IBM Lotus Domino tunekrnl overflow vulnerabilities
Technote (FAQ)
Question
iDEFENSE contacted IBM® Lotus® to report two potential overflow vulnerabilities in the tunekrnl file used by IBM Lotus Domino® on Linux® operating systems.
This issue is specific to Domino on Linux operating systems. Domino 6.x and Domino 7.0.x on Linux on zSeries® and Domino 7.0.x on x86 are affected by these issues. If successfully exploited, this vulnerability would allow a local attacker to elevate their privileges to root.
This issue was reported to Quality Engineering as SPR# KEMG6SRKEM and has been fixed in Domino 6.5.5 Fix Pack 2 (FP2) and Domino 7.0.2.
To work around this issue in previous affected releases, the tunekrnl binary file can be renamed or deleted or the set-user-id bit can be removed. This will prevent exploitation of the vulnerability, but it will also cause the loss of some tuneable setting changes which affect the performance of Domino.
Additional Information:
Attack vector: Local system
Impact: Privilege escalation
Mitigating factors:
File can be removed as a workaround
Requires local system access to exploit
Copyright and trademark information
IBM, the IBM logo and ibm.com are trademarks of International Business Machines Corp., registered in many jurisdictions worldwide. Other product and service names might be trademarks of IBM or other companies. A current list of IBM trademarks is available on the Web at "Copyright and trademark information" at www.ibm.com/legal/copytrade.shtml.
Rate this page
Please take a moment to complete this form to help us better serve you.
