IT17299: A VULNERABILITY IN THE BUSYBOX COMPONENT OF IBM DATAPOWER RUNNING IN A DOCKER CONTAINER
A fix is available
Closed as program error.
Possible execution of arbitrary code caused by integer overflow in decompression function (Docker image only). (CVE-2014-4607)
A possible overflow in a decompression function could allow for the execution of arbitrary code or cause a denial of service as reported in CVE-2014-4607. This is limited to DataPower running within a Docker container.
Fix is available in 22.214.171.124 For a list of the latest fix packs available, please see: http://www-01.ibm.com/support/docview.wss?uid=swg21237631
Reported component name
Reported component ID
NoSpecatt / Xsystem
Last modified date
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
Fixed component name
Fixed component ID
Applicable component levels