Global Security Forum

Security Global Forum

Our mission is to provide clients with an online user community of industry peers and IBM experts, to exchange tips and tricks, best practices, and product knowledge. We hope the information you find here helps you maximize the value of your IBM Security solutions.

 View Only
Back to discussions
Expand all | Collapse all

Need generated ifix package for specific AIX: 7.2 TL5 SP4 due to security vulnerable to arbitrary command execution (CVE-2024-56346, CVE-2024-56347).

  • 1.  Need generated ifix package for specific AIX: 7.2 TL5 SP4 due to security vulnerable to arbitrary command execution (CVE-2024-56346, CVE-2024-56347).

    Posted Fri March 21, 2025 06:58 AM

    Hello AIX, NIM and security team,

    Today (21Mar), there many customer and IBMBP create case support about the "Security Bulletin: AIX is vulnerable to arbitrary command execution (CVE-2024-56346, CVE-2024-56347)"

    By navigate detail in "B.FIXES" topic in URL: Security Bulletin: AIX is vulnerable to arbitrary command execution (CVE-2024-56346, CVE-2024-56347)

    The Ifix package provided with specific AIX version such as 7.2.5.7 (or starting with 7.2.5.7 onward) for both NIM master and client.

    Q1: Is it possible to generate package by specific AIX version : 7.2 TL5 SP4?

    Q2: Is there any workaround solution while waiting until customer have a time to install ifix?

    Regards,
    Charin Kumjudpai.





    ------------------------------
    CHARIN KUMJUDPAI
    ------------------------------


  • 2.  RE: Need generated ifix package for specific AIX: 7.2 TL5 SP4 due to security vulnerable to arbitrary command execution (CVE-2024-56346, CVE-2024-56347).

    Posted Mon March 24, 2025 03:06 AM

    Hello Charin,

    you should open a Ticket at IBM support team, provide a snap and request that fix for the installed AIX version you have.

    kind regards



    ------------------------------
    Joerg Kauke
    Unix Administrator
    COOP Switzerland
    ------------------------------

    Original Message


  • 3.  RE: Need generated ifix package for specific AIX: 7.2 TL5 SP4 due to security vulnerable to arbitrary command execution (CVE-2024-56346, CVE-2024-56347).

    Posted Mon March 24, 2025 05:54 AM

    If you need an ifix for an old level, you need to open a support case, and request the ifix. 



    ------------------------------
    José Pina Coelho
    IT Specialist at Kyndryl
    ------------------------------

    Original Message