IBM AIX TCP/IP vulnerability allows Denial of Service attacks

Home/BOTNET, Exploitation, Internet Security, Security Advisory, Security Update, vulnerability/IBM AIX TCP/IP vulnerability allows Denial of Service attacks

IBM AIX TCP/IP vulnerability allows Denial of Service attacks

IBM has warned of two security flaws (CVE-2024-47102 and CVE-2024-52906) in its AIX operating system that could cause systems to crash (denial-of-service attacks).

These flaws affect specific parts of AIX used for performance monitoring (perfstat) and network communication (TCP/IPmp), potentially impacting systems running on versions 7.2, 7.3, VIOS 3.1, and 4.1.

IBM AIX TCP/IP vulnerability

Two critical security flaws (CVE-2024-47102 and CVE-2024-52906) have been found in the AIX operating system.

  • CVE-2024-47102: This flaw in the “perfstat” part of AIX allows attackers to crash the system or disrupt processes.
  • CVE-2024-52906: This flaw in the “TCP/IP” part of AIX can also be exploited to crash the system.

Affected Versions

ProductAffected VersionKey Affected FilesetImpacted Version Range
AIX 7.2AIX 7.2.5.0 – AIX 7.3.2.1bos.net.tcp.client_coreAIX 7.2.5.0 – AIX 7.3.2.1
AIX 7.3AIX 7.2.5.0 – AIX 7.3.2.0bos.perf.perfstatAIX 7.2.5.0 – AIX 7.3.2.0
VIOS 3.1AIX 7.2.5.0 – AIX 7.3.2.1bos.net.tcp.client_coreAIX 7.2.5.0 – AIX 7.3.2.1
VIOS 4.1AIX 7.2.5.0 – AIX 7.3.2.0bos.perf.perfstatAIX 7.2.5.0 – AIX 7.3.2.0

To protect your systems:

  • Apply the available fixes: IBM provides fixes for these vulnerabilities.
  • Reboot your systems: This is usually necessary after applying the fixes.
  • Use Live Update (if available): AIX 7.2 and 7.3 offer Live Update, which allows you to apply fixes without downtime.

How to get the fixes:

  • Download from IBM: You can download the fixes from IBM’s platform.
  • Example fix packages:
    • IJ52366s6a.241113.epkg.Z (for TCP/IP)
    • IJ52533m8a.241204.epkg.Z (for perfstat)
  • Verify downloads: Always verify the integrity of downloaded files using SHA-256 checksums.

To install fixes:

  • Preview the fix:
    • For regular fixes: installp -a -d fix_name -p all
    • For interim fixes: emgr -e ipkg_name -p
  • Install the fix:
    • For regular fixes: installp -a -d fix_name -X all
    • For interim fixes: emgr -e ipkg_name -X

IBM strongly recommends creating an mksysb backup of your system before applying any updates. The backup must be bootable and readable to allow for a smooth recovery in case of update-related issues.

These vulnerabilities have no workarounds or mitigations, making immediate action essential. IBM encourages administrators to subscribe to My Notifications to stay informed about future security bulletins. These vulnerabilities highlight the critical importance of keeping operating systems up-to-date with the latest security patches. By addressing CVE-2024-47102 and CVE-2024-52906, organizations can protect their AIX systems from potential denial-of-service attacks.

Post Views: 181
By | 2024-12-31T10:34:57+05:30 December 27th, 2024|BOTNET, Exploitation, Internet Security, Security Advisory, Security Update, vulnerability|

About the Author:

FirstHackersNews- Identifies Security

Related Posts

Leave A Comment

Subscribe to our newsletter to receive security tips everday!