CVE-2012-4833 — IBM Vios vulnerability

CWE-2643 documents3 sources

Severity

2.1LOWNVD

EPSS

0.1%

top 83.08%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

IBM AIX IBM Vios

Timeline

PublishedOct 1

Latest updateMay 13

Description

fuser in IBM AIX 6.1 and 7.1, and VIOS 2.2.1.4-FP-25 SP-02, does not properly restrict the -k option, which allows local users to kill arbitrary processes via a crafted command line.

CVSS vector

AV:L/AC:L/C:N/I:N/A:PExploitability: 3.9 | Impact: 2.9

Affected Packages2 packages

▶NVDibm/vios2.2.1.4

▶NVDibm/aix6.1, 7.1+1

Patches

Patch: aix.software.ibm.com ↗Patch: aix.software.ibm.com ↗

🔴Vulnerability Details

GHSA

GHSA-7m3h-259r-858p: fuser in IBM AIX 6↗2022-05-13

▶

CVEList

CVE-2012-4833: fuser in IBM AIX 6↗2012-10-01

▶