The checkpoint and restart feature in the kernel in IBM AIX 5.2, 5.3, and 6.1 does not properly protect kernel memory, which allows local users to read and modify portions of memory and gain privileges via unspecified vectors involving a restart of a 64-bit process, probably related to the as_getadsp64 function.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Aix | Ibm | 5.2 (including) | 5.2 (including) |
| Aix | Ibm | 5.3 (including) | 5.3 (including) |
| Aix | Ibm | 6.1 (including) | 6.1 (including) |
References
- http://securitytracker.com/id?1019606
- http://www.ibm.com/support/docview.wss?uid=isg1IZ11820
- http://www.ibm.com/support/docview.wss?uid=isg1IZ12794
- http://www.ibm.com/support/docview.wss?uid=isg1IZ16992
- http://www.ibm.com/support/docview.wss?uid=isg1IZ17111
- http://www.securityfocus.com/bid/28467
- http://www.vupen.com/english/advisories/2008/0865
- http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18\u0026ID=4153
- http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18\u0026ID=4154
- http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18\u0026ID=4155
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4595
- http://securitytracker.com/id?1019606
- http://www.ibm.com/support/docview.wss?uid=isg1IZ11820
- http://www.ibm.com/support/docview.wss?uid=isg1IZ12794
- http://www.ibm.com/support/docview.wss?uid=isg1IZ16992
- http://www.ibm.com/support/docview.wss?uid=isg1IZ17111
- http://www.securityfocus.com/bid/28467
- http://www.vupen.com/english/advisories/2008/0865
- http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18\u0026ID=4153
- http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18\u0026ID=4154
- http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18\u0026ID=4155
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4595