CVE-2008-1593
First published: Mon Mar 31 2008(Updated: )
The checkpoint and restart feature in the kernel in IBM AIX 5.2, 5.3, and 6.1 does not properly protect kernel memory, which allows local users to read and modify portions of memory and gain privileges via unspecified vectors involving a restart of a 64-bit process, probably related to the as_getadsp64 function.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| IBM AIX | =5.3 | |
| IBM AIX | =5.2 | |
| IBM AIX | =6.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=4153
- http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=4154
- http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=4155
- http://www.ibm.com/support/docview.wss?uid=isg1IZ11820
- http://www.ibm.com/support/docview.wss?uid=isg1IZ12794
- http://www.ibm.com/support/docview.wss?uid=isg1IZ16992
- http://www.ibm.com/support/docview.wss?uid=isg1IZ17111
- http://www.securityfocus.com/bid/28467
- http://securitytracker.com/id?1019606
- http://www.vupen.com/english/advisories/2008/0865
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4595
Frequently Asked Questions
What is the severity of CVE-2008-1593?
CVE-2008-1593 has a high severity rating due to its potential to allow local users to gain elevated privileges.
Which versions of IBM AIX are affected by CVE-2008-1593?
CVE-2008-1593 affects IBM AIX versions 5.2, 5.3, and 6.1.
How do I fix CVE-2008-1593?
To fix CVE-2008-1593, you should apply the latest security patches released by IBM for your version of AIX.
What type of attacks can be performed using CVE-2008-1593?
CVE-2008-1593 can be exploited by local users to read and modify kernel memory, which can lead to privilege escalation.
Is there a workaround for CVE-2008-1593?
While applying patches is the best solution, restricting access to the affected AIX systems can serve as a temporary workaround.
- collector/nvd-historical
- collector/nvd-index
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/references
- agent/severity
- agent/author
- agent/last-modified-date
- agent/weakness
- agent/remedy
- agent/tags
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- vendor/ibm
- canonical/ibm aix
- version/ibm aix/5.3
- version/ibm aix/5.2
- version/ibm aix/6.1