IBM has recently disclosed critical vulnerabilities in its AIX operating system that could potentially allow attackers to trigger Denial of Service (DoS) conditions, severely affecting the system’s stability and availability. These flaws reside within two key kernel extensions: the TCP/IP extension and the perfstat extension. Both vulnerabilities, which are outlined in CVE-2024-47102 and CVE-2024-52906, pose a significant risk to users if left unpatched. IBM has strongly advised administrators to address these vulnerabilities immediately by applying available patches to avoid system disruptions and protect their infrastructure.
The first vulnerability, CVE-2024-47102, is caused by improper input validation in the AIX perfstat kernel extension, classified under CWE-20. This flaw enables a non-privileged local user to exploit the system and cause a DoS condition. With a CVSS Base Score of 5.5, the vulnerability is considered medium severity, but the potential for significant system downtime makes it a noteworthy concern for administrators. Once exploited, the system’s availability could be greatly compromised, leading to performance degradation or complete outages that could disrupt business operations.
The second vulnerability, CVE-2024-52906, is a race condition found in the TCP/IP kernel extension, classified under CWE-362. Like the first vulnerability, it allows a non-privileged local attacker to trigger a DoS condition with the same CVSS Base Score of 5.5. The race condition in the TCP/IP extension can be exploited by manipulating the timing of processes, which may result in the system becoming unresponsive. While both flaws share a similar severity level and exploitation complexity, they pose distinct risks to different components of the operating system, further highlighting the need for a comprehensive security response.
To mitigate these vulnerabilities, IBM urges all users of affected versions of the AIX operating system to check their systems using the lslpp command to identify vulnerable filesets. Users should then patch their systems by updating to the latest versions that contain fixes for the vulnerabilities. The AIX operating system versions impacted include AIX 7.2, AIX 7.3, and VIOS 3.1 and 4.1. Administrators are also advised to stay up to date with IBM’s security advisories to ensure continued protection against emerging threats. Implementing these recommendations is crucial in maintaining system integrity and preventing potential disruptions that could affect business continuity.
