CVE-2012-2192 — IBM Vios vulnerability

CWE-3993 documents3 sources

Severity

4.9MEDIUMNVD

EPSS

0.1%

top 81.61%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

IBM AIX IBM Vios

Timeline

PublishedJun 20

Latest updateMay 13

Description

The socketpair function in IBM AIX 5.3, 6.1, and 7.1 and VIOS 2.2.1.4-FP-25 SP-02 allows local users to cause a denial of service (system crash) via a crafted application that leverages the presence of a socket on the free list.

CVSS vector

AV:L/AC:L/C:N/I:N/A:CExploitability: 3.9 | Impact: 6.9

Affected Packages2 packages

▶NVDibm/vios2.2.1.4

▶NVDibm/aix5.3, 6.1, 7.1+2

🔴Vulnerability Details

GHSA

GHSA-845h-p5w8-7w6g: The socketpair function in IBM AIX 5↗2022-05-13

▶

CVEList

CVE-2012-2192: The socketpair function in IBM AIX 5↗2012-06-20

▶