CVE-2008-0586

Name of the Vulnerable Software and Affected Versions IBM AIX versions 5.2 through 5.3

Description The issue concerns buffer overflows that allow local users to gain privileges. This is related to several programs, including lchangevg, ldeletepv, putlvodm, lvaryoffvg, lvgenminor in bos.rte.lvm, and tellclvmd in bos.clvm.enh.

Recommendations For IBM AIX versions 5.2 and 5.3, consider restricting access to the vulnerable programs until a patch is available. As a temporary workaround, consider disabling the execution of lchangevg, ldeletepv, putlvodm, lvaryoffvg, lvgenminor, and tellclvmd programs to minimize the risk of exploitation. Avoid using the vulnerable functions related to these programs in bos.rte.lvm and bos.clvm.enh until the issue is resolved.