AIX cmdlvm vulnerability - iFixes Available PDF Print E-mail
User Rating: / 0
PoorBest 
Written by Michael Felt   
 
IBM SECURITY ADVISORY
First Issued: Tue Jan 13 12:44:56 AM CST 2015
Updated: Tue Jan 20 08:37:23 CST 2015
Update: Added Acknowledgment
|Updated: Fri Jan 30 09:02:40 CST 2015
|Update: Updated iFixes
The most recent version of this document is available here:
http://aix.software.ibm.com/aix/efixes/security/lvm_advisory.asc
https://aix.software.ibm.com/aix/efixes/security/lvm_advisory.asc
ftp://aix.software.ibm.com/aix/efixes/security/lvm_advisory.asc
 
To determine if your system is vulnerable, execute the following command:
lslpp -L bos.rte.lvm
The following fileset levels are vulnerable:
AIX Fileset       Lower Level   Upper Level   KEY
--------------------------------------------------------
|   bos.rte.lvm       5.3.12.0      5.3.12.8      key_w_fs
|   bos.rte.lvm       6.1.8.0       6.1.8.19      key_w_fs
    bos.rte.lvm       6.1.9.0       6.1.9.30      key_w_fs
|   bos.rte.lvm       7.1.2.0       7.1.2.19      key_w_fs
    bos.rte.lvm       7.1.3.0       7.1.3.30      key_w_fs
AIX Fileset (VIOS)  Lower Level           Upper Level
-------------------------------------------------------------
|   bos.rte.lvm       6.1.8.0(2.2.2.0)      6.1.8.19(2.2.2.4)
|   bos.rte.lvm       6.1.9.0(2.2.3.0)      6.1.9.30(2.2.3.4)
IV. SOLUTIONS
A. APARS 
IBM has assigned the following APARs to this problem:
AIX Level        APAR number     Availability      KEY
------------------------------------------------------------
5.3.12           IV68070         ifix_only n/a     key_w_apar
6.1.8            IV68082         01/30/2015 SP6    key_w_apar
6.1.9            IV67907         05/29/2015 SP5    key_w_apar
7.1.2            IV68478         01/30/2015 SP6    key_w_apar
7.1.3            IV67908         05/29/2015 SP5    key_w_apar
 
< Prev