IBM Security Bulletin: A vulnerability in sudo affects PowerKVM

PowerKVM is affected by a vulnerability in sudo. IBM has now addressed this vulnerability, which is described by two CVEs.

CVE(s): CVE-2017-1000367, CVE-2017-1000368

Affected product(s) and affected version(s):

PowerKVM 2.1 and 3.1

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://ift.tt/2wuEojY
X-Force Database: http://ift.tt/2eUcM47
X-Force Database: http://ift.tt/2wuCkZm

The post IBM Security Bulletin: A vulnerability in sudo affects PowerKVM appeared first on IBM PSIRT Blog.

from IBM Product Security Incident Response Team http://ift.tt/2vC7YYw