AIX

AIX

Connect with fellow AIX users and experts to gain knowledge, share insights, and solve problems.


#Power
#Power
 View Only

  • 1.  Do I have python installed? If so, do I have a version susceptible to this condition?

    Posted Fri October 17, 2025 03:36 PM
    Edited by Robert Berendt Fri October 17, 2025 03:37 PM

    I'm more of an IBM i guy.

    Running VIOS 3.1.4.50

    If I go into oem_setup_env it returns

    oslevel 

    7.2.0.0

    I'm looking at this:

    Security Bulletin: AIX/VIOS is affected by a denial of service (CVE-2024-8176) due to Python

    I ran the recommended lslpp -L | grep -i python3.9.base  and even tried lslpp -L | grep -i python3.11.base.  Both returned nothing.  I even tried lslpp -L | grep -i python and that returned nothing either.  I was curious if I might have python but it might be so old as to be open to even other CVE's, etc.

    Does this mean that I don't have python installed and I can ignore that for now?



    ------------------------------
    Robert Berendt IBMChampion
    Business Systems Analyst, Lead
    Dekko
    Fort Wayne
    ------------------------------



  • 2.  RE: Do I have python installed? If so, do I have a version susceptible to this condition?

    Posted Fri October 17, 2025 05:07 PM

    Hi,

    If no output is generated that means python is not installed there. Additionally, the security bulletin referred here seems to be impacting only VIOS version 4.1 and AIX 7.3 version. 



    ------------------------------
    Rohit Chauhan
    Senior Technical Specialist
    Norway
    ------------------------------

    Original Message


  • 3.  RE: Do I have python installed? If so, do I have a version susceptible to this condition?

    Posted Sun October 19, 2025 02:25 AM

    HI ,

    VIOs 4.1 and AIX 7.3 the affected level foe this CVE



    ------------------------------
    Anas AlSaleh
    IBM Power Systems Software Specialist
    Saudi Business Machines ( SBM )
    Riyadh
    ------------------------------

    Original Message


  • 4.  RE: Do I have python installed? If so, do I have a version susceptible to this condition?

    Posted Sun October 19, 2025 12:40 PM

    Thank you to all who have responded.



    ------------------------------
    Robert Berendt IBMChampion
    Business Systems Analyst, Lead
    Dekko
    Fort Wayne
    ------------------------------

    Original Message


  • 5.  RE: Do I have python installed? If so, do I have a version susceptible to this condition?

    Posted Mon October 20, 2025 04:56 AM

    These sort of CVEs always drive me up the wall... python isn't exposed on the VIOS, so exploiting this requires you to actively invoke python with a positively malicious XML file.

    By the time that happens, you already have bigger problems.



    ------------------------------
    José Pina Coelho
    IT Specialist at Kyndryl
    ------------------------------

    Original Message


  • 6.  RE: Do I have python installed? If so, do I have a version susceptible to this condition?

    Posted Mon October 20, 2025 05:30 AM

    Python isn't part of the base install of AIX 7.2 or VIOS 3.1.x.x.  It is part of the base install of AIX 7.3 & VIOS 4.1.x.x.

    As an aside, the commands you are running are looking for specific Python filesets, if you were to run "lslpp -L |grep -i python" then it would return any installed python fileset.  It's also possible to have Python installed from the Open-source toolbox, which you'd check with "rpm -qa |grep -i python".  



    ------------------------------
    Phill Rowbottom
    Unix Consultant
    Service Express
    Bedford
    ------------------------------

    Original Message


  • 7.  RE: Do I have python installed? If so, do I have a version susceptible to this condition?

    Posted Mon October 20, 2025 08:42 AM

    Hi Robert, 👋

    Based on the lslpp -L | grep -i python output returning nothing, it indicates that Python isn't currently installed on your VIOS system. The lslpp command lists all installed LPPs (Licensed Program Products), so if no Python-related packages appear (like python3.9.base or python3.11.base), that means Python runtime isn't present.

    Since the CVE (CVE-2024-8176) specifically targets systems with vulnerable Python versions installed, your environment should not be affected. You can safely ignore this bulletin for now.

    However, it's always a good idea to review your installed software periodically - especially if any applications or scripts later introduce a Python dependency.

    Hope that helps clarify things! 



    ------------------------------
    Thomas leonlaim
    ------------------------------

    Original Message


Related Content