What is the severity of CVE-2016-6079?

CVE-2016-6079 has a high severity rating due to the potential for local users to gain root privileges.

How do I fix CVE-2016-6079?

To resolve CVE-2016-6079, apply the latest security updates and patches provided by IBM for affected AIX and VIOS versions.

Who is affected by CVE-2016-6079?

CVE-2016-6079 impacts users of IBM AIX versions 5.3, 6.1, 7.1, and 7.2, as well as certain versions of IBM VIOS.

What type of vulnerability is CVE-2016-6079?

CVE-2016-6079 is an unspecified local privilege escalation vulnerability.

Is there a workaround for CVE-2016-6079?

There are no recommended workarounds for CVE-2016-6079; updating to the fixed version is necessary.

Vulnerability/
CVE-2016-6079

high

7.8

CWE

264

15/2/2017

6/8/2024

CVE-2016-6079

First published: Wed Feb 15 2017(Updated: )

IBM AIX 5.3, 6.1, 7.1, and 7.2 contains an unspecified vulnerability that would allow a locally authenticated user to obtain root level privileges. IBM APARs: IV88658, IV87981, IV88419, IV87640, IV88053.

Credit: psirt@us.ibm.com

Affected Software	Affected Version	How to fix
IBM AIX	=5.3
IBM AIX	=6.1
IBM AIX	=7.1
IBM AIX	=7.2
IBM Virtual I/O Server (VIOS)	=2.2.0.0
IBM Virtual I/O Server (VIOS)	=2.2.0.10
IBM Virtual I/O Server (VIOS)	=2.2.0.11
IBM Virtual I/O Server (VIOS)	=2.2.0.12
IBM Virtual I/O Server (VIOS)	=2.2.0.13
IBM Virtual I/O Server (VIOS)	=2.2.1.0
IBM Virtual I/O Server (VIOS)	=2.2.1.1
IBM Virtual I/O Server (VIOS)	=2.2.1.3
IBM Virtual I/O Server (VIOS)	=2.2.1.4
IBM Virtual I/O Server (VIOS)	=2.2.1.5
IBM Virtual I/O Server (VIOS)	=2.2.1.6
IBM Virtual I/O Server (VIOS)	=2.2.1.7
IBM Virtual I/O Server (VIOS)	=2.2.1.8
IBM Virtual I/O Server (VIOS)	=2.2.2.0
IBM Virtual I/O Server (VIOS)	=2.2.2.1
IBM Virtual I/O Server (VIOS)	=2.2.2.2
IBM Virtual I/O Server (VIOS)	=2.2.2.3
IBM Virtual I/O Server (VIOS)	=2.2.2.4
IBM Virtual I/O Server (VIOS)	=2.2.2.6
IBM Virtual I/O Server (VIOS)	=2.2.2.70
IBM Virtual I/O Server (VIOS)	=2.2.3.0
IBM Virtual I/O Server (VIOS)	=2.2.3.1
IBM Virtual I/O Server (VIOS)	=2.2.3.2
IBM Virtual I/O Server (VIOS)	=2.2.3.3
IBM Virtual I/O Server (VIOS)	=2.2.3.4
IBM Virtual I/O Server (VIOS)	=2.2.3.50
IBM Virtual I/O Server (VIOS)	=2.2.3.51
IBM Virtual I/O Server (VIOS)	=2.2.3.52
IBM Virtual I/O Server (VIOS)	=2.2.3.60
IBM Virtual I/O Server (VIOS)	=2.2.3.70
IBM Virtual I/O Server (VIOS)	=2.2.3.80
IBM Virtual I/O Server (VIOS)	=2.2.4.0
IBM Virtual I/O Server (VIOS)	=2.2.4.10
IBM Virtual I/O Server (VIOS)	=2.2.4.21
IBM Virtual I/O Server (VIOS)	=2.2.4.22
IBM Virtual I/O Server (VIOS)	=2.2.4.23
IBM Virtual I/O Server (VIOS)	=2.2.4.30
IBM Virtual I/O Server (VIOS)	=2.2.5.0
IBM Virtual I/O Server (VIOS)	=2.2.5.10

