Medium Severity

Security Bulletin: IBM has released AIX and VIOS iFixes in response to a vulnerability in IBM POWER9 (CVE-2020-4788)

Share this post:

IBM has released the following fixes for AIX and VIOS in response to CVE-2020-4788.

Affected product(s) and affected version(s):

Affected Product(s) Version(s)
AIX 7.1
AIX 7.2
VIOS 3.1

 

The vulnerabilities in the following filesets are being addressed:

Fileset  Lower Level  Upper Level 
bos.mp64  7.1.5.0  7.1.5.40 
bos.mp64  7.2.3.0  7.2.3.19 
bos.mp64  7.2.4.0  7.2.4.6 
bos.mp64  7.2.5.0  7.2.5.1

To find out whether the affected filesets are installed on your systems, refer to the lslpp command found in AIX user's guide.

Example:  lslpp -L | grep -i bos.mp64

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/6370729

More stories

Security Bulletin: Multiple vulnerabilites affect IBM Engineering products.

Feb 26, 2021 7:01 pm EST | Medium Severity

There are multiple vulnerabilities that are used by IBM Jazz Team Server affecting the following IBM Jazz Team Server based Applications: Engineering Lifecycle Management (ELM), Global Configuration Management (GCM), IBM Engineering Requirements Management DOORS Next (DOORS Next), IBM Engineering Requirements Quality Assistant On-Premises (RQA On-Prem), IBM Engineering Lifecycle Optimization - Engineering Insights (ENI), IBM Engineering Workflow Management (EWM), IBM Engineering Systems Design Rhapsody - Design Manager (RDM), IBM Engineering Systems Design Rhapsody - Model Manager (RMM). ...read more



Security Bulletin: IBM Cloud Private is vulnerable to a WebSphere Application Server Liberty vulnerability (CVE-2020-4590)

Feb 26, 2021 7:01 pm EST | Medium Severity

IBM Cloud Private is vulnerable to a WebSphere Application Server Liberty vulnerability ...read more