Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to multiple Vim-minimal Package Issues

Summary

IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to multiple Vim-minimal Package Issues. This package has been removed from the base image used by our Speech Services and the following vulnerabilities have been addressed. Please read the details for remediation below.

Vulnerability Details

CVEID:CVE-2020-20703
**DESCRIPTION:**Vimis vulnerable to a buffer overflow, caused by improper bounds checking. By sending specially crafted operand parameter, a remote attacker could overflow a buffer and execute arbitrary code on the system.
CVSS Base score: 9.8
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/259011 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)

CVEID:CVE-2021-3903
**DESCRIPTION:**Vim is vulnerable to a heap-based buffer overflow, caused by improper bounds checking. By sending a specially-crafted input, a local attacker could overflow a buffer and execute arbitrary code or cause a denial of service condition on the system.
CVSS Base score: 8.4
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/212524 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)

CVEID:CVE-2021-3927
**DESCRIPTION:**vim is vulnerable to a heap-based buffer overflow, caused by improper bounds checking when processing files. By persuading a victim to open a specially-crafted file, a remote attacker could overflow a buffer and execute arbitrary code in the context of the current process.
CVSS Base score: 7.8
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/212969 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)

CVEID:CVE-2021-3928
**DESCRIPTION:**vim is vulnerable to a stack-based buffer overflow, caused by improper bounds checking when processing files. By persuading a victim to open a specially-crafted file, a remote attacker could overflow a buffer and execute arbitrary code in the context of the current process.
CVSS Base score: 7.8
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/212968 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)

CVEID:CVE-2021-3968
**DESCRIPTION:**Vim is vulnerable to a heap-based buffer overflow, caused by a user-after-free flaw in the ml_append_int component. By sending a specially-crafted request, a remote authenticated attacker could overflow a buffer and execute arbitrary code on the system.
CVSS Base score: 8
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/213779 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H)

CVEID:CVE-2021-3973
**DESCRIPTION:**Vim is vulnerable to a heap-based buffer overflow, caused by improper bounds checking. By persuading a victim to open a specially-crafted file, a remote attacker could overflow a buffer and execute arbitrary code on the system.
CVSS Base score: 7.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/213778 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:H)

CVEID:CVE-2021-3974
**DESCRIPTION:**Vim is vulnerable to a denial of service, caused by a use-after-free flaw. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause a denial of service.
CVSS Base score: 7.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/213777 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:H)

CVEID:CVE-2021-4136
**DESCRIPTION:**Vim is vulnerable to a heap-based buffer overflow, caused by improper bounds checking. By persuading a victim to open a specially-crafted file, a remote attacker could overflow a buffer and execute arbitrary code on the system.
CVSS Base score: 7.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/215860 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:L)

CVEID:CVE-2021-4166
**DESCRIPTION:**Vim is vulnerable to a denial of service, caused by an out-of-bounds read. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause a denial of service.
CVSS Base score: 7.1
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/216127 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H)

CVEID:CVE-2021-4173
**DESCRIPTION:**Vim is vulnerable to a denial of service, caused by a use after free vulnerability. By persuading a victim to open a specially-crafted file, a remote authenticated attacker could exploit this vulnerability to cause a denial of service.
CVSS Base score: 6.8
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/216124 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:H)

CVEID:CVE-2021-4187
**DESCRIPTION:**Vim is vulnerable to a denial of service, caused by a use-after-free flaw. By persuading a victim to open a specially-crafted file, a remote authenticated attacker could exploit this vulnerability to cause the application to crash.
CVSS Base score: 6.8
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/216467 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:H)

CVEID:CVE-2022-0213
**DESCRIPTION:**Vim is vulnerable to a heap-based buffer overflow, caused by improper bounds checking. By persuading a victim to open a specially-crafted file, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash.
CVSS Base score: 6.1
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/217342 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H)

CVEID:CVE-2022-0351
**DESCRIPTION:**Vim could allow a local attacker to execute arbitrary code on the system, caused by access of a memory location before start of a buffer. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CVSS Base score: 8.4
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/218102 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)

CVEID:CVE-2022-0413
**DESCRIPTION:**Vim could allow a local attacker to execute arbitrary code on the system, caused by a use-after-free in the skipwhite function. An attacker could exploit this vulnerability to execute arbitrary code on the system.
CVSS Base score: 8.4
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/218421 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)

CVEID:CVE-2022-1616
**DESCRIPTION:**Vim is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by append_command. By persuading a victim to open a specially-crafted file, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause a denial of service.
CVSS Base score: 7.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/225981 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:H)

CVEID:CVE-2022-1619
**DESCRIPTION:**Vim is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the cmdline_erase_chars function in ex_getln.c:1085. By opening a specially-crafted file, a local authenticated attacker could overflow a buffer and execute arbitrary code on the system or cause a denial of service.
CVSS Base score: 6.1
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/225980 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H)

CVEID:CVE-2022-1620
**DESCRIPTION:**Vim is vulnerable to a denial of service, caused by a NULL pointer dereference in the vim_regexec_string function in regexp.c:2729. By opening a specially-crafted file, a local authenticated attacker could exploit this vulnerability to cause a denial of service.
CVSS Base score: 6.6
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/225978 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H)

CVEID:CVE-2022-1674
**DESCRIPTION:**Vim is vulnerable to a denial of service, caused by a NULL pointer dereference in the vim_regexec_string function in regexp.c. By opening a specially-crafted file, a local authenticated attacker could exploit this vulnerability to cause a denial of service.
CVSS Base score: 6.6
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/226481 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H)

