CVE-2014-0930 | Vulnerability Database | Aqua Security

The ptrace system call in IBM AIX 5.3, 6.1, and 7.1, and VIOS 2.2.x, allows local users to cause a denial of service (system crash) or obtain sensitive information from kernel memory via a crafted PT_LDINFO operation.

Affected Software

Name	Vendor	Start Version	End Version
Vios	Ibm	2.2.0.10 (including)	2.2.0.10 (including)
Vios	Ibm	2.2.0.11 (including)	2.2.0.11 (including)
Vios	Ibm	2.2.0.12 (including)	2.2.0.12 (including)
Vios	Ibm	2.2.0.13 (including)	2.2.0.13 (including)
Vios	Ibm	2.2.1.0 (including)	2.2.1.0 (including)
Vios	Ibm	2.2.1.1 (including)	2.2.1.1 (including)
Vios	Ibm	2.2.1.3 (including)	2.2.1.3 (including)
Vios	Ibm	2.2.1.4 (including)	2.2.1.4 (including)
Vios	Ibm	2.2.2.0 (including)	2.2.2.0 (including)
Vios	Ibm	2.2.3.0 (including)	2.2.3.0 (including)
Aix	Ibm	5.3 (including)	5.3 (including)
Aix	Ibm	6.1 (including)	6.1 (including)
Aix	Ibm	7.1 (including)	7.1 (including)

References

http://aix.software.ibm.com/aix/efixes/security/ptrace_advisory.asc
http://archives.neohapsis.com/archives/bugtraq/2014-05/0031.html
http://www.ibm.com/support/docview.wss?uid=isg1IV58766
http://www.ibm.com/support/docview.wss?uid=isg1IV58840
http://www.ibm.com/support/docview.wss?uid=isg1IV58861
http://www.ibm.com/support/docview.wss?uid=isg1IV58888
http://www.ibm.com/support/docview.wss?uid=isg1IV58948
http://www.ibm.com/support/docview.wss?uid=isg1IV59045
http://www.ibm.com/support/docview.wss?uid=isg1IV59675
https://exchange.xforce.ibmcloud.com/vulnerabilities/92262
https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-0930/

NVD	https://nvd.nist.gov/vuln/detail/CVE-2014-0930
CWE	https://cwe.mitre.org/data/definitions/.html