Security Bulletin: Multiple Vulnerabilities in CloudPak for Watson AIOPs

Summary

Multiple vulnerabilities were fixed in IBM Cloud Pak for Watson AIOps

Vulnerability Details

CVEID:CVE-2022-42004
**DESCRIPTION:**FasterXML jackson-databind is vulnerable to a denial of service, caused by a lack of a check in in the BeanDeserializer._deserializeFromArray function. By sending a specially-crafted request using deeply nested arrays, a local attacker could exploit this vulnerability to exhaust all available resources.
CVSS Base score: 6.2
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/237660 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)

CVEID:CVE-2022-42003
**DESCRIPTION:**FasterXML jackson-databind is vulnerable to a denial of service, caused by a lack of a check in the primitive value deserializers when the UNWRAP_SINGLE_VALUE_ARRAYS feature is enabled. By sending a specially-crafted request using deep wrapper array nesting, a local attacker could exploit this vulnerability to exhaust all available resources.
CVSS Base score: 6.2
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/237662 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)

CVEID:CVE-2022-25647
**DESCRIPTION:**Google Gson is vulnerable to a denial of service, caused by the deserialization of untrusted data. By using the writeReplace() method, a remote attacker could exploit this vulnerability to cause a denial of service.
CVSS Base score: 7.7
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/217225 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:H)

CVEID:CVE-2022-29153
**DESCRIPTION:**HashiCorp Consul and HashiCorp Consul Enterprise is vulnerable to server-side request forgery, caused by returning an HTTP redirect in the HTTP health check endpoints. By using a specially-crafted argument, an attacker could exploit this vulnerability to conduct an SSRF attack, allowing the attacker to access or manipulate resources from the perspective of the affected server.
CVSS Base score: 7.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/224817 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N)

CVEID:CVE-2022-24823
**DESCRIPTION:**Netty could allow a local authenticated attacker to obtain sensitive information, caused by a flaw when temporary storing uploads on the disk is enabled. By gaining access to the local system temporary directory, an attacker could exploit this vulnerability to obtain sensitive information, and use this information to launch further attacks against the affected system.
CVSS Base score: 5.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/225922 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N)

CVEID:CVE-2022-45688
**DESCRIPTION:**Hutool is vulnerable to a denial of service, caused by stack-based buffer overflow. By persuading a specially crafted request, a remote attacker could exploit this vulnerability to cause the application to crash.
CVSS Base score: 7.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/242881 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)

CVEID:CVE-2022-3064
**DESCRIPTION:**Go-Yaml package is vulnerable to a denial of service, caused by an unbounded alias chasing flaw. By using a specially-crafted YAML file, a remote attacker could exploit this vulnerability to consume significant CPU or memory resources.
CVSS Base score: 7.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/243452 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)

CVEID:CVE-2021-4235
**DESCRIPTION:**Go-Yaml Yaml Go package is vulnerable to a denial of service, caused by an unbounded alias chasing flaw. By using a specially-crafted YAML file, a remote authenticated attacker could exploit this vulnerability to consume significant system resources, and results in a denial of service condition.
CVSS Base score: 6.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/243312 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)

CVEID:CVE-2023-28370
**DESCRIPTION:**Tornado could allow a remote attacker to conduct phishing attacks, caused by an open redirect vulnerability. An attacker could exploit this vulnerability to redirect a victim to arbitrary Web sites.
CVSS Base score: 3.4
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/255985 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:N/I:L/A:N)

CVEID:CVE-2019-10768
**DESCRIPTION:**AngularJS could allow a remote attacker to bypass security restrictions, caused by a prototype pollution flaw in the merge function. By sending a specially-crafted request using a constructor payload, a remote attacker could exploit this vulnerability to add or modify properties of Object.prototype.
CVSS Base score: 7.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/172185 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)

CVEID:CVE-2021-32574
**DESCRIPTION:**HashiCorp Consul and Consul Enterprise could allow a remote attacker to bypass security restrictions, caused by improper validation of the destination service identity in the encoded subject alternative name in the Envoy proxy TLS configuration. By sending a specially-crafted request, an attacker could exploit this vulnerability to allow one service to potentially masquerade as another.
CVSS Base score: 5.9
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/205710 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N)

