IBM AIX Workload Partition System Calls Denial of Service Vulnerability
Secunia Advisory SA46812
Release Date 2011-11-15
Criticality level Less criticalLess critical
Impact DoS
Where Local system
Authentication level Available in Customer Area
Report reliability Available in Customer Area
Solution Status Vendor Patch
Systems affected Available in Customer Area
Approve distribution Available in Customer Area
Operating System
AIX 6.x
AIX 7.x
Secunia CVSS Score Available in Customer Area
CVE Reference(s) CVE-2011-1375 CVSS available in Customer Area
Description
A vulnerability has been reported in IBM AIX, which can be exploited by malicious, local users to cause a DoS (Denial of Service).
The vulnerability is caused due to an error within the "wpar_limits_config" and "wpar_limits_modify" system calls and can be exploited to cause a crash.
The vulnerability is reported in the following versions:
* IBM AIX versions 6.1.5.0 through 5.1.5.8
* IBM AIX versions 6.1.6.0 through 6.1.6.16
* IBM AIX versions 6.1.7.0 and 6.1.7.1
* IBM AIX versions 7.1.0.0 through 7.1.0.15
* IBM AIX version 7.1.1.0
Solution
Apply fix.
Further details available in Customer Area
Provided and/or discovered by
Reported by the vendor.
Original Advisory
IBM:
http://aix.software.ibm.com/aix/efixes/security/wpar_advisory.asc
http://www.ibm.com/support/docview.wss?uid=isg1IV08320
http://www.ibm.com/support/docview.wss?uid=isg1IV08468
http://www.ibm.com/support/docview.wss?uid=isg1IV10227
http://www.ibm.com/support/docview.wss?uid=isg1IV10229
http://www.ibm.com/support/docview.wss?uid=isg1IV10226
ISS X-Force:
http://xforce.iss.net/xforce/xfdb/71211
Posljednje sigurnosne preporuke