IBM has issued a safety bulletin warning of two vulnerabilities in its AIX working system that might doubtlessly result in denial-of-service (DoS) assaults.
The affected kernel extensions—perfstat and TCP/IPmpresent dangers to techniques working on AIX 7.2, AIX 7.3, VIOS 3.1, and VIOS 4.1.
The vulnerabilities are tracked below CVE-2024-47102 and CVE-2024-52906, every with a Widespread Vulnerability Scoring System (CVSS) base rating of 5.5.
Overview of Vulnerabilities
CVE-2024-47102 and CVE-2024-52906 spotlight essential vulnerabilities throughout the AIX working system.
CVE-2024-47102, labeled below CWE-20 (Improper Enter Validation), is exploitable within the AIX perfstat kernel extension by a non-privileged native person, resulting in denial of service via system crashes or course of disruptions.
Equally, CVE-2024-52906, recognized within the AIX TCP/IP kernel extension, arises from a race situation (CWE-362), enabling native customers to take advantage of the flaw and set off DoS eventualities. Each vulnerabilities pose vital dangers to system stability and safety.
Affected Variations
Right here is the data in a desk format:
| Product | Affected Model | Key Affected Fileset | Impacted Model Vary |
|---|---|---|---|
| AIX 7.2 | AIX 7.2.5.0 – AIX 7.3.2.1 | bos.internet.tcp.client_core | AIX 7.2.5.0 – AIX 7.3.2.1 |
| AIX 7.3 | AIX 7.2.5.0 – AIX 7.3.2.0 | bos.perf.perfstat | AIX 7.2.5.0 – AIX 7.3.2.0 |
| VIOS 3.1 | AIX 7.2.5.0 – AIX 7.3.2.1 | bos.internet.tcp.client_core | AIX 7.2.5.0 – AIX 7.3.2.1 |
| VIOS 4.1 | AIX 7.2.5.0 – AIX 7.3.2.0 | bos.perf.perfstat | AIX 7.2.5.0 – AIX 7.3.2.0 |
Remediation and Fixes
IBM strongly recommends making use of the mandatory fixes to mitigate these vulnerabilities. Fixes can be found for affected AIX and VIOS variations.
A reboot is mostly required after set up, however directors can use Dwell Replace in AIX 7.2 and seven.3 to keep away from downtime.
- Updating AIX and VIOS
The fixes could be downloaded from IBM’s platform:
AIX efixes Instance interim repair packages embrace:
IJ52366s6a.241113.epkg.Z(TCP/IP kernel extensions)IJ52533m8a.241204.epkg.Z(perfstat kernel extensions) Make sure the integrity of downloaded information utilizing SHA-256 checksums.
Putting in Repair Packages: Preview or set up fixes utilizing these instructions:
- Preview Repair Set up:
installp -a -d fix_name -p all - Set up Repair:
installp -a -d fix_name -X allFor interim fixes: - Preview Interim Repair:
emgr -e ipkg_name -p - Set up Interim Repair:
emgr -e ipkg_name -X
IBM advises making a mksysb backup of the system previous to any updates. Guarantee it’s bootable and readable to keep away from dangers throughout updates. No workarounds or mitigations can be found for these vulnerabilities, making rapid motion essential.
IBM encourages directors to subscribe to My Notifications to obtain updates on future safety bulletins:My Notifications.
These vulnerabilities spotlight the significance of retaining working techniques up-to-date with the most recent safety patches.
By addressing CVE-2024-47102 and CVE-2024-52906, organizations can safeguard their AIX techniques in opposition to potential denial-of-service assaults.
2024 MITRE ATT&CK Analysis Outcomes for SMEs & MSPs -> Obtain Free Information