IBM Security Bulletin: Vulnerabilities in libxml2 and zlib affect IBM Flex System Networking Switch Products
IBM Flex System Networking Switch Products have addressed the following vulnerabilities in libxml2 and zlib. Vulnerability Details:
CVE(s): CVE-2016-4658, CVE-2016-9318, CVE-2016-9840, CVE-2016-9841, CVE-2016-9842, CVE-2016-9843
Affected product(s) and affected version(s):
| Product | Affected Version |
|---|---|
| IBM Flex System Fabric EN4093R 10Gb Scalable Switch | 7.8 |
| IBM Flex System Fabric CN4093 10Gb Converged Scalable | 7.8 |
| What IBM Flex System Fabric SI4093 System Interconnect | 7.8 |
| IBM Flex System EN2092 1Gb Ethernet Scalable Switch | 7.8 |
Remediation/Fixes:
Firmware fix versions are available on Fix Central:
http://ift.tt/1qeg5iT.
| Product | Fix Version |
|---|---|
| IBM Flex System Fabric EN4093R 10Gb Scalable Switch (ibm_fw_scsw_en4093r-7.8.17.0_anyos_noarch) | 7.8.17.0 |
| IBM Flex System Fabric CN4093 10Gb Converged Scalable Switch (ibm_fw_scsw_cn4093-7.8.17.0_anyos_noarch) | 7.8.17.0 |
| IBM Flex System Fabric SI4093 System Interconnect Module (ibm_fw_scsw_si4093-7.8.17.0_anyos_noarch) | 7.8.17.0 |
| IBM Flex System EN2092 1Gb Ethernet Scalable Switch (ibm_fw_scsw_en2092-7.8.17.0_anyos_noarch) | 7.8.17.0 |
Workaround(s) & Mitigation(s):
None
Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://ift.tt/2qT241q
X-Force Database: http://ift.tt/2qnEQND
X-Force Database: http://ift.tt/2rlLd8L
X-Force Database: http://ift.tt/2lLwOQm
X-Force Database: http://ift.tt/2mlzP6B
X-Force Database: http://ift.tt/2lLuetu
X-Force Database: http://ift.tt/2mlCjlv
The post IBM Security Bulletin: Vulnerabilities in libxml2 and zlib affect IBM Flex System Networking Switch Products appeared first on IBM PSIRT Blog.
from IBM Product Security Incident Response Team http://ift.tt/2qnys99