This portal is to open public enhancement requests against IBM Power Systems products, including IBM i. To view all of your ideas submitted to IBM, create and manage groups of Ideas, or create an idea explicitly set to be either visible by all (public) or visible only to you and IBM (private), use the IBM Unified Ideas Portal (https://ideas.ibm.com).
Shape the future of IBM!
We invite you to shape the future of IBM, including product roadmaps, by submitting ideas that matter to you the most. Here's how it works:
Search existing ideas
Start by searching and reviewing ideas and requests to enhance a product or service. Take a look at ideas others have posted, and add a comment, vote, or subscribe to updateson them if they matter to you. If you can't find what you are looking for,
Post your ideas
Post an idea.
Get feedback from the IBM team and other customers to refine your idea.
Follow the idea through the IBM Ideas process.
Specific links you will want to bookmark for future use
Request work-around for CPU Meltdown and Spectra Issue
Platform ======== Power System 7, 7+, 8, 9 AIX 7.X VIOS 2.X
Description =========== Samsung Electronics Global-ERP system has a concern about CPU Meltdown and Spectre Patch issue. (CVE-2017-5715, CVE-2017-5753, and CVE-2017-5754)
As you know, i-fixes for AIX and VIOS has been released Thu Jan 25, 2018 as below. http://aix.software.ibm.com/aix/efixes/security/spectre_meltdown_advisory.asc
We have provided i-fixes link to customer. CVEID: CVE-2017-5715 CVEID: CVE-2017-5753 CVEID: CVE-2017-5754 http://www-01.ibm.com/support/docview.wss?uid=isg3T1026912
In the market, people say that there's performance issue after installing i-fix for CVE-2017-5715, CVE-2017-5753, and CVE-2017-5754. To prevent performance issue, Oracle RedHat Linux released work-around on their web-site. (disable parameters / https://access.redhat.com/articles/3311301) We could find detail information of RedHat article.
There are two options for disabling variant #2, #3. (There is no way to disable variant #1.)
3. CVE-2017-5753 (variant #1/Spectre) -No way to disable this vulnerability.
Customer wants IBM to check if there is any parameter or work-around for avoiding performance issue after Security Patches for CVE-2017-5754 CVE-2017-5715 and CVE-2017-5753. Via PMR, we couldn't get the answer for this question.
Customer is going to update their AIX and VIOS system to latest version June and July, 2018. According to official site, i-fix will be included in new version as below.
Customer said that they couldn't update their system to latest if new version has IJ03032 and there's no work-around to avoid performance issue.
To prevent performance issue and update system to latest, they want IBM to develop work-around as RedHat has done. Or, can you guarantee that there's no performance impact after installing ifix for CVE-2017-5715, CVE-2017-5753, and CVE-2017-5754?
Do not place IBM confidential, company confidential, or personal information into any field.