CVE-2008-1594 — IBM AIX vulnerability

3 documents3 sources

Severity

4.9MEDIUMNVD

EPSS

0.1%

top 83.07%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

IBM AIX

Timeline

PublishedMar 31

Latest updateMay 1

Description

The kernel in IBM AIX 5.2 and 5.3 does not properly handle resizing JFS2 filesystems on concurrent volume groups spread across multiple nodes, which allows local users of one node to cause a denial of service (remote node crash) by using chfs or lreducelv to reduce a filesystem's size.

CVSS vector

AV:L/AC:L/C:N/I:N/A:CExploitability: 3.9 | Impact: 6.9

Affected Packages1 packages

▶NVDibm/aix5.2, 5.3, 6.1+2

Patches

Patch: www.securityfocus.com ↗Patch: www.securityfocus.com ↗

🔴Vulnerability Details

GHSA

GHSA-9mx8-5rcr-64g4: The kernel in IBM AIX 5↗2022-05-01

▶

CVEList

CVE-2008-1594: The kernel in IBM AIX 5↗2008-03-31

▶