Lucene search

K
ibmIBMD919DD3ABC738C78F022F9616EE0C0EF09AB2836986990B6A556B4429C4C843E
HistoryJan 12, 2023 - 9:59 p.m.

Security Bulletin: Redhat glibc Vulnerability affects Watson Speech Services

2023-01-1221:59:00
www.ibm.com
25

0.0005 Low

EPSS

Percentile

16.5%

Summary

A Redhat glibc Vulnerability affecting Watson Speech Services has been fixed in the latest version of IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data 4.0.3

Vulnerability Details

CVEID:CVE-2021-27645
**DESCRIPTION:**GNU glibc is vulnerable to a denial of service, caused by double-free in the nameserver caching daemon (nscd). By sending a specially-crafted request, a local attacker could exploit this vulnerability to cause a denial of service.
CVSS Base score: 4
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/197417 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)

Affected Products and Versions

Affected Product(s) Version(s)
IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data 4.0.3

Remediation/Fixes

Download and install the newest deployment of IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data to your ICP cluster. This deployment contains an upgrade containing the fix for this issue.

Workarounds and Mitigations

None