Primary

Context

IBM i File-Level Local Denial-of-Service Vulnerability

Vulnerability

A denial-of-service vulnerability has been identified in IBM i versions 7.2, 7.3, 7.4, and 7.5. This vulnerability arises from an inadequate authority requirement, allowing a local non-privileged user to create a referential constraint using the privileges of another user who has been socially engineered to access the targeted file.

Impact

Exploitation of this vulnerability leads to a local denial-of-service condition, causing disruption at the file level.

Remediation

Users can apply a PTF to address this vulnerability. The specific PTF numbers for each affected IBM i release are as follows: 7.5 (SJ03022), 7.4 (SJ02988), 7.3 (SJ03130), and 7.2 (SJ03131).

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

4.5

impact

2.5

exploitability

3.2

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

4.5

impact

2.5

exploitability

3.2

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

IBM i File-Level Local Denial-of-Service Vulnerability

Vulnerability

Impact

Remediation

Affected Products

IBM i

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating