IBM Support

Security Bulletin: This Power System firmware update is being released to address Common Vulnerabilities and Exposures issue numbers CVE-2017-5715, CVE-2017-5753 and CVE-2017-5754 (known as Spectre and Meltdown).

Security Bulletin


Summary

Power 7 / Power 7+: In response to recently reported security vulnerabilities, this Power System firmware update is being released to address Common Vulnerabilities and Exposures issue numbers CVE-2017-5715, CVE-2017-5753 and CVE-2017-5754. Note, the Power 7+ Firmware release augments the earlier Firmware release and includes updates needed for IBM i, AIX and Linux. In addition, Operating System updates are required for CVE-2017-5753 and CVE-2017-5754, and should be installed after loading firmware.

Power 8/Power 9: In response to recently reported security vulnerabilities, this Power System firmware update is being released to address Common Vulnerabilities and Exposures issue numbers CVE-2017-5715, CVE-2017-5753 and CVE-2017-5754. Operating System updates are required in conjunction with this FW level for CVE-2017-5753 and CVE-2017-5754.

Vulnerability Details

CVEID: CVE-2017-5753
CVEID: CVE-2017-5715
CVEID: CVE-2017-5754
The firmware update can be obtained from FixCentral by specifying the Product and fix level as described in the as specified in this Remediation section.

Workarounds and Mitigations

The most immediate action clients can take to protect themselves is to prevent execution of unauthorized software on any system that handles sensitive data, including adjacent virtual machines.
Remediation

Customers with the products below, install FW730.D1 (01AA730_157_035, 01AL730_157_035)

1) IBM Power PS700 (8406-70Y)
2) IBM Power PS701 (8406-71Y)
3) IBM Power PS702 (8406-71Y)
4) IBM Power PS703(7891-73X)
5) IBM Power PS704(7891-74X)
6) IBM Power 710 Express (8231-E2B)
7) IBM Power 730 Express (8231-E2B)
8) IBM Power 720 Express (8202-E4B)
9) IBM Power 740 Express (8205-E6B)
10) IBM Smart Analytics Solution 7700 (8492-DW2)
11) IBM Smart Analytics Solution 7700 (8493-SV2)
12) IBM Power 750 (8233-E8B)
13) IBM Power 755(8236-E8C)

Customers with the products below, install FW731.81 (01AS730_181_093)

1) IBM Power 775 (9125-F2C)

Customers with the products below, install FW740.C1 (01AL740_165_042)

1) IBM Power 710 (8231-E1C)
2) IBM Power 720 (8202-E4C)
3) IBM Power 730 (8231-E2C)
4) IBM Power 740 (8205-E6C)
5) IBM Smart Analytics Solution 7710 (8492-DW3)
6) IBM Smart Analytics Solution 7710 (8493-SV3)
7) IBM PowerLinux 7R1 (8246-L1C)
8) IBM PowerLinux 7R1 (8246-L1S)
9) IBM PowerLinux 7R2 (8246-L2C)
10) IBM PowerLinux 7R2 (8246-L2S)

Customers with the products below, install FW770.92 (01AL770_122_032, 01AM770_122_032)

1) IBM Power 720 Express (8202- E4D)
2) IBM Power 740 Express (8205- E6D)
3) IBM Power 750 Express (8408-E8D)
4) IBM Power 760 Express (9109-RMD)
5) IBM Smart Analytics System 7700 R1.1 (8493-SV6)
6) IBM Power 710 Express (8231- E1D)
7) IBM Power 710 Express (8268-E1D)
8) IBM Power 730 Express (8231- E2D)
9) IBM PowerLinux 7R1 (8246-L1D)
10) IBM PowerLinux 7R1 (8246-L1T)
11) IBM PowerLinux 7R2 (8246-L2D)
12) IBM PowerLinux 7R2 (8246-L2T)
13) IBM PowerLinux 7R4 (8248-L4T)
14) IBM Power 770 (9117-MMC)
15) IBM Power 780 (9179-MHC)

