Power

 View Only

  • 1.  CVE-2024-56346 CVE-2024-56347

    Posted 20 days ago
    Reply

    Hello,

       So, we have some legacy systems we are stuck on. Mostly AIX 7.1.   Are these systems vulnerable to these exploits?



    ------------------------------
    Charles Buckley
    ------------------------------


  • 2.  RE: CVE-2024-56346 CVE-2024-56347

    Posted 17 days ago
    Reply

    I'd like to understand v7.1 vulnerability to this also.,

    I note that the AIX 7.2 vulnerability stars at 7.2.5.0.

    Are earlier versions not vulnerable?

            AIX 7.2, 7.3
        VIOS 3.1, 4.1

        The vulnerabilities in the following filesets are being addressed:
        
        key_fileset = aix

        Fileset                 Lower Level  Upper Level KEY 
        ---------------------------------------------------------
        bos.sysmgt.nim.client   7.2.5.0      7.2.5.203   key_w_fs
        bos.sysmgt.nim.master   7.2.5.0      7.2.5.204   key_w_fs
        bos.sysmgt.sysbr        7.2.5.0      7.2.5.203   key_w_fs
        bos.sysmgt.nim.client   7.3.1.0      7.3.1.3     key_w_fs
        bos.sysmgt.nim.master   7.3.1.0      7.3.1.3     key_w_fs
        bos.sysmgt.sysbr        7.3.1.0      7.3.1.3     key_w_fs
        bos.sysmgt.nim.client   7.3.2.0      7.3.2.2     key_w_fs
        bos.sysmgt.nim.master   7.3.2.0      7.3.2.2     key_w_fs
        bos.sysmgt.sysbr        7.3.2.0      7.3.2.2     key_w_fs
        bos.sysmgt.nim.client   7.3.3.0      7.3.3.0     key_w_fs
        bos.sysmgt.nim.master   7.3.3.0      7.3.3.0     key_w_fs
        bos.sysmgt.sysbr        7.3.3.0      7.3.3.0     key_w_fs

        To find out whether the affected filesets are installed 
        on your systems, refer to the lslpp command found in AIX user's guide.

        Example:  lslpp -L | grep -i bos.sysmgt.nim.client


    ------------------------------
    Andrew Gee
    ------------------------------

    Original Message


Related Content