We would like to bring your attention to an IBM internally discovered vulnerability in PowerVM on Power9 and Power10 systems. This vulnerability could allow an attacker with privileged user access to a logical partition to perform an undetected violation of the isolation between logical partitions. This could lead to data leakage or the execution of arbitrary code in other logical partitions on the same physical server. The Common Vulnerability and Exposure number is CVE-2023-30438.
Kindly if you could have a look at lower CVE Security Bulletin for which IBM strongly recommends to apply the fix to your environment promptly. If you would have any questions or would like IBM help about the subject we are kindly asking you to open a case with our support making sure text “CVE-2023-30438” is mentioned in the case.
CVE Security Bulletin: https://www.ibm.com/support/pages/node/6993021
PSIRT Blog with Q&A: https://www.ibm.com/support/pages/node/6987797
CVE.org Bulletin: https://www.cve.org/cverecord?id=CVE-2023-30438
Remediation/Fixes
IBM recommends for the products below to install FW950.71(950_124) or newer to remediate this vulnerability.
Power 9
1) IBM Power System L922 (9008-22L)
2) IBM Power System S922 (9009-22A, 9009-22G)
3) IBM Power System H922 (9223-22H, 9223-22S)
4) IBM Power System S914 (9009-41A, 9009-41G)
5) IBM Power System S924 (9009-42A, 9009-42G)
6) IBM Power System H924 (9223-42H, 9223-42S)
7) IBM Power System E950 (9040-MR9)
8) IBM Power System E980 (9080-M9S)
IBM recommends for the products below to install FW1010.51(1010_163), FW1030.11(1030_052) or newer to remediate this vulnerability.
Power 10
1) IBM Power System E1080 (9080-HEX)
IBM recommends for the products below to install FW1020.31(1020_102), FW1030.11(1030_058) or newer to remediate this vulnerability.
Power 10
1) IBM Power System S1022 (9105-22A)
2) IBM Power System S1024 (9105-42A)
3) IBM Power System S1022s (9105-22B)
4) IBM Power System S1014 (9105-41B)
5) IBM Power System L1022 (9786-22H)
6) IBM Power System L1024 (9786-42H)
7) IBM Power System E1050 (9043-MRX)
For more information please contact us