Local User Exploitation in IBM AIX TCP/IP Kernel Extension
CVE-2024-52906

5.5MEDIUM

Key Information:

Vendor: IBM
Status: Aix
Vendor: CVE Published:; 25 December 2024

🔔 Create IBM Vulnerability Alert

Badges

📰 News Worthy

What is CVE-2024-52906?

IBM AIX versions 7.2, 7.3, and Virtual I/O Server (VIOS) versions 3.1 and 4.1 are susceptible to a vulnerability that can be exploited by local users. This issue resides within the TCP/IP kernel extension, which could allow a non-privileged user to disrupt normal system operations. If exploited, this vulnerability can result in a denial of service, hindering system availability and performance.

Affected Version(s)

AIX 7.2, 7.3, VIOS 3.1, 4.1

News Articles

CybersecurityNews

CVE-2024-47102 CVE-2024-52906

IBM AIX Vulnerability Let Attackers Trigger DoS Condition

IBM has reported vulnerabilities in its AIX operating system that could allow attackers to cause a Denial of Service (DoS) condition.

thmubnail image

References

https://www.ibm.com/support/pages/node/7179826

vendor-advisory

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

📰
First article discovered by CybersecurityNews
Dec 26, 2024
Vulnerability published
Dec 25, 2024
Vulnerability Reserved
Nov 17, 2024

.

CVE-2024-52906 : Local User Exploitation in IBM AIX TCP/IP Kernel Extension