IBM Security Bulletin: Vulnerabilities in libxml2 affect Intel® Manycore Platform Software Stack (Intel® MPSS) for Linux and Windows (CVE-2017-16931, CVE-2017-16932)

Intel® Manycore Platform Software Stack (Intel® MPSS) for Linux and Windows have addressed the following vulnerabilities in libxml2.

CVE(s): CVE-2017-16931, CVE-2017-16932

Affected product(s) and affected version(s):

The following products used with Intel Xeon Phi PCI-Express cards (Intel Xeon Phi 3120A, Intel Xeon Phi 5110P, Intel Xeon Phi 7120A, and Intel Xeon Phi 7210P) on the System x systems:

• iDataPlex dx360 M4
• NeXtScale nx360 M4
• PureFlex x220 M4 / x240 M4 / x240 M5
• x3850 X6 / x3950 X6

Product	Affected Version
Intel® Manycore Platform Software Stack (MPSS) for Linux & Windows	3.8

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: https://www.ibm.com/support/home/docdisplay?lndocid=migr-5099803
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/135488
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/135489

The post IBM Security Bulletin: Vulnerabilities in libxml2 affect Intel® Manycore Platform Software Stack (Intel® MPSS) for Linux and Windows (CVE-2017-16931, CVE-2017-16932) appeared first on IBM PSIRT Blog.

from IBM Product Security Incident Response Team https://ift.tt/2L4aiMv