26.05.2023 | Steven Michael Richardson
Lizenz: Adobe Stock / Marcom Schweiz
IBM has discovered an issue with PowerVM firmware code which affects Power9 and Power10 systems!
An internally discovered vulnerability in PowerVM on Power9 and Power10 systems could allow an attacker with privileged user access to a logical partition to perform an undetected violation of the isolation between logical partitions which could lead to data leakage or the execution of arbitrary code in other logical partitions on the same physical server. The Common Vulnerability and Exposure number is CVE-2023-30438.
The firmware is available on Fix Central and those with My Notifications subscriptions were notified as of May 17th.
More details can be found here:
PSIRT Blog/Q&A: https://www.ibm.com/support/pages/node/6987797
Security Bulletin: https://www.ibm.com/support/pages/node/6993021
Subscribe to be Product notifications: https://www.ibm.com/support/mynotifications
Fix Central for product fixes: https://www.ibm.com/support/fixcentral/
For questions please contact our TD SYNNEX IBM Hardware Team.