IBM Support

QRadar M6 xSeries firmware V3.1.0 for 1U and 2U appliances (USB On-prem installations)

Release Notes


This firmware update (v3.1.0) provided by IBM is intended for xSeries firmware updates on your IBM® Security QRadar® M6 appliances. This update is intended for M6 1U and 2U form factor QRadar appliances where administrators want to update appliances using a bootable USB drive to complete an on-premise firmware update.


Important: Select a tab to read each step of the firmware procedure.

Part 1: About the M6 firmware V3.1.0 update

Creating your USB flash drive for the firmware update requires a Windows™ host and the administrator must be on-site with the appliance. The firmware update can take up to 60 minutes complete per appliance and the administrator is required to reboot the appliance after the firmware install completes. The firmware upgrade procedures should only be done during a change window or during maintenance time for your QRadar appliances. If your Data Center does not allow USB keys, instructions and a download are available for administrators who have configured the XClarity interface on the Lenovo appliance. For information on how to install the ISO with your XClarity interface, see:

Supported appliances, types, and model information

This firmware update applies to the following IBM Security QRadar M6 (1U and 2U form factor) appliance types:
Hardware Details
Appliance and Machine type models (MTM)
IBM QRadar Network Insights Appliance 1901 G2 (4563-F8Y)
IBM QRadar Network Insights Appliance 1910 G2 (4563-F7Y)
IBM QRadar Network Insights Appliance 1920 G2 (4563-F5F)
IBM QRadar Core Appliance XX29 G2 (4563-Q4A)
IBM QRadar Core Appliance XX48 G2 (4563-Q5B)
IBM QRadar Core Appliance XX05 G4 (4563-Q3E)
IBM QRadar Incident Forensics Appliance G4 (4563-F3A)
IBM QRadar Event/QFlow Collector Appliance 1501/1201 G4 (4563-Q5D)
IBM QRadar Network Packet Capture Appliance G2 (4563-F3C)
Server Type M6
Server Machine Type SR630 / M6 1U
SR650 / M6 2U
Table 1: List of QRadar appliances the M6 firmware 3.1.0 can update.

Important file changes and prerequisites in this firmware update

Administrators must ensure that their M6 appliance includes the minimum version outlined in the Prerequisite version column. If your M6 appliance does not meet the prerequisite versions outlined in the table, the administrator must contact IBM QRadar Support to discuss a custom upgrade path for your M6 appliance.
Component Prerequisite version Firmware version in this update File name 
UEFI/BIOS  ive126o-1.41 or later ive164l-2.80 lnvgy_fw_uefi_ive164l-2.80_anyos_32-64.uxz
XCC None cdo364m-5.40 oem_fw_xcc_cdo364m-5.40_anyos_noarch.uxz
LXPM None pdl128k-2.00 lnvgy_fw_lxpm_pdl128k-2.00_anyos_noarch.uxz
RAID Controller None 530-51.13.0-3427-0
PCi and LOM adapters None 7.21-4.11-1.2585.0 intc-lnvgy_fw_nic_net-7.21-4.11-1.2585.0-all-04_linux_x86-64.bin
Emulex None elx-lnvgy_fw_fc_lp.3x-
Table 2: Firmware versions and any prerequisite for each component are provided in this table.

  • A number of hard disk drives can be installed in this appliance. The HDD update tool examines the hard disk drives that are present and selects the latest firmware version that is available for your drive.
  • The base system pack might contain other firmware packages that are not present in QRadar appliances. Firmware updates from the base system pack can be listed when the tool compares available firmware to the hardware in the appliance and display a status of "undetected".
  • For firmware questions and information see:

Security issues resolved in this firmware update

The table below lists the software versions contained within the firmware package and the applicable CVEs addressed in this firmware release.

Component File name  CVEs resolved in this package
UEFI/BIOS lnvgy_fw_uefi_ive164l-2.80_anyos_32-64.uxz CVE-2020-8696, CVE-2020-8755, CVE-2020-8705, CVE-2020-0587, CVE-2020-0591, CVE-2020-0592, and

Issues resolved:
  • Updated some setup menu help text and translations.
  • Fixed DIMM Number is incorrect in Hiddenlog when page retire occurred
  • Fixed PFA cannot be counnted correctly.
  • Fixed LXCA cannot deploy language slection (HT510862).
  • Correct SMBIOS type 3 Security State.
  • Changed default UEFI setting for Adaptive Double Device Data Correction (ADDDC) from enabled to disabled to address an issue with memory error correction under specific workloads while in virtual lockstep (VLS) HT510558. For more details see Intel sighting “SKX115 - Memory Errors in a VLS Region on a Certain Device May Not Be Properly Corrected”.
  • Fixed LXCA pattern fails to apply WWPN address to port 2 Emulex Lpm16002B- LFC HBA on SN550/SN850 (HT511227).
XCC oem_fw_xcc_cdo364m-5.40_anyos_noarch.uxz CVE-2015-3414, CVE-2015-3415, CVE-2015-3416, CVE-2016-6153, CVE-2017-3735, CVE-2017-3736, CVE-2017-3737, CVE-2017-3738, CVE-2017-5130, CVE-2017-6451, CVE-2017-6452, CVE-2017-6455, CVE-2017-6458, CVE-2017-6459, CVE-2017-6460, CVE-2017-6462, CVE-2017-6463, CVE-2017-6464, CVE-2017-7407, CVE-2017-8816, CVE-2017-8817, CVE-2017-10989, CVE-2017-12799, CVE-2017-12967, CVE-2017-13710, CVE-2017-14129, CVE-2017-14130, CVE-2017-14333, CVE-2017-14529, CVE-2017-14930, CVE-2017-14932, CVE-2017-14933, CVE-2017-14934, CVE-2017-14938, CVE-2017-14939, CVE-2017-14940, CVE-2017-14974, CVE-2017-15020, CVE-2017-15021, CVE-2017-15022, CVE-2017-15023, CVE-2017-15024, CVE-2017-15025, CVE-2017-15225, CVE-2017-15938, CVE-2017-15939, CVE-2017-15996, CVE-2017-16544, CVE-2017-16931, CVE-2017-16932, CVE-2017-17484, CVE-2017-1000100, CVE-2017-1000101, CVE-2017-1000254, CVE-2017-1000257, CVE-2017-1000494, CVE-2018-6872, CVE-2018-1000005, CVE-2018-1000007, CVE-2018-1000120, CVE-2018-1000121, CVE-2018-1000122
LXPM lnvgy_fw_lxpm_pdl128k-2.00_anyos_noarch.uxz

