Home

Description

IBM AIX 7.2, 7.3, IBM VIOS 3.1, and 4.1, when configured to use Kerberos network authentication, could allow a local user to write to files on the system with root privileges due to improper initialization of critical variables.

PUBLISHED Reserved 2025-04-15 | Published 2025-09-16 | Updated 2025-09-22 | Assigner ibm




HIGH: 7.4CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Problem types

CWE-454 External Initialization of Trusted Variables or Data Stores

Product status

Default status
unaffected

7.2
affected

7.3
affected

Default status
unaffected

3.1
affected

4.1
affected

References

www.ibm.com/support/pages/node/7245092 vendor-advisory patch

cve.org (CVE-2025-36244)

nvd.nist.gov (CVE-2025-36244)

Download JSON