CVEID:CVE-2021-36213
**DESCRIPTION:**HashiCorp Consul and Consul Enterprise could allow a remote attacker to bypass security restrictions, caused by a flaw when using default_policy = “deny” with a single L7 application-aware. By sending a specially-crafted request, an attacker could exploit this vulnerability to cause the intention deny action to cancel out, and results in an incorrectly fail open to allow L4 traffic.
CVSS Base score: 7.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/205712 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N)

CVEID:CVE-2023-22946
**DESCRIPTION:**Apache Spark could allow a remote authenticated attacker to gain elevated privileges on the system, caused by a flaw when using spark-submit. By providing specially crafted configuration-related classes on the classpath, an authenticated attacker could exploit this vulnerability to execute arbitrary code with the privileges of the submitting user…
CVSS Base score: 8.8
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/252824 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)

CVEID:CVE-2022-40899
**DESCRIPTION:**Python Charmers Future is vulnerable to a denial of service, caused by improper input validation. By sending crafted Set-Cookie header from malicious web server, an remote attacker could exploit this vulnerability to cause a denial of service.
CVSS Base score: 7.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/243065 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)

CVEID:CVE-2022-25265
**DESCRIPTION:**Linux Kernel could allow a local authenticated attacker to execute arbitrary code on the system, caused by a flaw with certain binary files have the exec-all attribute with gcc. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CVSS Base score: 7.8
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/219788 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)

CVEID:CVE-2023-30601
**DESCRIPTION:**Apache Cassandra could allow a local authenticated attacker to gain elevated privileges on the system, caused by a flaw in the FQL/Audit logs implementation. By executing a specially crafted nodetool archive command, an attacker could exploit this vulnerability to gain elevated privileges.
CVSS Base score: 7.8
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/256502 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)

CVEID:CVE-2021-26341
**DESCRIPTION:**Xen and multiple AMD CPUs could allow a local authenticated attacker to obtain sensitive information, caused by the use of speculative execution past unconditional changes in control flow. An attacker could exploit this vulnerability using a side-channel analysis, aka “straight-line speculation” to obtain sensitive information.
CVSS Base score: 5.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/221224 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N)

CVEID:CVE-2021-33655
**DESCRIPTION:**Linux Kernel could allow a local authenticated attacker to execute arbitrary code on the system, caused by an memory out-of-bounds write in ioctl cmd FBIOPUT_VSCREENINFO. By sending malicious data, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CVSS Base score: 6.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/231424 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:H)

CVEID:CVE-2021-33656
**DESCRIPTION:**Linux Kernel could allow a local authenticated attacker to execute arbitrary code on the system, caused by an memory out-of-bounds write in ioctl cmd PIO_FONT. By setting font with malicious data, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CVSS Base score: 6.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/231423 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:H)

CVEID:CVE-2022-1462
**DESCRIPTION:**Linux Kernel is vulnerable to a denial of service, caused by a race condition in drivers/tty/tty_buffers.c. By sending a specially-crafted request, a local attacker could exploit this vulnerability to cause a denial of service condition.
CVSS Base score: 6.2
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/227501 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)

CVEID:CVE-2022-1679
**DESCRIPTION:**Linux Kernel could allow a local authenticated attacker to gain elevated privileges on the system, caused by a use-after-free flaw in the ath9k_htc_wait_for_target function of the Atheros wireless adapter driver. By sending a specially-crafted request, an attacker could exploit this vulnerability to gain elevated privileges, or cause a denial of service.
CVSS Base score: 7
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/226853 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H)

CVEID:CVE-2022-1789
**DESCRIPTION:**Linux Kernel is vulnerable to a denial of service, caused by a NULL pointer dereference flaw in the kvm_mmu_invpcid_gva function. By sending a specially-crafted request, a local attacker could exploit this vulnerability to cause a denial of service condition.
CVSS Base score: 6.2
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/227320 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)

CVEID:CVE-2022-20141
**DESCRIPTION:**Google Android could allow a local attacker to gain elevated privileges on the system, caused by a use-after-free due to improper locking in the ip_check_mc_rcu function in igmp.c. By sending a specially-crafted request, an attacker could exploit this vulnerability to gain elevated privileges.
CVSS Base score: 8.4
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/228896 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)

CVEID:CVE-2022-2196
**DESCRIPTION:**Linux Kernel could allow a local authenticated attacker to execute arbitrary code on the system, caused by a regression within KVM: nVMX that allowed for speculative execution attacks. An attacker could exploit this vulnerability to execute code on an indirect branch on the host machine.
CVSS Base score: 8.8
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/244830 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H)

