First published: Mon May 22 2023(Updated: )
Eclipse Openj9 is vulnerable to a buffer overflow, caused by improper bounds checking by the getCachedUTFString() function. By using specially crafted input, a local authenticated attacker could overflow a buffer and execute arbitrary code on the system.
Credit: emo@eclipse.org emo@eclipse.org
Affected Software | Affected Version | How to fix |
---|---|---|
Eclipse Openj9 | <0.38.0 | |
IBM Cloud Pak for Business Automation | <=V23.0.1 | |
IBM Cloud Pak for Business Automation | <=V21.0.3 - V21.0.3-IF022 | |
IBM Cloud Pak for Business Automation | <=V22.0.2 - V22.0.2-IF006 and later fixesV22.0.1 - V22.0.1-IF006 and later fixesV21.0.2 - V21.0.2-IF012 and later fixesV21.0.1 - V21.0.1-IF007 and later fixesV20.0.1 - V20.0.3 and later fixesV19.0.1 - V19.0.3 and later fixesV18.0.0 - V18.0.2 and later fixes |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID of this buffer overflow vulnerability is CVE-2023-2597.
IBM QRadar SIEM version 7.5.0 - 7.5.0 UP6 is affected by this vulnerability.
The severity of CVE-2023-2597 is high with a severity value of 7.
An attacker can exploit this vulnerability by using specially crafted input to overflow a buffer and execute arbitrary code on the system.
At this time, there are no specific fixes available for this vulnerability. However, it is recommended to keep the software up to date and follow any security advisories from the vendor.