IBM Lotus Domino tunekrnl overflow vulnerabilities
iDEFENSE contacted IBM® Lotus® to report two potential overflow vulnerabilities in the tunekrnl file used by IBM Lotus Domino® on Linux® operating systems.
This issue is specific to Domino on Linux operating systems. Domino 6.x and Domino 7.0.x on Linux on zSeries® and Domino 7.0.x on x86 are affected by these issues. If successfully exploited, this vulnerability would allow a local attacker to elevate their privileges to root.
The iDEFENSE advisory can be accessed at the following link:
This issue was reported to Quality Engineering as SPR# KEMG6SRKEM and has been fixed in Domino 6.5.5 Fix Pack 2 (FP2) and Domino 7.0.2.
To work around this issue in previous affected releases, the tunekrnl binary file can be renamed or deleted or the set-user-id bit can be removed. This will prevent exploitation of the vulnerability, but it will also cause the loss of some tuneable setting changes which affect the performance of Domino.
Attack vector: Local system
Impact: Privilege escalation
- File can be removed as a workaround
- Requires local system access to exploit