IBM Support

IT05713: TSM LINUX X86_64 CLIENT LOCAL ESCALATION OF PRIVILEGE VULNERABILITY DUE TO ARBITRARY DSO LOAD

Subscribe

You can track all active APARs for this component.

APAR status

  • Closed as program error.

Error description

  • Local escalation of privilege vulnerability in TSM Linux x86_64
    clients due to arbitrary DSO load.
    

Local fix

  • Change the permissions on dsmtca so that only trusted users are
    permitted to execute it.
    

Problem summary

  • ****************************************************************
    * USERS AFFECTED:                                              *
    * Tivoli Storage Manager Client 6.3, 6.4, 7.1 running on Linux *
    * x86 system                                                   *
    ****************************************************************
    * PROBLEM DESCRIPTION:                                         *
    * See ERROR DESCRIPTION                                        *
    * For additional details, refer to the security bulletin       *
    * published here:                                              *
    * http://www.ibm.com/support/docview.wss?uid=swg21695715       *
    ****************************************************************
    * RECOMMENDATION:                                              *
    * Apply fixing level when available. This problem is currently *
    * projected to be fixed in Tivoli Storage Manager Client in    *
    * levels 6.4.3 and 7.1.2. Note that this is subject to change  *
    * at the discretion of IBM.                                    *
    ****************************************************************
    

Problem conclusion

  • The arbitrary DSO load was removed.
    

Temporary fix

  • A fix for this problem is currently targeted for Tivoli Storage
    Manager Client interim fix package 6.3.2.3, 6.4.2.2 and 7.1.1.2.
    Until the interim fix is actually available, this information is
    subject to change at the discretion of IBM.
    

Comments

APAR Information

  • APAR number

    IT05713

  • Reported component name

    TSM CLIENT

  • Reported component ID

    5698ISMCL

  • Reported release

    71L

  • Status

    CLOSED PER

  • PE

    NoPE

  • HIPER

    NoHIPER

  • Special Attention

    NoSpecatt / Xsystem

  • Submitted date

    2014-11-25

  • Closed date

    2014-12-30

  • Last modified date

    2016-08-26

  • APAR is sysrouted FROM one or more of the following:

  • APAR is sysrouted TO one or more of the following:

    IT05836

Modules/Macros

  • DSMTCA
    

Fix information

  • Fixed component name

    TSM CLIENT

  • Fixed component ID

    5698ISMCL

Applicable component levels

  • R63L PSY

       UP

  • R64L PSY

       UP

  • R71L PSY

       UP



Document information

More support for: Tivoli Storage Manager

Software version: 71L

Reference #: IT05713

Modified date: 26 August 2016