CVEID:CVE-2022-2663
**DESCRIPTION:**Linux Kernel could allow a remote attacker to bypass security restrictions, caused by an issue in nf_conntrack_irc. By sending a specially-crafted request, an attacker could exploit this vulnerability to bypass firewall.
CVSS Base score: 5.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/234857 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)

CVEID:CVE-2022-3028
**DESCRIPTION:**Linux Kernel could allow a local authenticated attacker to execute arbitrary code on the system, caused by race condition in the IP framework for transforming packets (XFRM subsystem). By executing a specially-crafted program, an attacker could exploit this vulnerability to execute arbitrary code or cause a denial of service condition on the system.
CVSS Base score: 6.7
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/235013 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H)

CVEID:CVE-2022-30594
**DESCRIPTION:**Linux Kernel could allow a local authenticated attacker to bypass security restrictions, caused by a flaw in the PT_SUSPEND_SECCOMP ptrace flag. By executing a specially-crafted program, an attacker could exploit this vulnerability to perform permission bypass.
CVSS Base score: 7.8
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/226017 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)

CVEID:CVE-2022-3239
**DESCRIPTION:**Linux Kernel could allow a local authenticated attacker to gain elevated privileges on the system, caused by a use after free flaw in the em28xx_usb_probe() function in the video4linux driver. By sending a specially-crafted request, an attacker could exploit this vulnerability to gain elevated privileges or cause a denial of service.
CVSS Base score: 7.8
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/236815 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)

CVEID:CVE-2022-3524
**DESCRIPTION:**Linux Kernel is vulnerable to a denial of service, caused by an error in the function ipv6_renew_options of the component IPv6 Handler. A remote authenticated attacker could exploit this vulnerability to cause a denial of service.
CVSS Base score: 4.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/238725 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L)

CVEID:CVE-2022-3564
**DESCRIPTION:**A use-after-free in the function l2cap_reassemble_sdu of the file net/bluetooth/l2cap_core.c of the component Bluetooth in Linux Kernel could allow a remote authenticated attacker from within the local network to cause an unknown impact.
CVSS Base score: 5.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/238741 for the current score.
CVSS Vector: (CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L)

CVEID:CVE-2022-3566
**DESCRIPTION:**A race condition in the function tcp_getsockopt/tcp_setsockopt of the component TCP Handler in Linux Kernel could allow a remote authenticated attacker from within the local network to cause an unknown impact.
CVSS Base score: 4.6
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/238743 for the current score.
CVSS Vector: (CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L)

CVEID:CVE-2022-3567
**DESCRIPTION:**Linux Kernel is vulnerable to a denial of service, caused by a race condition flaw in the inet6_stream_ops/inet6_dgram_ops function in the IPv6 Handler. By sending a specially crafted request, a remote authenticated attacker could exploit this vulnerability to cause a denial of service condition.
CVSS Base score: 5.9
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/238744 for the current score.
CVSS Vector: (CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H)

CVEID:CVE-2022-3619
**DESCRIPTION:**Linux Kernel is vulnerable to a denial of service, caused by a memory leak in the function l2cap_recv_acldata of the file net/bluetooth/l2cap_core.c of the component Bluetooth. A remote authenticated attacker from within the local network could exploit this vulnerability to cause a denial of service.
CVSS Base score: 3.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/238750 for the current score.
CVSS Vector: (CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L)

CVEID:CVE-2022-3623
**DESCRIPTION:**A race condition in the function follow_page_pte of the file mm/gup.c of the component BPFin Linux Kernel could allow a remote authenticated attacker to cause an unknown impact.
CVSS Base score: 5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/239446 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L)

CVEID:CVE-2022-3625
**DESCRIPTION:**A use-after-free in the function devlink_param_set/devlink_param_get of the file net/core/devlink.c of the component IPsec in Linux Kernel could allow a remote authenticated attacker from within the local network to cause a denial of service.
CVSS Base score: 2.6
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/239444 for the current score.
CVSS Vector: (CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L)

CVEID:CVE-2022-3628
**DESCRIPTION:**Linux Kernel is vulnerable to a denial of service, caused by an intra-object buffer overflow in brcmfmac. By using a specially-crafted USB device, a physical attacker could exploit this vulnerability to cause a denial of service condition.
CVSS Base score: 4.6
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/241734 for the current score.
CVSS Vector: (CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)

