Nov 13, 2019 12:30 pm EST
Share this post:
IBM is aware of reported Intel vulnerabilities, CVE-2018-12207 and CVE-2019-11135, which are addressed by Citrix in the XSA-304 and XSA-305 security advisories. The vulnerabilities potentially could enable a denial of service attack or allow unauthorized access to recent memory content. There are no known malicious exploits of these vulnerabilities, which potentially impact the hypervisor.
IBM is implementing updates to remediate these vulnerabilities. No downtime for clients is expected, and no client action is necessary for IBM Cloud virtual servers. While we do not anticipate any issues with remediation, we always recommend that clients have a tested backup strategy.