Customers with the products below, install FW780.82 (01AM780_096_040, 01AH780_096_040)

1) IBM Power 770 (9117-MMB)
2) IBM Power 780 (9179-MHB)
3) IBM Power 770 (9117-MMD)
4) IBM Power 780 (9179-MHD)
5) IBM Power ESE (8412-EAD)
6) IBM Power 795 (9119-FHB)

Customers with the products below, install FW783.52 (01AF783_040_021)

1) IBM Flex System p260 Compute Node (7895-22X)
2) IBM Flex System p460 Compute Node (7895-42X)
3) IBM Flex System p24L Compute Node (1457-7FL)
4) IBM Flex System p260 Compute Node (7895-23X)
5) IBM Flex System p260 Compute Node (7895-23A) with F/C EFD9
6) IBM Flex System p460 Compute Node (7895-43X)
7) IBM Flex System p270 Compute Node (7954-24X)

Customers with the products below, install FW860.42 (01SV860_138_056, 01SC860_138_056)

1) IBM Power System S812 (8284-21A)
2) IBM Power System S822 (8284-22A)
3) IBM Power System S814 (8286-41A)
4) IBM Power System S824 (8286-42A)
5) IBM Power System S812L (8247-21L)
6) IBM Power System S822L (8247-22L)
7) IBM Power System S824L (8247-42L)
8) IBM Power System E850 (8408-E8E)
9) IBM Power System E850C (8408-44E)
10) IBM Power System E870 (9119-MME)
11) IBM Power System E870C (9080-MME)
12) IBM Power System E880 (9119-MHE)
13) IBM Power System E880C (9080-MHE)

Customers with the products below, install FW OP810.34 (OP8_v1.8_1.6)

1) IBM Power System S812LC (8348-21C)

Customers with the products below, install FW OP825.11 (V2.11)

1) IBM Power Scale-out LC server 821LC (8001-12C)
2) IBM Power Scale-out LC server 822LC (8001-22C)
3) IBM Power Hyperconverged CS server CS821 (8005-12N)
4) IBM Power Hyperconverged CS server CS822 (8005-22N)

Customers with the products below, install FW OP820.21 (OP8_v1.12_2.85F)

1) IBM Power System S822LC (8335-GCA)
2) IBM Power System S822LC (8335-GTA)
3) IBM Power System S822LC (8335-GTB)

Customers with the products below, install FW OP910.10 (OP9_v1.19_1.111)

1) IBM Power System AC922 (8335-GTG)

Products Addressed and Versions

POWER7 Products Addressed:

1) IBM Power PS700 (8406-70Y)
2) IBM Power PS701 (8406-71Y)
3) IBM Power PS702 (8406-71Y)
4) IBM Power PS703(7891-73X)
5) IBM Power PS704(7891-74X)
6) IBM Power 710 Express (8231-E2B)
7) IBM Power 730 Express (8231-E2B)
8) IBM Power 720 Express (8202-E4B)
9) IBM Power 740 Express (8205-E6B)
10) IBM Smart Analytics Solution 7700 (8492-DW2)
11) IBM Smart Analytics Solution 7700 (8493-SV2)
12) IBM Power 750 (8233-E8B)
13) IBM Power 755(8236-E8C)
14) IBM Power 775 (9125-F2C)
15) IBM Power 710 (8231-E1C)
16) IBM Power 720 (8202-E4C)
17) IBM Power 730 (8231-E2C)
18) IBM Power 740 (8205-E6C)
19) IBM Smart Analytics Solution 7710 (8492-DW3)
20) IBM Smart Analytics Solution 7710 (8493-SV3)
21) IBM PowerLinux 7R1 (8246-L1C)
22) IBM PowerLinux 7R1 (8246-L1S)
23) IBM PowerLinux 7R2 (8246-L2C)
24) IBM PowerLinux 7R2 (8246-L2S)
25) IBM Power 770 (9117-MMB)
26) IBM Power 780 (9179-MHB)
27) IBM Power 770 (9117-MMC)
28) IBM Power 780 (9179-MHC)
29) IBM Power 795 (9119-FHB)
30) IBM Flex System p260 Compute Node (7895-22X)
31) IBM Flex System p460 Compute Node (7895-42X)
32) IBM Flex System p24L Compute Node (1457-7FL)

