CVE-2023-24593, CVE-2023-25180 may affect Ubuntu Operating System packages shipped with IBM CICS TX Advanced 10.1. IBM CICS TX Advanced 10.1 has addressed the applicable CVEs.
CVEID:CVE-2023-24593
**DESCRIPTION:**GNOME GLib is vulnerable to a denial of service, caused by a flaw when handling a malicious text-form variant. By sending a specially crafted input, a local attacker could exploit this vulnerability to cause looping superlinear to its text size, and results in a denial of service condition.
CVSS Base score: 6.2
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/251339 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
CVEID:CVE-2023-25180
**DESCRIPTION:**GNOME GLib is vulnerable to a denial of service, caused by a flaw when handling a malicious serialised variant. By sending a specially crafted input, a local attacker could exploit this vulnerability to cause allocations or looping superlinear to its serialised size, and results in a denial of service condition.
CVSS Base score: 6.2
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/251344 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
Affected Product(s) | Version(s) |
---|---|
IBM CICS TX Advanced | 10.1 |
Product | Version | Platform | Remediation / Fix |
---|---|---|---|
IBM CICS TX Advanced |
10.1
| Linux| Fix Central Link
None