IBM Support

AIX/VIOS is not affected by the Bash vulnerabilities (CVE-2014-6271, CVE-2014-7169, CVE-2014-7186, CVE-2014-7187, CVE-2014-6277, and CVE-2014-6278)

Flashes (Alerts)


Abstract

AIX/VIOS is not vulnerable to the Bash vulnerabilities that have been referred to as “Bash Bug” or “Shellshock” and the two memory corruption vulnerabilities.

Content

AIX/VIOS in all editions and all platforms is NOT vulnerable to the Bash vulnerabilities (CVE-2014-6271, CVE-2014-7169, CVE-2014-7186, CVE-2014-7187, CVE-2014-6277, and CVE-2014-6278).

Note: AIX Toolbox for Linux Applications is affected. Please see the following link for more information.
http://www.ibm.com/support/docview.wss?uid=isg3T1021272


IBM recommends that you review your entire environment to identify vulnerable releases of Bash including your Operating Systems and take appropriate mitigation and remediation actions. Please contact your Operating System provider for more information.

Change History: 30 September 2014: original document published

[{"Product":{"code":"SS2HWD","label":"IBM Power Systems Enterprise Cloud Edition with AIX 7.2"},"Business Unit":{"code":"BU058","label":"IBM Infrastructure w\/TPS"},"Component":"--","Platform":[{"code":"PF002","label":"AIX"}],"Version":"5.3;6.1;7.1","Edition":"","Line of Business":{"code":"LOB57","label":"Power"}}]

Document Information

Modified date:
21 October 2021

UID

isg3T1021284