Important Information for vulnerability in PowerVM on Power9 and Power10 systems
May 17, 2023
An internally discovered vulnerability in PowerVM, on Power9 and Power10 systems. This vulnerability could allow an attacker with privileged user access to a logical partition to perform an undetected violation of the isolation between logical partitions. This could lead to data leakage or the execution of arbitrary code in other logical partitions on the same physical server.
Security Bulletin: https://www.ibm.com/support/pages/node/6993021
Q1. Are all Power Servers affected?
- Refer to the above security bulletin for the list of Power9 and Power10 servers and firmware that are vulnerable. Note that for Power9 servers, only FW950 is supported but all firmware releases on the listed products are vulnerable.
- Servers prior to Power9, and those which run OP9xx firmware are not affected by this vulnerability.
- We have no reports or any indication that the vulnerability has been utilized to gain unauthorized access.
Q2. How/when was the vulnerability discovered?
- It was discovered internally by IBM. A fix has been developed, thoroughly tested, and published on May 17 at Fix Central.
Q3. What should a client do?
- Follow the instructions on Fix Central to download and install the firmware.
Q4. What is the impact of this issue to a client?
- The impact is potential data leakage or the execution of arbitrary code in other logical partitions on the same physical server.
- We have no reports or any indication that the vulnerability has been utilized to gain unauthorized access.
Q5. Are there any environments more exposed than others?
- IBM cannot predict which client environments might be exposed because partition access control is determined by the client. An environment, which has granted privileged user access to one or more partitions should be considered potentially exposed.
Q6. Can the fix be applied concurrently?
- The firmware containing the fix can be applied concurrently and will eliminate this vulnerability for all systems except a Power10 system running firmware below FW1010.10.
- A Power10 system running firmware below FW1010.10 will need to apply the fix disruptively; the server must be powered off to apply the fix and eliminate this vulnerability.
Q7. What type of partitions are potentially affected?
- Any IBM Power9 or Power10 server identified in the security bulletin with multiple partitions is potentially affected; no matter how the partitions were created or managed.
Q8. Is IBM’s Power Virtual Server environment (Power VS) affected?
- The Power Systems Virtual Server on IBM Cloud (Power VS) offering was affected by this vulnerability and has been patched. No customer action is required.
References:
- Security Bulletins for IBM Products
- IBM X-Force Exchange