CVE-2014-3074

Name of the Vulnerable Software and Affected Versions IBM AIX versions 6.1 through 7.1 VIOS versions 2.2.x

Description The issue allows local users to create a mode-666 root-owned file and gain privileges by setting crafted MALLOCOPTIONS and MALLOCBUCKETS environment-variable values and then executing a setuid program. Additionally, in AIX 6.1 and above, a local user can exploit this error using the LIB INIT DBG and LIB INIT DBG FILE environment variables. This can lead to privilege escalation via arbitrary file writes with elevated privileges programs.

Recommendations For IBM AIX versions 6.1 through 7.1, consider disabling the setuid programs that can be exploited with crafted MALLOCOPTIONS and MALLOCBUCKETS environment-variable values until a patch is available. For VIOS versions 2.2.x, restrict access to the runtime linker to minimize the risk of exploitation. As a temporary workaround, consider restricting the use of the LIB INIT DBG and LIB INIT DBG FILE environment variables in AIX 6.1 and above until the issue is resolved.