Update: Malicious code vulnerability threatens IBM Data Replication VSAM
Attackers can attack IBM Data Replication VSAM for z/OS Remote Source. The gap has now been closed.
(Image: AFANASEV IVAN/Shutterstock.com)
Under certain conditions, attacks on IBM Data Replication VSAM for z/OS Remote Source are possible. In the worst case, malicious code can compromise systems. A security update provides a remedy.
IBM Data Replication VSAM for z/OS Remote Source is primarily responsible for synchronizing changes between databases.
As the developers describe in a warning message, local attackers can trigger memory errors due to inadequate checks to execute malicious code on systems. All versions are said to be at risk. The developers assure that they have closed the vulnerability (CVE-2025-36156 “high”) in the APAR PH67757 release (v11.4.0.22 for VSAM Remote source x86 container on fix central and VSAM_Remote_Source_114_Linux_x86.tar).
Videos by heise
So far, there have been no reports of attacks. It also remains unclear how admins can recognize systems that have already been attacked.
IBM developers only recently closed gaps in Security Verify Access and AIX/VIOS.
(des)
