CVE-2012-0723Improper Input Validation in IBM Vios

CWE-20Improper Input Validation3 documents3 sources
Severity
4.9MEDIUMNVD
EPSS
0.1%
top 79.72%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
IBM AIXIBM Vios
Timeline
PublishedJul 30
Latest updateMay 13

Description

The kernel in IBM AIX 5.3, 6.1, and 7.1, and VIOS 2.2.1.4-FP-25 SP-02, does not properly implement the dupmsg system call, which allows local users to cause a denial of service (system crash) via a crafted application.

CVSS vector

AV:L/AC:L/C:N/I:N/A:CExploitability: 3.9 | Impact: 6.9

Affected Packages2 packages

NVDibm/vios2.2.1.4
NVDibm/aix5.3, 6.1, 7.1+2

🔴Vulnerability Details

2
GHSA
GHSA-7c3c-j4r2-p999: The kernel in IBM AIX 52022-05-13
CVEList
CVE-2012-0723: The kernel in IBM AIX 52012-07-30
CVE-2012-0723 — Improper Input Validation in IBM Vios | cvebase