Notification
Risk classification
Red Alert
Affected Domain
Affected Systems
NVME hard drive(s) shipped in systems between June 2021 and July 2023.
NVME hard drive(s) shipped in systems between June 2021 and July 2023.
Affected Product(s)
AIX
AIX
Abstract
A limited number of IBM Power Systems drives were inadvertently shipped with an IBM internal test image present on the disk. This test image (AIX) is not intended for use outside IBM and is not shipped in a secure state for external use. IBM has developed a mitigation plan for users who may inadvertently be running these images. If you have implemented your own fresh install of AIX or restored your own distribution of AIX, you are not exposed. IBM recommends you verify your instance(s) of AIX are not exposed by reviewing this notice and performing the recommended verification and remediation.
Recommended Action
IBM strongly recommends addressing the potential vulnerability now.
To determine if your current AIX contains the exposure, a system administrator should run the following AIX command:
lslpp -l htx
lslpp -l htx
if HTX is NOT found (no exposure) the command output should contain “htx not installed” as in the example below:
lslpp: 0504-132 Fileset htx not installed.
If the system is exposed, the command output will contain “COMMITTED Hardware Test Executive” as seen in the example below:
Fileset Level State Description
----------------------------------------------------------------------------
Path: /usr/lib/objrepos
htx 7.3.1.166 COMMITTED Hardware Test Executive
Fileset Level State Description
----------------------------------------------------------------------------
Path: /usr/lib/objrepos
htx 7.3.1.166 COMMITTED Hardware Test Executive
To remove HTX issue the following command:
installp -u htx
Monitor for the following confirmation for the output to indicate “DEINSTALL SUCCESS” as shown in the following example output:
htx 7.3.1.170 USR DEINSTALL SUCCESS
After the removal of the lpp, a reboot of the OS is needed to complete the removal, however the exposure has been mitigated and the OS reboot can be scheduled later.
*Note this method/mitigation only cleans up a boot drive that is in use. If other drives in the system have not been utilized or allocated, you need to ensure the installed AIX is removed on that drive before any use. This exposure is only active when you boot and run IBM’s AIX that was inadvertently shipped in a system and has not had the mitigation performed. It is possible more than one drive in your system was shipped with AIX and HTX installed.
Please contact your local IBM AIX support center for any assistance.
Date first published
20 September 2023
[{"Risk Classification":"Red Alert","Line of Business":{"code":"LOB57","label":"Power"},"Business Unit":{"code":"BU058","label":"IBM Infrastructure w\/TPS"},"Product":{"code":"TI000B3","label":"Power System S924 Server (9009-42G)"},"ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"All Versions"},{"Risk Classification":"Red Alert","Line of Business":{"code":"LOB57","label":"Power"},"Business Unit":{"code":"BU058","label":"IBM Infrastructure w\/TPS"},"Product":{"code":"SSMI4EA","label":"IBM Power E1050 (9043-MRX)"},"ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"All Versions"},{"Risk Classification":"Red Alert","Line of Business":{"code":"LOB57","label":"Power"},"Business Unit":{"code":"BU058","label":"IBM Infrastructure w\/TPS"},"Product":{"code":"TI000B2","label":"IBM Power System S914 (9009-41G)"},"ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"All Versions"},{"Risk Classification":"Red Alert","Line of Business":{"code":"LOB57","label":"Power"},"Business Unit":{"code":"BU058","label":"IBM Infrastructure w\/TPS"},"Product":{"code":"TI000B1","label":"Power System S922 Server (9009-22G)"},"ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"All Versions"},{"Risk Classification":"Red Alert","Line of Business":{"code":"LOB57","label":"Power"},"Business Unit":{"code":"BU058","label":"IBM Infrastructure w\/TPS"},"Product":{"code":"SST50ER","label":"IBM Power S1022s (9105-22B)"},"ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"All Versions"},{"Risk Classification":"Red Alert","Line of Business":{"code":"LOB57","label":"Power"},"Business Unit":{"code":"BU058","label":"IBM Infrastructure w\/TPS"},"Product":{"code":"TI000B5","label":"Power System H924 Server (9223-42S)"},"ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"All Versions"},{"Risk Classification":"Red Alert","Line of Business":{"code":"LOB57","label":"Power"},"Business Unit":{"code":"BU058","label":"IBM Infrastructure w\/TPS"},"Product":{"code":"SSE1FSG","label":"IBM Power S1022 (9105-22A)"},"ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"All Versions"},{"Risk Classification":"Red Alert","Line of Business":{"code":"LOB57","label":"Power"},"Business Unit":{"code":"BU058","label":"IBM Infrastructure w\/TPS"},"Product":{"code":"SSZ0S2","label":"IBM Power S1014 (9105-41B)"},"ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"All Versions"},{"Risk Classification":"Red Alert","Line of Business":{"code":"LOB57","label":"Power"},"Business Unit":{"code":"BU058","label":"IBM Infrastructure w\/TPS"},"Product":{"code":"SSBPSUB","label":"IBM Power S1024 (9105-42A)"},"ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"All Versions"},{"Risk Classification":"Red Alert","Line of Business":{"code":"LOB57","label":"Power"},"Business Unit":{"code":"BU058","label":"IBM Infrastructure w\/TPS"},"Product":{"code":"TI0005E","label":"Power System S914 Server (9009-41A)"},"ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"All Versions"},{"Risk Classification":"Red Alert","Line of Business":{"code":"LOB57","label":"Power"},"Business Unit":{"code":"BU058","label":"IBM Infrastructure w\/TPS"},"Product":{"code":"TI000BK","label":"Power System E1080 Server (9080-HEX)"},"ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"All Versions"},{"Risk Classification":"Red Alert","Line of Business":{"code":"LOB57","label":"Power"},"Business Unit":{"code":"BU058","label":"IBM Infrastructure w\/TPS"},"Product":{"code":"TI0007I","label":"Power System E980 Server (9080-M9S)"},"ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"All Versions"},{"Risk Classification":"Red Alert","Line of Business":{"code":"LOB57","label":"Power"},"Business Unit":{"code":"BU058","label":"IBM Infrastructure w\/TPS"},"Product":{"code":"TI0007E","label":"Power System E950 Server (9040-MR9)"},"ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"All Versions"}]
Was this topic helpful?
Document Information
Modified date:
20 September 2023
UID
ibm17033991