Privilege escalation in IBM ProtecTIER
| Risk | Medium |
| Patch available | YES |
| Number of vulnerabilities | 1 |
| CVE-ID | CVE-2016-5195 |
| CWE-ID | CWE-362 |
| Exploitation vector | Local |
| Public exploit | This vulnerability is being exploited in the wild. |
| Vulnerable software Subscribe |
ProtecTIER Entry Edition (PID 5639-PTC) - TS7610 / TS7620 Server applications / Other server solutions ProtecTIER Gateway for System Z (PID 5639-FPA) Server applications / Other server solutions ProtecTIER Appliance Edition (PID 5639-PTB) - TS7650AP1 Server applications / Other server solutions ProtecTIER Enterprise Edition (PID 5639-PTA) - TS7650G Server applications / Other server solutions |
| Vendor | IBM Corporation |
Security Bulletin
This security bulletin contains one medium risk vulnerability.
1) Privilege escalation
EUVDB-ID: #VU1039
Risk: Medium
CVSSv3.1:
CVE-ID: CVE-2016-5195
CWE-ID:
Exploit availability:
DescriptionThe vulnerability allows a local user to obtain elevated privileges on the target system.
The weakness is due to race condition in the kernel memory subsystem in the management of copy-on-write operations on read-only memory mappings that lets attackers to overwrite kernel memory and gain kernel-level privileges.
Successful exploitation of the vulnerability results in gaining of root privileges on the vulnerable system.
Note: the vulnerability was being actively exploited.
Install update from vendor's website.
Vulnerable software versionsProtecTIER Entry Edition (PID 5639-PTC) - TS7610 / TS7620: All versions
ProtecTIER Gateway for System Z (PID 5639-FPA): All versions
ProtecTIER Appliance Edition (PID 5639-PTB) - TS7650AP1: All versions
ProtecTIER Enterprise Edition (PID 5639-PTA) - TS7650G: All versions
Fixed software versionsCPE2.3 External links
http://www.ibm.com/support/pages/node/696401
Q & A
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?