CVEID:CVE-2022-1720
**DESCRIPTION:**Vim is vulnerable to a denial of service, caused by a buffer over-read in the grab_file_name function in findfile.c when parsing DAT files. By persuading a victim to open a specially-crafted DAT file, a remote attacker could exploit this vulnerability to cause a denial of service.
CVSS Base score: 5.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/226743 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H)

CVEID:CVE-2022-1725
**DESCRIPTION:**Vim is vulnerable to a denial of service, caused by a NULL pointer dereference in the vim_regexec_string function when parsing DAT files. By persuading a victim to open a specially-crafted DAT file, a remote attacker could exploit this vulnerability to cause a denial of service.
CVSS Base score: 5.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/226739 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H)

CVEID:CVE-2022-2042
**DESCRIPTION:**Vim could allow a remote authenticated attacker to execute arbitrary code on the system, caused by a use after free flaw in skipwhite. By persuading a victim to open a specially-crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CVSS Base score: 7.4
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/228552 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:L)

CVEID:CVE-2022-2124
**DESCRIPTION:**Vim could allow a remote attacker to execute arbitrary code on the system, caused by a buffer over-read in the current_quote function in textobject.c:1801. By persuading a victim to open a specially-crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system or cause a denial of service.
CVSS Base score: 7.8
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/229307 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)

CVEID:CVE-2022-2125
**DESCRIPTION:**Vim is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the get_lisp_indent function in indent.c:1994. By persuading a victim to open a specially-crafted file, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause a denial of service.
CVSS Base score: 7.8
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/229306 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)

CVEID:CVE-2022-2126
**DESCRIPTION:**Vim could allow a remote attacker to execute arbitrary code on the system, caused by an out-of-bounds read in the suggest_trie_walk function in spellsuggest.c:1437. By persuading a victim to open a specially-crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system or cause a denial of service.
CVSS Base score: 7.8
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/229305 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)

CVEID:CVE-2022-2129
**DESCRIPTION:**Vim could allow a remote attacker to execute arbitrary code on the system, caused by an out-of-bounds write in the vim_regsub_both function in regexp.c:1973. By persuading a victim to open a specially-crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system or cause a denial of service.
CVSS Base score: 7.8
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/229303 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)

CVEID:CVE-2022-2175
**DESCRIPTION:**Vim could allow a remote attacker to execute arbitrary code on the system, caused by a buffer over-read in the put_on_cmdline function in ex_getln.c:3540. By persuading a victim to open a specially-crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system or cause a denial of service.
CVSS Base score: 7.8
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/229630 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)

CVEID:CVE-2022-2182
**DESCRIPTION:**Vim is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the utf_ptr2char function in mbyte.c:1794. By opening a specially-crafted file, a remote authenticated attacker could overflow a buffer and execute arbitrary code on the system or cause a denial of service.
CVSS Base score: 7.8
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/229629 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)

CVEID:CVE-2022-2183
**DESCRIPTION:**Vim could allow a remote attacker to execute arbitrary code on the system, caused by an out-of-bounds read in the get_lisp_indent function in indent.c:2083. By persuading a victim to open a specially-crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system or cause a denial of service.
CVSS Base score: 7.8
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/229628 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)

CVEID:CVE-2022-2206
**DESCRIPTION:**Vim could allow a remote attacker to execute arbitrary code on the system, caused by an out-of-bounds read in the function msg_outtrans_attr. By persuading a victim to open a specially-crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system or cause a denial of service.
CVSS Base score: 7.8
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/229793 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)

CVEID:CVE-2022-2207
**DESCRIPTION:**Vim is vulnerable a heap-based buffer overflow, caused by improper bounds checking in function ins_bs. By persuading a victim to open a specially crafted file, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash.
CVSS Base score: 7.8
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/229792 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)

CVEID:CVE-2022-2208
**DESCRIPTION:**Vim is vulnerable to a denial of service, caused by a NULL pointer dereference in function diff_check in vim/vim. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause a denial of service.
CVSS Base score: 5.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/229791 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H)

CVEID:CVE-2022-2210
**DESCRIPTION:**Vim could allow a remote attacker to execute arbitrary code on the system, caused by an out-of-bounds in function ml_append_int. By persuading a victim to open a specially-crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system or cause a denial of service.
CVSS Base score: 7.8
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/229790 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)

CVEID:CVE-2022-2257
**DESCRIPTION:**Vim could allow a remote attacker to execute arbitrary code on the system, caused by an out-of-bounds read in the msg_outtrans_special function in message.c:1716. By persuading a victim to open a specially-crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system or cause a denial of service.
CVSS Base score: 7.8
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/230281 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)

CVEID:CVE-2022-2284
**DESCRIPTION:**Vim is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the utfc_ptr2len function in mbyte.c:2113. By persuading a victim to open a specially-crafted file, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause a denial of service.
CVSS Base score: 7.8
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/230452 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)

Affected Products and Versions

Remediation/Fixes

Product(s)|**Version(s)
**|Remediation/Fix/Instructions
—|—|—
IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data| 5.0.1| The fix in 5.0.1 applies to all versions listed (4.0.0-5.0.0). Version 5.0.1 can be downloaded and installed from: <https://www.ibm.com/docs/en/cloud-paks/cp-data&gt;

Workarounds and Mitigations

None