We would like to inform all our customers (and readers) that a bug has been identified in PowerVM that could lead to a security problem in Power9 and Power10 systems. The main risk is that a malicious actor with user privileges in a logical partition can compromise the isolation between logical partitions without being detected. This could result in data loss or unauthorized code execution on other logical partitions (LPARs) on the same physical server. Technical details can be found at https://www.ibm.com/support/pages/node/6993021
No. Only some IBM Power9 or Power10 models are at risk and always depending on their FW versions. Servers prior to Power9 and those running OP9xx firmware are not exposed to this vulnerability. There is no evidence that this vulnerability has been exploited to gain unauthorized access on any IBM client but it is always better to be safe than sorry :)
The vulnerability was identified by IBM internally. A solution has already been created and thoroughly tested and was launched on May 17 at Fix Central.
Customers should follow the instructions in Fix Central to download and install the updated firmware.
The main concern is the possibility of data leakage or unauthorized code running on other logical partitions of the same physical server. We have found no evidence that this vulnerability has been exploited to gain unauthorized access.
IBM cannot specify which client environments might be most at risk since access to partitions is controlled by the client. However, any environment in which privileged user access has been granted to one or more partitions should be considered potentially vulnerable. In other words, environments with a high density of LPARs, where production and test systems are mixed, are more likely to suffer from this vulnerability.
The firmware containing the fix can be installed concurrently and will fix this vulnerability on all systems with the exception of a Power10 system running firmware prior to FW1010.10. In this case, the solution must be applied in a disruptive manner, requiring the server to be shut down to install the update and eliminate the vulnerability.
Any IBM Power9 or Power10 server mentioned in the security bulletin that has multiple partitions could be affected. It does not matter how these partitions were created or managed.
The vulnerability also affected the Power Systems Virtual Server offering on IBM Cloud (Power VS), but the patch has already been applied to remediate it.
Contact us and find out about our preventive maintenance service and 24/7 support.
Did you know that many AIX systems are "working fine" until they suddenly... stop working?😱…
The evolution of IBM's Power architecture has been the subject of intense debate in the…
Did you know that while you have opened the browser to read this... your computer…
Why not emulate other architectures on Power? In a recent conversation with what I like…
High availability and business continuity are crucial to keep applications and services always operational. High…
In this fast-changing and complex technological era, choosing the right suppliers is crucial. When it…