CVEID:CVE-2022-3707
**DESCRIPTION:**Linux Kernel is vulnerable to a denial of service, caused by a double-free memory flaw in the intel_gvt_dma_map_guest_page function. By sending a specially-crafted request, a local authenticated attacker could exploit this vulnerability to cause the system to crash.
CVSS Base score: 5.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/249364 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)

CVEID:CVE-2022-39188
**DESCRIPTION:**Linux Kernel is vulnerable to a denial of service, caused by a race condition between munmap() and unmap_mapping_range() functions. By executing a specially-crafted program, a local authenticated attacker could exploit this vulnerability to cause a denial of service condition.
CVSS Base score: 4.7
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/234979 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H)

CVEID:CVE-2022-39189
**DESCRIPTION:**Linux Kernel could allow a local authenticated attacker to execute arbitrary code on the system, caused by the failure to clear KVM_VCPU_PREEMPTED by KVM instruction emulation. By executing a specially-crafted program, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CVSS Base score: 7.8
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/234702 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)

CVEID:CVE-2022-41218
**DESCRIPTION:**Linux Kernel is vulnerable to a denial of service, caused by a use-after-free flaw in drivers/media/dvb-core/dmxdev.c due to refcount races. A local attacker could exploit this vulnerability to cause a denial of service.
CVSS Base score: 6.2
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/236698 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)

CVEID:CVE-2022-4129
**DESCRIPTION:**Linux Kernel is vulnerable to a denial of service, caused by a race condition and NULL pointer dereference flaw due to missing lock when clearing sk_user_data in the Layer 2 Tunneling Protocol (L2TP). By sending a specially-crafted request, a local authenticated attacker could exploit this vulnerability to cause the system to crash.
CVSS Base score: 5.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/241397 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)

CVEID:CVE-2022-41674
**DESCRIPTION:**Linux Kernel is vulnerable to a denial of service, caused by a buffer overflow in the cfg80211_update_notlisted_nontrans() function in net/wireless/scan.c in the WiFi subcomponent. By sending a specially-crafted request, a remote authenticated attacker could exploit this vulnerability to cause the system to crash or obtain sensitive kernel information.
CVSS Base score: 7.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/238555 for the current score.
CVSS Vector: (CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H)

CVEID:CVE-2022-42703
**DESCRIPTION:**Linux Kernel is vulnerable to a denial of service, caused by a use-after-free flaw related to leaf anon_vma double reuse in mm/rmap.c. By sending a specially-crafted request, a local attacker could exploit this vulnerability to cause a denial of service.
CVSS Base score: 6.2
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/238058 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)

CVEID:CVE-2022-42720
**DESCRIPTION:**Linux Kernel could allow a remote authenticated attacker to execute arbitrary code on the system, caused by a use-after-free flaw in the bss_ref_get function in net/wireless/scan.c in the multi-BSSID element. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code or cause the system to crash.
CVSS Base score: 8
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/238557 for the current score.
CVSS Vector: (CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)

CVEID:CVE-2022-42721
**DESCRIPTION:**Linux Kernel is vulnerable to a denial of service, caused by a list corruption flaw in the cfg80211_add_nontrans_list function in net/wireless/scan.c. By sending a specially-crafted request, a remote authenticated attacker could exploit this vulnerability to cause a denial of service condition.
CVSS Base score: 5.7
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/238558 for the current score.
CVSS Vector: (CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)

CVEID:CVE-2022-42722
**DESCRIPTION:**Linux Kernel is vulnerable to a denial of service, caused by a flaw in P2P-Device in wifi in ieee80211_rx_h_decrypt in net/mac80211/rx.c. By sending a specially-crafted request, a local authenticated attacker could exploit this vulnerability to cause a denial of service condition.
CVSS Base score: 5.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/238559 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)

CVEID:CVE-2022-43750
**DESCRIPTION:**An unspecified vulnerability in drivers/usb/mon/mon_bin.c in usbmon in the Linux Kernel could allow a local authenticated attacker to corrupt the monitor’s internal memory.
CVSS Base score: 7.8
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/239130 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)

CVEID:CVE-2022-47929
**DESCRIPTION:**Linux Kernel is vulnerable to a denial of service, caused by a NULL pointer dereference in the traffic control subsystem. By using specially crafted traffic control configuration that is set up with “tc qdisc” and “tc class” commands, a local attacker could exploit this vulnerability to cause the system to crash.
CVSS Base score: 6.2
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/245174 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)

