IBM AIX和Virtual I/O Server 'dupmsg'系统呼叫本地拒绝服务漏洞

BUGTRAQ ID: 54706 CVE ID: CVE-2012-0723 AIX是一个基于开放标准的UNIX操作系统，为用户提供企业信息技术基础架构。Virtual I/O Server 提供了命令行的管理方式，通过命令行可以管理VIOS。 IBM AIX和Virtual I/O Server在导出"dupmsg"内核扩展调用到用户空间时存在错误，在实现上存在本地拒绝服务漏洞，攻击者可利用此漏洞使受影响计算机崩溃。 0 IBM AIX 7.x IBM AIX 6.x IBM AIX 5.x IBM Virtual I/O Server VIOS 2.x 厂商补丁： IBM ---...

CVE-2012-0723

Summary: Local denial of service on IBM AIX 5.3/6.1/7.1 and VIOS 2.2.1.4-FP-25 SP-02 due to a flaw in the dupmsg kernel call. Root cause: a kernel extension call is exported to user space without proper sanity checks, allowing a crafted application to crash the system. Impacted components: AIX ke...

Vulnerability in AIX system call

IBM SECURITY ADVISORY First Issued: Thu Jul 26 12:59:02 CDT 2012 | Update: Wed Oct 24 8:49:40 CDT 2012 | Update: Updated interim fix file names | Update: New ifixes for the latest SP's | Updated: Thu Dec 12 12:55:11 CST 2013 | Update: 1. Added KEYs for parsing purposes | 2. Moved to OpenSSL...