CVE-2013-4011

Name of the Vulnerable Software and Affected Versions IBM AIX versions 6.1 and 7.1 VIOS version 2.2.2.2-FP-26 SP-02

Description The issue involves multiple unspecified vulnerabilities in the InfiniBand subsystem, allowing local users to gain privileges. The vulnerabilities can be exploited through vectors involving arp.ib or ibstat.

Recommendations For IBM AIX versions 6.1 and 7.1, restrict access to the InfiniBand subsystem until a fix is available. For VIOS version 2.2.2.2-FP-26 SP-02, consider disabling the arp.ib and ibstat functions as a temporary workaround to minimize the risk of exploitation.