CVE-2024-27273

Summary

IBM AIX's Unix domain (AIX 7.2, 7.3, VIOS 3.1, and VIOS 4.1) datagram socket implementation could potentially expose applications using Unix domain datagram sockets with SO_PEERID operation and may lead to privilege escalation. IBM X-Force ID: 284903.

Affected Software

VendorProductVersion RangeStatus
IBMAIX7.2, 7.3, VIOS 3.1, VIOS 4.1affected

Weaknesses

  • CWE-266: CWE-266 Incorrect Privilege Assignment

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

CVE Program Container

Additional References

References