSS Source:**IBM X-Force **CVSS Base score:**7 CVSS Vector:(CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H)
**CVEID:**CVE-2024-35958 **DESCRIPTION:**Linux Kernel is vulnerable to a denial of service, caused by an incorrect descriptor free behavior. By sending a specially crafted request, a local authenticated attacker could exploit this vulnerability to cause a denial of service condition. **CWE:**CWE-1287: Improper Validation of Specified Type of Input **CVSS Source:**IBM X-Force **CVSS Base score:**5.5 CVSS Vector:(CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)
**CVEID:**CVE-2023-52458 **DESCRIPTION:**Linux Kernel is vulnerable to a denial of service, caused by an error related to block: add check that partition length needs to be aligned with block size. A local attacker could exploit this vulnerability to cause a denial of service. **CWE:**CWE-20: Improper Input Validation **CVSS Source:**IBM X-Force **CVSS Base score:**6.2 CVSS Vector:(CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
**CVEID:**CVE-2024-28835 **DESCRIPTION:**GnuTLS is vulnerable to a denial of service, caused by a flaw during chain building/verification. By using a specially crafted .pem bundle using the “certtool --verify-chain” command, a remote attacker could exploit this vulnerability to cause the application to crash. **CWE:**CWE-248: Uncaught Exception **CVSS Source:**IBM X-Force **CVSS Base score:**5 CVSS Vector:(CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H)
**CVEID:**CVE-2024-26601 **DESCRIPTION:**Linux Kernel is vulnerable to a denial of service, caused by an error related to regenerate buddy after block freeing failed if under fc replay. A local attacker could exploit this vulnerability to cause a denial of service. **CWE:**CWE-20: Improper Input Validation **CVSS Source:**IBM X-Force **CVSS Base score:**6.2 CVSS Vector:(CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
**CVEID:**CVE-2024-26735 **DESCRIPTION:**Linux Kernel is vulnerable to a denial of service, caused by a use-after-free and NULL pointer dereference. By sending a specially crafted request, a local authenticated attacker could exploit this vulnerability to cause a denial of service. **CWE:**CWE-476: NULL Pointer Dereference **CVSS Source:**IBM X-Force **CVSS Base score:**5.5 CVSS Vector:(CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)
**CVEID:**CVE-2023-45862 **DESCRIPTION:**Linux Kernel is vulnerable to a denial of service, caused by a flaw in drivers/usb/storage/ene_ub6250.c for the ENE UB6250 reader driver. By using a specially crafted USB device, a physical attacker could exploit this vulnerability to cause a denial of service condition. **CWE:**CWE-770: Allocation of Resources Without Limits or Throttling **CVSS Source:**IBM X-Force **CVSS Base score:**4.6 CVSS Vector:(CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
Affected Product(s) | Version(s) |
---|---|
IBM Security Guardium | 12.0 |
IBM strongly encourages customers to update their systems promptly.
None
Vendor | Product | Version | CPE |
---|---|---|---|
ibm | security_guardium | 12.0 | cpe:2.3:a:ibm:security_guardium:12.0:*:*:*:*:*:*:* |
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
AI Score
Confidence
High