CVE-2022-43848 IBM AIX denial of service

2022-12-2319:06:02

CWE-20

ibm

www.cve.org

ibm

aix

denial of service

vulnerability

perfstat

kernel extension

local user

non-privileged

x-force id

6.2 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

6 Medium

AI Score

Confidence

High

0.0005 Low

EPSS

Percentile

17.8%

JSON

IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the AIX perfstat kernel extension to cause a denial of service. IBM X-Force ID: 239169.

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "product": "AIX",
    "vendor": "IBM",
    "versions": [
      {
        "status": "affected",
        "version": "7.1, 7.2, 7.3, VIOS 3.1"
      }
    ]
  }
]