IBM Support

OA63225: SVC SCAN INCORRECTLY DETECTS SVC 222 IN IBM SVCS ON ACF2 SYSTEM

A fix is available

Obtain the fix for this APAR.

Subscribe

You can track all active APARs for this component.

 

APAR status

  • Closed as program error.

Error description

  • SVC scan incorrectly detects SVC 222 in IBM SVCs on ACF2 system.

This results in an audit priority of 21 being reported for SVCs
0, 92 and 114 in the AU.S SVC report.

Local fix

  • N/A

Problem summary

  • ****************************************************************
* USERS AFFECTED: Users of zSecure Audit for ACF2 exploiting   *
*                 the "Supervisor Call Audit Display" report   *
*                 (newlist type SVC).                          *
****************************************************************
* PROBLEM DESCRIPTION: zSecure Audit for ACF2 might report an  *
*                      incorrect "SVC scan hit" audit concern  *
*                      for ACF2 SVCs.                          *
****************************************************************
* RECOMMENDATION: Apply the PTF provided.                      *
****************************************************************
The "Supervisor Call Audit Display" report (newlist type SVC)
generated by zSecure Audit for ACF2 might incorrectly report the
"SVC scan hit" audit concern with priority 21 for ACF2 SVCs
invoked from some IBM supplied SVC's (like "EXCP/XDAP" (SVC 0),
"TCBEXCP" (SVC 92), and "EXCPVR" (SVC 114).

Problem conclusion

  • zSecure Audit for ACF2 has been updated so that ACF2 SVCs
invoked by IBM supplied SVCs are not flagged with the "SVC scan
hit" audit concern by the "Supervisor Call Audit Display" report
(newlist type SVC).

Temporary fix

  • 



Comments


    

  • 



APAR Information




    

  • APAR number
    OA63225
    • 

  • Reported component name
    ZSEC BASE,ADMIN
    • 

  • Reported component ID
    5655T0100
    • 

  • Reported release
    240
    • 

  • Status
    CLOSED  PER
    • 

  • PE
    NoPE
    • 

  • HIPER
    NoHIPER
    • 

  • Special Attention
    NoSpecatt / Xsystem
    • 

  • Submitted date
    2022-05-05
    • 

  • Closed date
    2022-06-14
    • 

  • Last modified date
    2022-09-08
    • 





    

  • APAR is sysrouted FROM one or more of the following:
    

    • 

  • APAR is sysrouted TO one or more of the following:
    

    
UJ08663 UJ08664
    

    • 



Modules/Macros


    

  • CKAOUSVC GKROUSVC

    



Fix information


    

  • Fixed component name
    ZSEC BASE,ADMIN
    • 

  • Fixed component ID
    5655T0100
    • 



Applicable component levels


    

  • R240  PSY  UJ08664
       UP22/06/15  P  F206
    • 

  • R250  PSY  UJ08663
       UP22/06/15  P  F206
    • 



Fix is available


    

  • Select the PTF appropriate for your component level.
You will be required to sign in. Distribution on physical
media is not available in all countries.
    








      
              
                            

              

              [{"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSPQTM","label":"IBM Security zSecure Admin"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"240","Line of Business":{"code":"LOB24","label":"Security Software"}}]
              

                          

          
 
        

      

    

      

        

          

            
Document Information


            

            


                        

            Modified date:
            

            08 September 2022
            

            
                      

        


        

        


      

    

  



    

  

  
    
            

          
Page Feedback