IBM Support

9117-MMB (Doc Number=3527): Microcode update for MTMs 9117-MMB; 9179-MHB

Fix Readme


Abstract

9117-MMB (Doc Number=3527): Microcode update for MTMs 9117-MMB; 9179-MHB <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> Updated microcode for Machine-Type Models: 9117-MMB and 9179-MHB
System Firmware Level: AM780_054
This package provides firmware for Power 770 (9117-MMB) and Power 780 (9179-MHB) servers only.
Read the AM780_054 Description file for Firmware information and important notes.
NOTE: This Service Pack AM780_054 corrects the following HIPER ( H igh I mpact / PER vasive) issues and replaces levels AM780_040 and AM780_050.
HIPER/Pervasive: A security problem was fixed in the OpenSSL Montgomery ladder implementation for the ECDSA (Elliptic Curve Digital Signature Algorithm) to protect sensitive information from being obtained with a flush and reload cache side-channel attack to recover ECDSA nonces from the service processor. The Common Vulnerabilities and Exposures issue number is CVE-2014-0076. The stolen ECDSA nonces could be used to decrypt the SSL sessions and compromise the Hardware Management Console (HMC) access password to the service processor. Therefore, the HMC access password for the managed system should be changed after applying this fix.
HIPER/Pervasive: A security problem was fixed in the OpenSSL Transport Layer Security (TLS) and Datagram Transport Layer Security (DTLS) to not allow Heartbeat Extension packets to trigger a buffer over-read to steal private keys for the encrypted sessions on the service processor. The Common Vuln

Content

9117-MMB (Doc Number=3527): Microcode update for MTMs 9117-MMB; 9179-MHB Updated microcode for Machine-Type Models: 9117-MMB and 9179-MHB

System Firmware Level: AM780_054

This package provides firmware for Power 770 (9117-MMB) and Power 780 (9179-MHB) servers only.

Read the AM780_054 Description file for Firmware information and important notes.

NOTE: This Service Pack AM780_054 corrects the following HIPER (H ighI mpact / PER vasive) issues and replaces levels AM780_040 and AM780_050.

HIPER/Pervasive: A security problem was fixed in the OpenSSL Montgomery ladder implementation for the ECDSA (Elliptic Curve Digital Signature Algorithm) to protect sensitive information from being obtained with a flush and reload cache side-channel attack to recover ECDSA nonces from the service processor. The Common Vulnerabilities and Exposures issue number is CVE-2014-0076. The stolen ECDSA nonces could be used to decrypt the SSL sessions and compromise the Hardware Management Console (HMC) access password to the service processor. Therefore, the HMC access password for the managed system should be changed after applying this fix.

HIPER/Pervasive: A security problem was fixed in the OpenSSL Transport Layer Security (TLS) and Datagram Transport Layer Security (DTLS) to not allow Heartbeat Extension packets to trigger a buffer over-read to steal private keys for the encrypted sessions on the service processor. The Common Vulnerabilities and Exposures issue number is CVE-2014-0160 and it is also known as the heartbleed vulnerability. The stolen private keys could be used to decrypt the SSL sessions and and compromise the Hardware Management Console (HMC) access password to the service processor. Therefore, the HMC access password for the managed system should be changed after applying this fix.

IBM recommends that systems running AM780_040 or AM780_050, upgrade to AM780_054.

Visit Fix Central for all the latest updates.

Doc number: 3527 Published date: 20140419

[{"Business Unit":{"code":"BU058","label":"IBM Infrastructure w\/TPS"},"Product":{"code":"SSGM8X","label":"Power System 770 Server (9117-MMB)"},"Component":"","ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"","Edition":"","Line of Business":{"code":"LOB08","label":"Cognitive Systems"}}]

Document Information

Modified date:
12 April 2022

UID

isg1SSRVPOMICRO9117-MMB140419-1637