POWER7+ Products Addressed:

1) IBM Power 720 Express (8202- E4D)
2) IBM Power 740 Express (8205- E6D)
3) IBM Smart Analytics System 7700 R1.1 (8493-SV6)
4) IBM Power 710 Express (8231- E1D)
5) IBM Power 710 Express (8268-E1D)
6) IBM Power 730 Express (8231- E2D)
7) IBM Power 750 Express (8408-E8D)
8) IBM Power 760 Express (9109-RMD)
9) IBM PowerLinux 7R1 (8246-L1D)
10) IBM PowerLinux 7R1 (8246-L1T)
11) IBM PowerLinux 7R2 (8246-L2D)
12) IBM PowerLinux 7R2 (8246-L2T)
13) IBM PowerLinux 7R4 (8248-L4T)
14) IBM Power 770 (9117-MMD)
15) IBM Power 780 (9179-MHD)
16) IBM Power ESE (8412-EAD)
17) IBM Flex System p260 Compute Node (7895-23X)
18) IBM Flex System p260 Compute Node (7895-23A) with F/C EFD9
19) IBM Flex System p460 Compute Node (7895-43X)
20) IBM Flex System p270 Compute Node (7954-24X)

POWER8 Products Addressed:

1) IBM Power System S812 (8284-21A)
2) IBM Power System S822 (8284-22A)
3) IBM Power System S814 (8286-41A)
4) IBM Power System S824 (8286-42A)
5) IBM Power System S812L( 8247-21L)
6) IBM Power System S822L (8247-22L)
7) IBM Power System S824L (8247-42L)
8) IBM Power System E850 (8408-E8E)
9) IBM Power System E850C (8408-44E)
10) IBM Power System E870 (9119-MME)
11) IBM Power System E880 (9119-MHE)
12) IBM Power System E870C (9080-MME)
13) IBM Power System E880C (9080-MHE)
14) IBM Power System S812LC (8348-21C)
15) IBM Power Scale-out LC server 821LC (8001-12C)
16) IBM Power Scale-out LC server 822LC (8001-22C)
17) IBM Power Hyperconverged CS server CS821 (8005-12N)
18) IBM Power Hyperconverged CS server CS822 (8005-22N)
19) IBM Power System S822LC (8335-GCA)
20) IBM Power System S822LC (8335-GTA)
21) IBM Power System S822LC (8335-GTB)

POWER9 Products Addressed:

1) IBM Power System AC922 (8335-GTG)

Get Notified about Future Security Bulletins

References

Related information

IBM Secure Engineering Web Portal
IBM Product Security Incident Response Blog

*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.

Disclaimer

According to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an "industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response." IBM PROVIDES THE CVSS SCORES "AS IS" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY.


Cross reference information
Segment Product Component Platform Version Edition
Power Systems 8205
Power Systems 8246
Power Systems 8247
Power Systems 8248
Power Systems 8268
Power Systems 8284
Power Systems 8286
Power Systems 8408
Power Systems 8412
Power Systems 9109
Power Systems 9117
Power Systems 9119
Power Systems 9179
Power Systems Power 710 (8231)
Power Systems Power 730 (8231)
PureFlex Flex System p260 Compute Node
PureFlex Flex System p270 Compute Node
PureFlex Flex System p460 Compute Node
Power Systems 9080

Document information

More support for: Power Systems

Version: Version Independent

Operating system(s): Platform Independent

Reference #: T1026811

Modified date: 21 March 2018


Translate this page: