IBM Support

IBM Lotus Domino tunekrnl overflow vulnerabilities

Technote (FAQ)


iDEFENSE contacted IBM® Lotus® to report two potential overflow vulnerabilities in the tunekrnl file used by IBM Lotus Domino® on Linux® operating systems.

This issue is specific to Domino on Linux operating systems. Domino 6.x and Domino 7.0.x on Linux on zSeries® and Domino 7.0.x on x86 are affected by these issues. If successfully exploited, this vulnerability would allow a local attacker to elevate their privileges to root.

The iDEFENSE advisory can be accessed at the following link:


This issue was reported to Quality Engineering as SPR# KEMG6SRKEM and has been fixed in Domino 6.5.5 Fix Pack 2 (FP2) and Domino 7.0.2.

To work around this issue in previous affected releases, the tunekrnl binary file can be renamed or deleted or the set-user-id bit can be removed. This will prevent exploitation of the vulnerability, but it will also cause the loss of some tuneable setting changes which affect the performance of Domino.

Additional Information:
Attack vector: Local system
Impact: Privilege escalation
Mitigating factors:

  1. File can be removed as a workaround
  2. Requires local system access to exploit

Document information

More support for: IBM Domino

Software version: 6.0, 6.5, 7.0

Operating system(s): Linux

Reference #: 1249173

Modified date: 07 November 2006