CVE-2014-0930

2014-05-0810:55:03

[email protected]

web.nvd.nist.gov

CVSS2

4.7

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:N/I:N/A:C

AI Score

5.6

Confidence

Low

EPSS

Percentile

5.1%

JSON

The ptrace system call in IBM AIX 5.3, 6.1, and 7.1, and VIOS 2.2.x, allows local users to cause a denial of service (system crash) or obtain sensitive information from kernel memory via a crafted PT_LDINFO operation.

Affected configurations

Nvd

Node

ibmviosMatch2.2.0.10

ibmviosMatch2.2.0.11

ibmviosMatch2.2.0.12

ibmviosMatch2.2.0.13

ibmviosMatch2.2.1.0

ibmviosMatch2.2.1.1

ibmviosMatch2.2.1.3

ibmviosMatch2.2.1.4

ibmviosMatch2.2.2.0

ibmviosMatch2.2.3.0

ibmaixMatch5.3

ibmaixMatch6.1

ibmaixMatch7.1

VendorProductVersionCPE
ibmvios2.2.0.10cpe:2.3:a:ibm:vios:2.2.0.10:*:*:*:*:*:*:*
ibmvios2.2.0.11cpe:2.3:a:ibm:vios:2.2.0.11:*:*:*:*:*:*:*
ibmvios2.2.0.12cpe:2.3:a:ibm:vios:2.2.0.12:*:*:*:*:*:*:*
ibmvios2.2.0.13cpe:2.3:a:ibm:vios:2.2.0.13:*:*:*:*:*:*:*
ibmvios2.2.1.0cpe:2.3:a:ibm:vios:2.2.1.0:*:*:*:*:*:*:*
ibmvios2.2.1.1cpe:2.3:a:ibm:vios:2.2.1.1:*:*:*:*:*:*:*
ibmvios2.2.1.3cpe:2.3:a:ibm:vios:2.2.1.3:*:*:*:*:*:*:*
ibmvios2.2.1.4cpe:2.3:a:ibm:vios:2.2.1.4:*:*:*:*:*:*:*
ibmvios2.2.2.0cpe:2.3:a:ibm:vios:2.2.2.0:*:*:*:*:*:*:*
ibmvios2.2.3.0cpe:2.3:a:ibm:vios:2.2.3.0:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
ibm	vios	2.2.0.10	cpe:2.3:a:ibm:vios:2.2.0.10:::::::*
ibm	vios	2.2.0.11	cpe:2.3:a:ibm:vios:2.2.0.11:::::::*
ibm	vios	2.2.0.12	cpe:2.3:a:ibm:vios:2.2.0.12:::::::*
ibm	vios	2.2.0.13	cpe:2.3:a:ibm:vios:2.2.0.13:::::::*
ibm	vios	2.2.1.0	cpe:2.3:a:ibm:vios:2.2.1.0:::::::*
ibm	vios	2.2.1.1	cpe:2.3:a:ibm:vios:2.2.1.1:::::::*
ibm	vios	2.2.1.3	cpe:2.3:a:ibm:vios:2.2.1.3:::::::*
ibm	vios	2.2.1.4	cpe:2.3:a:ibm:vios:2.2.1.4:::::::*
ibm	vios	2.2.2.0	cpe:2.3:a:ibm:vios:2.2.2.0:::::::*
ibm	vios	2.2.3.0	cpe:2.3:a:ibm:vios:2.2.3.0:::::::*