Remedy

http://aix.software.ibm.com/aix/efixes/security/lquerylv_advisory.asc

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2016-6079?
CVE-2016-6079 has a high severity rating due to the potential for local users to gain root privileges.
How do I fix CVE-2016-6079?
To resolve CVE-2016-6079, apply the latest security updates and patches provided by IBM for affected AIX and VIOS versions.
Who is affected by CVE-2016-6079?
CVE-2016-6079 impacts users of IBM AIX versions 5.3, 6.1, 7.1, and 7.2, as well as certain versions of IBM VIOS.
What type of vulnerability is CVE-2016-6079?
CVE-2016-6079 is an unspecified local privilege escalation vulnerability.
Is there a workaround for CVE-2016-6079?
There are no recommended workarounds for CVE-2016-6079; updating to the fixed version is necessary.

agent/references
agent/type
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/author
agent/weakness
agent/severity
agent/last-modified-date
agent/remedy
agent/description
agent/first-publish-date
agent/event
agent/source
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
vendor/ibm
canonical/ibm aix
version/ibm aix/5.3
version/ibm aix/6.1
version/ibm aix/7.1
version/ibm aix/7.2
canonical/ibm virtual i/o server (vios)
version/ibm virtual i/o server (vios)/2.2.0.0
version/ibm virtual i/o server (vios)/2.2.0.10
version/ibm virtual i/o server (vios)/2.2.0.11
version/ibm virtual i/o server (vios)/2.2.0.12
version/ibm virtual i/o server (vios)/2.2.0.13
version/ibm virtual i/o server (vios)/2.2.1.0
version/ibm virtual i/o server (vios)/2.2.1.1
version/ibm virtual i/o server (vios)/2.2.1.3
version/ibm virtual i/o server (vios)/2.2.1.4
version/ibm virtual i/o server (vios)/2.2.1.5
version/ibm virtual i/o server (vios)/2.2.1.6
version/ibm virtual i/o server (vios)/2.2.1.7
version/ibm virtual i/o server (vios)/2.2.1.8
version/ibm virtual i/o server (vios)/2.2.2.0
version/ibm virtual i/o server (vios)/2.2.2.1
version/ibm virtual i/o server (vios)/2.2.2.2
version/ibm virtual i/o server (vios)/2.2.2.3
version/ibm virtual i/o server (vios)/2.2.2.4
version/ibm virtual i/o server (vios)/2.2.2.6
version/ibm virtual i/o server (vios)/2.2.2.70
version/ibm virtual i/o server (vios)/2.2.3.0
version/ibm virtual i/o server (vios)/2.2.3.1
version/ibm virtual i/o server (vios)/2.2.3.2
version/ibm virtual i/o server (vios)/2.2.3.3
version/ibm virtual i/o server (vios)/2.2.3.4
version/ibm virtual i/o server (vios)/2.2.3.50
version/ibm virtual i/o server (vios)/2.2.3.51
version/ibm virtual i/o server (vios)/2.2.3.52
version/ibm virtual i/o server (vios)/2.2.3.60
version/ibm virtual i/o server (vios)/2.2.3.70
version/ibm virtual i/o server (vios)/2.2.3.80
version/ibm virtual i/o server (vios)/2.2.4.0
version/ibm virtual i/o server (vios)/2.2.4.10
version/ibm virtual i/o server (vios)/2.2.4.21
version/ibm virtual i/o server (vios)/2.2.4.22
version/ibm virtual i/o server (vios)/2.2.4.23
version/ibm virtual i/o server (vios)/2.2.4.30
version/ibm virtual i/o server (vios)/2.2.5.0
version/ibm virtual i/o server (vios)/2.2.5.10