IBM Security Bulletin: Multiple Foreshadow Spectre Variant vulnerabilities affect IBM OS Image for Red Hat Linux Systems in IBM PureApplication System (CVE-2018-3615 CVE-2018-3620 CVE-2018-3646)

Jan 25, 2019 9:01 am EST

Categorized: High Severity

Share this post:

There are multiple vulnerabilities that affect the IBM OS Image for Red Hat Linux Systems in IBM PureApplication System. IBM has released Version 2.2.5.3 for IBM PureApplication System, in response to CVE-2018-3615, CVE-2018-3620, and CVE-2018-3646. The products that are identified for this support are: – PureApplication System – PureApplication Software – PureApplication Service IBM OS Image for Red Hat Linux Systems has addressed the following vulnerabilities.

CVE(s): CVE-2018-3646, CVE-2018-3615, CVE-2018-3620

Affected product(s) and affected version(s):

IBM PureApplication System V2.2.3.0
IBM PureApplication System V2.2.3.1
IBM PureApplication System V2.2.3.2
IBM PureApplication System V2.2.4.0
IBM PureApplication System V2.2.5.0
IBM PureApplication System V2.2.5.1
IBM PureApplication System V2.2.5.2

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://www.ibm.com/support/docview.wss?uid=ibm10794637
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/148319
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/148320
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/148318

from IBM Product Security Incident Response Team https://ibm.co/2Wkr2V3