High Severity

IBM Security Bulletin: Vulnerabilities in the Linux kernel affect PowerKVM

Share this post:

PowerKVM is affected by vulnerabilities in the Linux kernel . IBM has now addressed these vulnerabilities.

CVE(s): CVE-2018-10675, CVE-2018-7566, CVE-2017-13215

Affected product(s) and affected version(s):

PowerKVM 3.1

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://www.ibm.com/support/docview.wss?uid=ibm10870832
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/142895
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/141112
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/137560

More stories

IBM Security Bulletin: Potential denial of service in Liberty for Java for IBM Cloud (CVE-2018-10237)

Mar 22, 2019 10:00 am EDT | High Severity

There is a potential denial of service with the Google Guava library that is used in Liberty for Java. CVE(s): CVE-2018-10237 Affected product(s) and affected version(s):This vulnerability affects all versions of Liberty for Java in IBM Cloud up to and including v3.27. Refer to the following reference URLs for remediation and additional vulnerability details:Source Bulletin: ...read more


IBM Security Bulletin: API Connect V2018 is impacted by information leak (CVE-2019-4052)

Mar 21, 2019 10:01 am EDT | High Severity

IBM API Connect has addressed the following vulnerability. CVE(s): CVE-2019-4052 Affected product(s) and affected version(s): Affected IBM API Management Affected Versions IBM API Connect 2018.1-2018.4.1.2 Refer to the following reference URLs for remediation and additional vulnerability details:Source Bulletin: http://www.ibm.com/support/docview.wss?uid=ibm10874248X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/156544 ...read more


IBM Security Bulletin: Cloudant Local Apache CouchDB CVE-2018-17188: Remote Privilege Escalations

Mar 20, 2019 10:02 am EDT | High Severity

Prior to CouchDB version 2.3.0, CouchDB allowed for runtime-configuration of key components of the database. In some cases, this lead to vulnerabilities where CouchDB admin users could access the underlying operating system as the CouchDB user. Together with other vulnerabilities, it allowed full system entry for unauthenticated users. CVE(s): CVE-2018-17188 Affected product(s) and affected version(s):All ...read more