Vigil@nce: AIX, denial of service via WPAR
November 2011 by Vigil@nce
This bulletin was written by Vigil@nce : http://vigilance.fr/offer
SYNTHESIS OF THE VULNERABILITY
A local attacker can use WPAR system calls, in order to stop AIX.
– Severity: 1/4
– Creation date: 14/11/2011
IMPACTED PRODUCTS
– IBM AIX
DESCRIPTION OF THE VULNERABILITY
The Workload Partitioning (WPAR) feature is used to create
virtualized spaces on the AIX system since version 6.1.
This feature requires new system calls. However, if these system
calls receive invalid data, the kernel stops. Technical details
are unknown.
A local attacker can therefore use WPAR system calls, in order to
stop AIX.
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
http://vigilance.fr/vulnerability/AIX-denial-of-service-via-WPAR-11152