High Severity

Security Bulletin: Vulnerabilities in the AIX kernel (CVE-2021-29727, CVE-2021-29801, CVE-2021-29862)

Share this post:

There are multiple vulnerabilities in the AIX kernel.

CVE(s): CVE-2021-29862, CVE-2021-29727, CVE-2021-29801

Affected product(s) and affected version(s):

Affected Product(s) Version(s)
AIX 7.1
AIX 7.2
VIOS 3.1

The vulnerabilities in the following filesets are being addressed:

Fileset Lower Level Upper Level
bos.mp64 7.1.5.0 7.1.5.40
bos.mp64 7.2.3.0 7.2.3.21
bos.mp64 7.2.4.0 7.2.4.8
bos.mp64 7.2.5.0 7.2.5.3

To find out whether the affected filesets are installed on your systems, refer to the lslpp command found in AIX user's guide.

Example:  lslpp -L | grep -i bos.mp64

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/6483875
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/206086
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/201106
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/203977

More stories

Security Bulletin: A vulnerability in Spring Framework affects IBM Watson Machine Learning Accelerator

Oct 15, 2021 8:01 pm EDT | High Severity

A vulnerability exists in Spring Framework version used by IBM Watson Machine Learning Accelerator. Spring framework upgrade to version 5.2.15 which resolves these vulnerabilities, is available on IBM Fix Central. ...read more


Security Bulletin: IBM Cloud Pak for Integration is vulnerable to multiple Node.js vulnerabilities

Oct 15, 2021 8:00 pm EDT | High Severity

IBM Cloud Pak for Integration is vulnerable to multiple Node.js vulnerabilities with details below ...read more


Security Bulletin: IBM Cloud Pak for Integration is vulnerable to multiple Go vulnerabilities

Oct 15, 2021 8:00 pm EDT | High Severity

IBM Cloud Pak for Integration is vulnerable to multiple Go vulnerabilities with details of each below ...read more