The kernel in IBM AIX 5.2 and 5.3 does not properly handle resizing JFS2 filesystems on concurrent volume groups spread across multiple nodes, which allows local users of one node to cause a denial of service (remote node crash) by using chfs or lreducelv to reduce a filesystems size.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Aix | Ibm | 5.2 (including) | 5.2 (including) |
| Aix | Ibm | 5.3 (including) | 5.3 (including) |
| Aix | Ibm | 6.1 (including) | 6.1 (including) |
References
- http://securitytracker.com/id?1019606
- http://www.ibm.com/support/docview.wss?uid=isg1IZ04946
- http://www.ibm.com/support/docview.wss?uid=isg1IZ04953
- http://www.ibm.com/support/docview.wss?uid=isg1IZ05246
- http://www.securityfocus.com/bid/28467
- http://www.vupen.com/english/advisories/2008/0865
- http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18\u0026ID=4153
- http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18\u0026ID=4154
- http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18\u0026ID=4155
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5434
- http://securitytracker.com/id?1019606
- http://www.ibm.com/support/docview.wss?uid=isg1IZ04946
- http://www.ibm.com/support/docview.wss?uid=isg1IZ04953
- http://www.ibm.com/support/docview.wss?uid=isg1IZ05246
- http://www.securityfocus.com/bid/28467
- http://www.vupen.com/english/advisories/2008/0865
- http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18\u0026ID=4153
- http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18\u0026ID=4154
- http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18\u0026ID=4155
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5434