Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2024-27273

IBM AIX's Unix domain (AIX 7.2, 7.3, VIOS 3.1, and VIOS 4.1) datagram socket implementation could potentially expose applications using Unix domain datagram sockets with SO_PEERID operation and may lead to privilege escalation. IBM X-Force ID: 284903.

Published

2024-05-07T21:15:09.060

Last Modified

2025-08-18T15:19:57.093

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 8.1 (HIGH)

Weaknesses

Type: Secondary
CWE-266
Type: Primary
NVD-CWE-noinfo

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	ibm	vios	3.1	Yes
Application	ibm	vios	4.1	Yes
Operating System	ibm	aix	7.2	Yes
Operating System	ibm	aix	7.3	Yes

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/284903 Vendor Advisory ([email protected])
https://www.ibm.com/support/pages/node/7150297 Vendor Advisory ([email protected])
https://exchange.xforce.ibmcloud.com/vulnerabilities/284903 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://www.ibm.com/support/pages/node/7150297 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)