IBM AIX Vulnerability Let Attackers Trigger DoS Condition

IBM has reported vulnerabilities in its AIX operating system that could allow attackers to cause a Denial of Service (DoS) condition.

The identified vulnerabilities affect specific kernel extensions, potentially disrupting normal system operations.

Details of the Vulnerabilities:

IBM AIX is vulnerable in its TCP/IP and perfstat kernel extensions. Two distinct Common Vulnerabilities and Exposures (CVEs) have been issued:

CVE-2024-47102:

CVE-2024-47102 is a vulnerability in the AIX perfstat kernel extension arising from improper input validation (CWE-20).

2024 MITRE ATT&CK Evaluation Results for SMEs & MSPs -> Download Free Guide

A non-privileged local user can exploit this flaw to trigger a denial of service (DoS), significantly impacting system availability (A:H). It has a CVSS Base Score of 5.5, classifying it as a medium-severity issue. 

CVE-2024-52906:

 CVE-2024-52906 involves a race condition (CWE-362) within the AIX TCP/IP kernel extension.

This flaw also allows a non-privileged local attacker to cause a DoS condition, with the same medium severity CVSS Base Score of 5.5.

Both vulnerabilities affect availability and require local access but do not demand user interaction, making them relatively low in exploitation complexity.

Both vulnerabilities require local access but no user interaction, and they have a low complexity of exploitation.

Affected Products and Versions

The vulnerabilities affect the following IBM AIX and VIOS product versions:

IBM advises users to check their system for the affected filesets using the lslpp command outlined in the AIX user guide.

Patching to newer, non-vulnerable versions of the affected filesets is strongly recommended to mitigate the risk.

Administrators should ensure they monitor IBM advisories for further updates and security patches to avoid system disruptions caused by these vulnerabilities.

Investigate Real-World Malicious Links, Malware & Phishing Attacks With ANY.RUN – Try for Free