10 matches found
Security Bulletin: Vulnerabiliies in glibc affect PowerKVM
Summary PowerKVM is affected by vulnerabilities in glibc. IBM has now addressed these vulnerabilities. Vulnerability Details CVEID: CVE-2018-11237 DESCRIPTION: GNU glibc is vulnerable to a buffer overflow, caused by improper bounds of checking by the mempcpyavx512novzeroupper function. By executi...
Security Bulletin: PowerKVM has released fixes in response to the vulnerabilities known as Foreshadow
Summary PowerKVM is affected by vulnerabilities in the Linux kernel. IBM has now addressed these vulnerabilities. Note that, although the CVE descriptions do not reference POWER, POWER CPUs are afftected. Vulnerability Details CVEID: CVE-2018-3620 DESCRIPTION: Multiple Intel CPU''s could allow a...
Security Bulletin: A vulnerability in NSS affects PowerKVM
Summary PowerKVM is affected by a vulnerability in Network Security Services NSS. IBM has now addressed this vulnerability. Vulnerability Details CVEID: CVE-2017-7502 DESCRIPTION: Mozilla Network Security Services NSS, as used in Mozilla Firefox, is vulnerable to a denial of service, caused by a...
Security Bulletin: A vulnerability in rpcbind affects PowerKVM
Summary PowerKVM is affected by a vulnerability in rpcbind. IBM has now addressed this vulnerability. Vulnerability Details CVEID: CVE-2017-8779 DESCRIPTION: rpcbind, LIBTIRPC, and NTIRPC are vulnerable to a denial of service, caused by improper validation of XDR strings in memory allocation. By...
Security Bulletin: A vulnerability in NSS affects PowerKVM
Summary PowerKVM is affected by a vulnerability in Mozilla Network Security Services NSS. IBM has now addressed this vulnerability. Vulnerability Details CVEID: CVE-2017-5461 DESCRIPTION: Mozilla Firefox could allow a remote attacker to execute arbitrary code on the system, caused by an...
Security Bulletin: Vulnerabilities in postgresql affect PowerKVM
Summary PowerKVM is affected by vulnerabilities in postgresql. IBM has now addressed this vulnerability. Vulnerability Details CVEID: CVE-2016-5423 DESCRIPTION: PostgreSQL is vulnerable to a denial of service. By sending specially crafted SQL statements containing CASE/WHEN commands, a remote...
Security Bulletin: A vulnerability in nettle affects PowerKVM
Summary PowerKVM is affected by a vulnerability in nettle. IBM has now addressed this vulnerability. Vulnerability Details CVEID: CVE-2016-6489 DESCRIPTION: Nettle could allow a remote attacker to obtain sensitive information, caused by a cache-related side channel attack in the RSA and DSA...
Security Bulletin: Vulnerability in netcf affects PowerKVM (CVE-2014-8119)
Summary PowerKVM is affected by a vulnerability in netcf. This vulnerability is now fixed. Vulnerability Details CVEID: CVE-2014-8119 DESCRIPTION: The netcfg package in Linux is vulnerable to a denial of service, caused by the improper processing of XPath expressions by the findifcfgpath function...
Security Bulletin: Vulnerability in Linux Kernel affects PowerKVM (CVE-2016-0728)
Summary A Linux Kernel privilege escalation vulnerability affects PowerKVM. Vulnerability Details CVEID: CVE-2016-0728 DESCRIPTION: Linux Kernel could allow a local attacker to gain elevated privileges on the system, caused by a use-after-free in the joinsessionkeyring function in...
Security Bulletin: Vulnerability in rpcbind affects PowerKVM (CVE-2015-7236)
Summary A denial of service vulnerability in rpcbind CVE-2015-7236 affects PowerKVM. Vulnerability Details CVEID: CVE-2015-7236 DESCRIPTION: rpcbind is vulnerable to a denial of service, caused by a use-after-free in PMAPCALLIT. By sending specially crafted packets, a remote attacker could exploi...