Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2014-0930

Overview

Vulnerability Score 4.7 4.7
CVE Id CVE-2014-0930
Last Modified 08 May 2014 07:56:21
Published 08 May 2014 06:55:03
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity MEDIUM
Authentication NONE

CVE-2014-0930

Summary

The ptrace system call in IBM AIX 5.3, 6.1, and 7.1, and VIOS 2.2.x, allows local users to cause a denial of service (system crash) or obtain sensitive information from kernel memory via a crafted PT_LDINFO operation.

Vulnerable Systems

Operating System

  • Ibm Aix 5.3

  • Ibm Aix 6.1

  • Ibm Aix 7.1

  • Ibm Vios 2.2.0.10

  • Ibm Vios 2.2.0.11

  • Ibm Vios 2.2.0.12

  • Ibm Vios 2.2.0.13

  • Ibm Vios 2.2.1.0

  • Ibm Vios 2.2.1.1

  • Ibm Vios 2.2.1.3

  • Ibm Vios 2.2.1.4

  • Ibm Vios 2.2.2.0

  • Ibm Vios 2.2.3.0


References

MISC - https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-0930/

XF - ibm-aix-cve20140930-dos(92262)

AIXAPAR - IV59675

AIXAPAR - IV59045

AIXAPAR - IV58948

AIXAPAR - IV58888

AIXAPAR - IV58861

AIXAPAR - IV58840

AIXAPAR - IV58766

BUGTRAQ - 20140506 CVE-2014-0930 - Kernel Memory Leak And Denial Of Service Condition in IBM AIX

CONFIRM - http://aix.software.ibm.com/aix/efixes/security/ptrace_advisory.asc


Last Updated: 27 May 2016 11:05:14