Security Bulletin: This Power System update is being released to address CVE-2018-5391

Summary POWER9: In response to a denial of service vulnerability, a new Power Systems firmware update is being released to address Common Vulnerabilities and Exposures issue number CVE-2018-5391. A remote attacker could use large IP frames to trigger time and calculation expensive calls in the...

CVE-2018-1992

The IBM POWER9 boot firmware bootloader contains a buffer overflow in the initial boot image load path that could overwrite its own instruction memory and bypass secure boot protections, allowing trojan installation. Affected products/versions include FW910 boot firmware and OP910/OP920 OpenPOWER...