CVEID:CVE-2023-0394
**DESCRIPTION:**Linux Kernel s vulnerable to a denial of service, caused by a NULL pointer dereference flaw in the rawv6_push_pending_frames function in net/ipv6/raw.c. By sending a specially-crafted request, a remote authenticated attacker could exploit this vulnerability to cause the system to crash.
CVSS Base score: 4.9
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/245058 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H)

CVEID:CVE-2023-0461
**DESCRIPTION:**Linux Kernel could allow a local authenticated attacker to gain elevated privileges on the system, caused by a use-after-free bug of icsk_ulp_data of a struct inet_connection_sock. An attacker could exploit this vulnerability to gain elevated privileges on the system.
CVSS Base score: 7.8
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/248801 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)

CVEID:CVE-2023-1195
**DESCRIPTION:**Linux Kernel is vulnerable to a denial of service, caused by a use-after-free flaw in the reconn_set_ipaddr_from_hostname function in fs/cifs/connect.c. By sending a specially crafted request, a remote authenticated attacker could exploit this vulnerability to cause a denial of service condition.
CVSS Base score: 6.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/255838 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)

CVEID:CVE-2023-1582
**DESCRIPTION:**Linux Kernel is vulnerable to a denial of service, caused by a race condition in fs/proc/task_mmu.c in the memory management sub-component. By sending a specially crafted request, a remote attacker could exploit this vulnerability to cause a denial of service condition.
CVSS Base score: 5.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/252172 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)

CVEID:CVE-2023-23454
**DESCRIPTION:**Linux Kernel is vulnerable to a denial of service, caused by a slab-out-of-bounds read flaw in the cbq_classify function in net/sched/sch_cbq.c. By sending a specially-crafted request, a local attacker could exploit this vulnerability to cause a denial of service condition.
CVSS Base score: 6.2
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/244597 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)

CVEID:CVE-2022-23471
**DESCRIPTION:**containerd is vulnerable to a denial of service, caused by a flaw in the CRI implementation. By sending a specially-crafted request, a remote authenticated attacker could exploit this vulnerability to exhaust memory on the host, and results in a denial of service condition.
CVSS Base score: 5.7
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/241615 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H)

CVEID:CVE-2023-20883
**DESCRIPTION:**VMware Tanzu Spring Boot is vulnerable to a denial of service, caused by a flaw when Spring MVC is used together with a reverse proxy cache. By sending a specially crafted request, a remote attacker could exploit this vulnerability to cause a denial of service condition.
CVSS Base score: 7.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/255809 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)

CVEID:CVE-2019-11254
**DESCRIPTION:**Kubernetes is vulnerable to a denial of service, caused by a flaw in kube-apiserver. By sending a specially-crafted request using YAML payloads, a remote authenticated attacker could exploit this vulnerability to consume excessive CPU cycles.
CVSS Base score: 7.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/178935 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)

CVEID:CVE-2021-3121
**DESCRIPTION:**An unspecified error with the lack of certain index validation, aka the skippy peanut butter issue in GoGo Protobuf has an unknown impact and attack vector.
CVSS Base score: 5.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/194539 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)

CVEID:CVE-2019-9764
**DESCRIPTION:**HashiCorp Consul could allow a remote attacker to obtain sensitive information, caused by the lack of server hostname verification for agent-to-agent TLS communication. By sending a specially-crafted request, an attacker could exploit this vulnerability to obtain sensitive information.
CVSS Base score: 7.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/159148 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)

CVEID:CVE-2020-25864
**DESCRIPTION:**HashiCorp Consul is vulnerable to cross-site scripting, caused by improper validation of user-supplied input of the key-value store by the KV API. A remote attacker could exploit this vulnerability using the raw parameter to inject malicious script into a Web page which would be executed in a victim’s Web browser once the page is viewed. An attacker could use this vulnerability to steal the victim’s cookie-based authentication credentials.
CVSS Base score: 6.1
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/200493 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)

CVEID:CVE-2020-29529
**DESCRIPTION:**HashiCorp go-slug could allow a remote attacker to traverse directories on the system, caused by a flaw in handling files and symlinks in Unpack function. An attacker could send a specially-crafted URL request containing “dot dot” sequences (/…/) to view arbitrary files on the system.
CVSS Base score: 5.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/192621 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)

CVEID:CVE-2020-7919
**DESCRIPTION:**Go is vulnerable to a denial of service. By sending a malformed X.509 certificate, a remote attacker could exploit this vulnerability to cause a system panic.
CVSS Base score: 7.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/178227 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)

