Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to arbitrary code execution in Git [CVE-2022-41903]

Summary IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to arbitrary code execution in Git caused by an integer overflow when processing the padding operators CVE-2022-41903. Git is included as part of the Base OS used by our service images. Please read the details f...

Integer Overflow

git is vulnerable to integer overflows. When processing the padding operators, there is a integer overflow in pretty.c::formatandpadcommit where a sizet is stored improperly as an int, and then added as an offset to a memcpy. This overflow can be triggered directly by a user running a command whi...

git -- Heap overflow in `git archive`, `git log --format` leading to RCE

The git team reports: git log has the ability to display commits using an arbitrary format with its --format specifiers. This functionality is also exposed to git archive via the export-subst gitattribute. When processing the padding operators e.g., %, %, or % , an integer overflow can occur in...