The runtime linker in IBM AIX 6.1 and 7.1 and VIOS 2.2.x allows local users to create a mode-666 root-owned file, and consequently gain privileges, by setting crafted MALLOCOPTIONS and MALLOCBUCKETS. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.
IBM
Privilege Escalation
Vios
Aix
NVD
CVSS 2.0
7.2
EPSS
0.1%