IBM Security Bulletin: Denial of service vulnerability affects IBM Unified Extensible Firmware Interface (CVE-2018-9085)
Dec 12, 2018 9:03 am EST
Categorized: Medium Severity
Share this post:
IBM System x, Flex and BladeCenter systems have addressed the following denial of service vulnerability in Unified Extensible Firmware Interface (UEFI).
CVE(s): CVE-2018-9085
Affected product(s) and affected version(s):
| Product | Affected Version |
| BladeCenter HS23 7875/1929 | tke1 |
| BladeCenter HS23E 8038/8039 | ahe1 |
| Flex System x220 2585/7906 | kse1 |
| Flex System x222 7916 | cce1 |
| Flex System x240 7863/8737/8738/8956 | b2e1 |
| Flex System x440 7917 | cne1 |
| Flex System x280 X6 4259 Flex System x480/x880 X6 7903 | n2e1 |
| System x iDataPlex dx360 M4 7912/7913 | tde1 |
| System x NeXtScale nx360 M4 5455 | fhe1 |
| System x3300 M4 7382 | yae1 |
| System x3500 M4 7383 | y5e1 |
| System x3550 M4 7914 | d7e1 |
| System x3630 M4 7158 System x3530 M4 7160 | bee1 |
| System x3650 M4 7915 System x3650 M4 HD 5460 | vve1 |
| System x3650 M4 BD 5466 | yoe1 |
| System x3750 M4 8718/8722/8733/8752 | koe1 |
| System x3850 X6/x3950 X6 3837/3839 | a8e1 |
Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://www.ibm.com/support/docview.wss?uid=ibm10741657
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/153019
from IBM Product Security Incident Response Team https://ift.tt/2ryBwCo