The IBM Power 9 OP910, OP920, and FW910 boot firmware's bootloader is responsible for loading and validating the initial boot firmware image that drives the rest of the system's hardware initialization. The bootloader firmware contains a buffer overflow vulnerability such that, if an attacker were able to replace the initial boot firmware image with a very carefully crafted and sufficiently large, malicious replacement, it could cause the bootloader, during the load of that image, to overwrite its own instruction memory and circumvent secure boot protections, install trojans, etc. IBM X-Force ID: 154345.
oryginał ENCVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:HIBM Power System Ac922 \(8335 Gtg\)
HWIbmwszystkie wersjeIBM Power System Ac922 \(8335 Gtg\) Firmware
OSIbm< op910.30IBM Power System Ac922 \(8335 Gth\)
HWIbmwszystkie wersjeIBM Power System Ac922 \(8335 Gth\) Firmware
OSIbm< op920.10IBM Power System Ac922 \(8335 Gtx\)
HWIbmwszystkie wersjeIBM Power System Ac922 \(8335 Gtx\) Firmware
OSIbm< op920.10IBM Power System H922 \(9223 22h\)
HWIbmwszystkie wersjeIBM Power System H922 \(9223 22h\) Firmware
OSIbm< fw910.10IBM Power System H924 \(9223 42h\)
HWIbmwszystkie wersjeIBM Power System H924 \(9223 42h\) Firmware
OSIbm< fw910.10IBM Power System L922 \(9008 22l\)
HWIbmwszystkie wersjeIBM Power System L922 \(9008 22l\) Firmware
OSIbm< fw910.10IBM Power System Lc921 \(9006 12p\)
HWIbmwszystkie wersjeIBM Power System Lc921 \(9006 12p\) Firmware
OSIbm< op920.10IBM Power System Lc922 \(9006 22p\)
HWIbmwszystkie wersjeIBM Power System Lc922 \(9006 22p\) Firmware
OSIbm< op920.10IBM Power System S914 \(9009 41a\)
HWIbmwszystkie wersjeIBM Power System S914 \(9009 41a\) Firmware
OSIbm< fw910.10IBM Power System S922 \(9009 22a\)
HWIbmwszystkie wersjeIBM Power System S922 \(9009 22a\) Firmware
OSIbm< fw910.10IBM Power System S924 \(9009 42a\)
HWIbmwszystkie wersjeIBM Power System S924 \(9009 42a\) Firmware
OSIbm< fw910.10
Powiązane podatności
Statyczne poświadczenia w IBM Flexible Service Processor umożliwiają eskalację uprawnień
IBM OPENBMC OP920, OP930, and OP940 could allow an unauthenticated user to obtain sensitive information. IBM X...
IBM PowerVM Hypervisor FW950.00 through FW950.E0, FW1050.00 through FW1050.50, and FW1060.00 through FW1060.40...
IBM OpenBMC OP910 and OP940 could allow a privileged user to cause a denial of service by uploading or deletin...
IBM OPENBMC OP910 and OP940 could allow a privileged user to upload an improper site identity certificate that...