Denial of Service Vulnerability in IBM AIX and VIOS
CVE-2024-47102

5.5MEDIUM

Key Information:

Vendor: IBM
Status: Aix
Vendor: CVE Published:; 25 December 2024

Summary

A vulnerability exists in the perfstat kernel extension of IBM's AIX and VIOS products, which may be exploited by non-privileged local users. This flaw could lead to a denial of service condition, significantly impacting system availability and performance. Users operating on affected versions are advised to take precautionary measures and apply necessary updates as recommended in the vendor's advisory.

Affected Version(s)

AIX 7.2, 7.3, VIOS 3.1, 4.1

References

https://www.ibm.com/support/pages/node/7179826

vendor-advisory

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Dec 25, 2024
Vulnerability Reserved
Sep 18, 2024

Collectors

NVD DatabaseMitre Database