CVEID:CVE-2020-9283
**DESCRIPTION:**Golang golang.org/x/crypto is vulnerable to a denial of service, caused by an error during signature verification in the golang.org/x/crypto/ssh package. By persuading a victim to run a specially crafted file, a remote attacker could exploit this vulnerability to cause a panic.
CVSS Base score: 5.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/176688 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H)

CVEID:CVE-2021-38698
**DESCRIPTION:**HashiCorp Consul and Consul Enterprise could allow a remote authenticated attacker to obtain sensitive information, caused by improper permission validation when registering a proxy for any other service. By sending a specially-crafted request, an attacker could exploit this vulnerability to gain access to service traffic information, and use this information to launch further attacks against the affected system.
CVSS Base score: 6.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/208813 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N)

CVEID:CVE-2022-40716
**DESCRIPTION:**Hashicorp Consul and Consul Enterprise could allow a remote attacker to bypass security restrictions, caused by improper validating multiple SAN URI values in a CSR on the internal RPC endpoint. By sending a specially-crafted CSR request, an attacker could exploit this vulnerability to bypass Consul service mesh intentions.
CVSS Base score: 5.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/237008 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)

CVEID:CVE-2023-1297
**DESCRIPTION:**Hashicorp Consul and Consul Enterprise are vulnerable to a denial of service, caused by a flaw in the cluster peering implementation. By sending a specially crafted request, a remote authenticated attacker could exploit this vulnerability to cause a denial of service condition.
CVSS Base score: 4.9
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/257599 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H)

CVEID:CVE-2020-7676
**DESCRIPTION:**angular.js is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim’s Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim’s cookie-based authentication credentials.
CVSS Base score: 4.4
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/183379 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:N)

CVEID:CVE-2019-14863
**DESCRIPTION:**Angular.js is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim’s Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim’s cookie-based authentication credentials.
CVSS Base score: 6.1
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/173893 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)

CVEID:CVE-2023-1732
**DESCRIPTION:**CIRCL could allow a remote attacker to obtain sensitive information, caused by a missing standardized error handling mechanism when sampling randomness for a shared secret. By persuading a victim to open a specially crafted file, an attacker could exploit this vulnerability to obtain shared secrets and use this information to launch further attacks against the affected system.
CVSS Base score: 5.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/255650 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:N)

CVEID:CVE-2023-30861
**DESCRIPTION:**Pallets Flask could allow a remote attacker to obtain sensitive information, caused by missing Vary: Cookie header. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain permanent session cookie information, and use this information to launch further attacks against the affected system.
CVSS Base score: 7.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/254247 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)

Affected Products and Versions

Affected Product(s)	Version(s)
IBM Cloud Pak for Watson AIOps	3.x
IBM Cloud Pak for Watson AIOps	3.x
IBM Cloud Pak for Watson AIOps	3.x
IBM Cloud Pak for Watson AIOps	3.x
IBM Cloud Pak for Watson AIOps	3.x
IBM Cloud Pak for Watson AIOps	3.x
IBM Cloud Pak for Watson AIOps	3.x
IBM Cloud Pak for Watson AIOps	3.x
IBM Cloud Pak for Watson AIOps	3.x
IBM Cloud Pak for Watson AIOps	3.x
IBM Cloud Pak for Watson AIOps	3.x
IBM Cloud Pak for Watson AIOps	3.x
IBM Cloud Pak for Watson AIOps	3.x
IBM Cloud Pak for Watson AIOps	4.x
IBM Cloud Pak for Watson AIOps	3.x
IBM Cloud Pak for Watson AIOps	3.x
IBM Cloud Pak for Watson AIOps	3.x
IBM Cloud Pak for Watson AIOps	3.x
IBM Cloud Pak for Watson AIOps	3.x
IBM Cloud Pak for Watson AIOps	3.x
IBM Cloud Pak for Watson AIOps	3.x
IBM Cloud Pak for Watson AIOps	3.x
IBM Cloud Pak for Watson AIOps	3.x
IBM Cloud Pak for Watson AIOps	3.x
IBM Cloud Pak for Watson AIOps	3.x
IBM Cloud Pak for Watson AIOps	3.x

Remediation/Fixes

IBM strongly suggests that you address the vulnerabilities now for all affected products/versions listed above by installing Fix:

<https://www.ibm.com/docs/en/cloud-paks/cloud-pak-watson-aiops/4.1.0?topic=upgrading&gt;

Workarounds and Mitigations

None