  • Automatic installation of SLES15.2, RHEL8.2 and VM7.0(base on operating system compatibility scope with Lenovo servers).
  • Advanced Memory Test.
Issues resolved:
  • Cannot create RAID1 array on m.2 drives in Lenovo XClarity Provisioning Manager (LXPM).
  • RAID array quantity is incorrect in lxpm when over ten arrays are created.
  • LXPM lite raid setup will not allow the creation of a raid 10 virtual drive with six (6) disk drives. The simple configuration still require disk numbers be multiple of 4.
RAID Controller lnvgy_fw_raid_mr3.5.530-51.13.0-3427-0_linux_x86-64.bin
PCi and LOM adapters intc-lnvgy_fw_nic_net-7.21-4.11-1.2585.0-all-04_linux_x86-64.bin None
Emulex elx-lnvgy_fw_fc_lp.3x- None
Table 3: Security issues resolved in the M6 firmware update V3.1.0.

Part 2: Requirements to create a bootable USB drive

To create a bootable USB key, you must have access to the following items:
  • An 8 GB or larger USB flash drive.
  • Entitlement for IBM Fix Central is required download firmware for QRadar appliances.
  • A workstation or laptop running one the following operating systems:
    • Windows™ 10
    • Windows™ 7
    • Windows™ Server 2008R2
    • Windows™ Server 20016
      NOTE: Microsoft, Windows, Windows NT, and the Windows logo are trademarks of Microsoft Corporation in the United States, other countries, or both.

Creating the bootable USB drive

  1. Download the M6 V3.1.0 firmware IMG file from IBM Fix Central.
    Note: Administrators can select either download link as the firmware download is identical for all QRadar software versions.  
  2. Download the Rufus Bootable USB Tool.
  3. Insert the USB flash drive into a USB port on your Windows™ laptop or workstation.
  4. Open Rufus and configure the properties.
    Parameter Value
    Device Select your USB drive
    Boot Selection Select Qradar_IMG_M6_1U_SR630_7X02_2U_SR650_7X06_3_1_0.img
    Partition scheme MBR (Default)
    Target system BIOS (or UEFI-CSM) (Default)
    File system FAT32 (Default)
    Cluster size
    This value defaults to the best option based on size of the USB drive.

    For example:
    image 8606
  5. Click Start. The image is loaded on the USB drive.
    image 8607
  6. After the installation finishes, safely eject the USB flash drive from your computer.

    The bootable drive is ready to be used to install firmware on the M6 appliance.

Part 3. Installing the Firmware on the QRadar M6 appliance

The instructions below are intended for M6 appliances that are not configured as HA (high-availability) pairs. If your appliance is in a HA pair, you must use the High-Availability update instructions found here: .

Booting from the USB Drive

  1. Insert the USB drive that has the bootable image into the QRadar appliance.
    IMPORTANT: Do not remove the USB flash drive until the IBM ToolsCenter completes the firmware installation.
  2. From the terminal or the KVM switch for the appliance, log in with root user credentials.
  3. From the command prompt, type: reboot
  4. As the appliance reboots, press F12.
  5. From the Boot Devices Manager, verify the Legacy Mode check box is clear (NOT selected).
  6. Locate your USB drive in the Boot Devices Menu and press Enter.
  7. In the Update Settings menu, verify all check boxes are clear (not selected) and click Next.
  8. In the Update Comparison menu, click Begin.
  9. The IBM UpdateXpress System Pack Installer compares the current package with the installed firmware.
  10. Verify all check boxes are selected where new firmware versions are available and click Next.
    IMPORTANT: Administrators must review the New Version column and confirm the firmware update is selected (checked). Issues have been reported previously where not all firmware changes were installed and administrators were required to run a firmware update two times to install updates.

  11. Wait for the firmware updates to load.
  12. Click Begin Update to install the firmware.

    NOTE: Administrators might be prompted with a confirmation dialogue and need to click Next to continue.
  13. Verify that all updates complete successfully and click Next.
  14. If you experienced any errors, click Save Log or click Finish to exit after a successful installation.
  15. The appliance must reboot to complete the firmware installation.

    The appliance reboots and is available for use in the QRadar deployment. If you experience any installation issues, you can contact QRadar Support for assistance and open a software support case for your appliance. The support representative can request the firmware logs for review to determine the root cause of the issue or if replacement hardware is required. If the issue is hardware related, the support representative can change the case type and involve the proper teams to schedule replacement parts.  

[{"Line of Business":{"code":"LOB24","label":"Security Software"},"Business Unit":{"code":"BU008","label":"Security"},"Product":{"code":"SSBQAC","label":"IBM Security QRadar SIEM"},"ARM Category":[{"code":"a8m0z000000cwtcAAA","label":"Hardware"}],"ARM Case Number":"","Platform":[{"code":"PF016","label":"Linux"}],"Version":"All Version(s)"}]

Document Information

Modified date:
01 April 2021