High Severity

IBM Security Bulletin: IBM i has released PTFs in response to the vulnerabilities known as Spectre and Meltdown

Share this post:

IBM has released the following IBM i OS PTFs in response to CVE-2017-5753, CVE-2017-5715 and CVE-2017-5754.

This security bulletin has been updated as additional IBM i PTFs are now available to mitigate the Spectre and Meltdown vulnerabilities.

CVE(s): CVE-2017-5753, CVE-2017-5715, CVE-2017-5754

Affected Products and Versions:

PTFs are available for releases 7.1, 7.2 and 7.3 of the IBM i operating system.

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://www.ibm.com/support/docview.wss?uid=nas8N1022433

More High Severity stories

IBM Security Bulletin: IBM API Connect V5 is potentially impacted by a weak cipher (CVE-2019-4256)

May 23, 2019 9:01 am EDT | Medium Severity

API Connect has addressed the following vulnerability. CVE(s): CVE-2019-4256 Affected product(s) and affected version(s): Affected IBM API Management Affected Versions IBM API Connect 5.0.0.0-5.0.8.6 Refer to the following reference URLs for remediation and additional vulnerability details:Source Bulletin: https://www-01.ibm.com/support/docview.wss?uid=ibm10882968X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/159944 ...read more


IBM Security Bulletin: Vulnerability in Apache ActiveMQ Affects IBM Control Center (CVE-2019-0222)

May 23, 2019 9:01 am EDT | High Severity

IBM Control center is affected by a Corrupt MQTT frame that can cause broker shutdown in Apache ActiveMQ. CVE(s): CVE-2019-0222 Affected product(s) and affected version(s): IBM Control Center 6.0.0.0 through 6.0.0.2 iFix05 IBM Control Center 6.1.0.0 through 6.1.2.0 iFix01 Refer to the following reference URLs for remediation and additional vulnerability details:Source Bulletin: http://www.ibm.com/support/docview.wss?uid=ibm10881171X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/158686 ...read more


IBM Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM MQ and IBM MQ Appliance

May 23, 2019 9:01 am EDT | High Severity

There are multiple vulnerabilities in IBM® Runtime Environment Java™ Version 6, 7 and 8 used by IBM MQ and IBM MQ Appliance. IBM MQ and IBM Appliance have addressed the applicable CVEs. CVE(s): CVE-2019-2449, CVE-2019-2422, CVE-2018-12549 Affected product(s) and affected version(s): IBM MQ and IBM MQ Appliance 9.1 Long Term Support (LTS) Maintenance levels 9.1.0.1 ...read more