HPE Community
Operating System - HP-UX
1833764 Members
2626 Online
110063 Solutions
New Discussion

How do we tell what patches ?(new to AIX and inherited HP)

 
SOLVED
Go to solution
Jim Lynn
Contributor

‎01-16-2002 07:50 AM

‎01-16-2002 07:50 AM

How do we tell what patches ?(new to AIX and inherited HP)

I've been asked to investigate the following - any experience ?
RISK FACTOR: 3

RISK FACTOR EXPLANATION: Any local user can cause a kernel deadlock
condition. The local user requires no special privileges. This condition
cannot be remotely exploited. There are patches available.

IMPACT: Denial of Service
SUMMARY: The HP-UX kernel contains a vulnerability that may allow for
local users to cause a denial of service.
PLATFORMS AFFECTED: Servers,Workstations
Hardware:
Operating Systems: HP-UX
Explanation: HP-UX 10.20 Series 700 and 800

Applications:

BACKGROUND: The problem may occur when a process maps a file to a
memory buffer (using the mmap() system call). If the process attempts to
perform an I/O operation using data from the mapped buffer on the file
descriptor for the mapped file, a kernel deadlock will occur. A local
user could cause a system-wide denial of service.
RECOMMENDATIONS: Predictive Systems recommends applying the appropriate
patches provided by HP.

HP HP-UX 10.20 Series 800:
HP Patch PHKL_24518
I'm really new
0 Kudos
Reply
7 REPLIES 7
Jeff Machols
Esteemed Contributor

‎01-16-2002 07:52 AM

‎01-16-2002 07:52 AM

Re: How do we tell what patches ?(new to AIX and inherited HP)

swlist | grep PHKL_24518
Reply
James R. Ferguson
Acclaimed Contributor

‎01-16-2002 07:54 AM

‎01-16-2002 07:54 AM

Re: How do we tell what patches ?(new to AIX and inherited HP)

Hi Jim:

On 10.20, to determine if you have this patch installed, do:

# swlist -l fileset|grep PHKL_24518

To see all patches and filesets, drop the piped 'grep' above.

Regards!

...JRF...
Reply
harry d brown jr
Honored Contributor

‎01-16-2002 07:54 AM

‎01-16-2002 07:54 AM

Solution

Re: How do we tell what patches ?(new to AIX and inherited HP)

To list software and patches installed, use:

swlist -l

Now, since you inherited this, I'd suggest going to the HP site "IT Resource Center Home", then under "maintenance and support" select "more....", then under "patching" select "custom patch bundles (custom patch manager)", then follow the instructions and get all of the patches up to date.


live free or die
harry
Live Free or Die
Reply
harry d brown jr
Honored Contributor

‎01-16-2002 07:56 AM

‎01-16-2002 07:56 AM

Re: How do we tell what patches ?(new to AIX and inherited HP)

Also,

Before you DO ANYTHING regarding installing or removing patches, create a make_recovery tape!!!


make_recovery -A -v -i -d /dev/rmt/atapedevicehere


live free or die
harry
Live Free or Die
Reply
Sanjay_6
Honored Contributor

‎01-16-2002 08:00 AM

‎01-16-2002 08:00 AM

Re: How do we tell what patches ?(new to AIX and inherited HP)

Hi,

If you want to check whether the patch is there on the system or not, try

swlist -l patch |patch_name

for your case, try

swlist -l patch | grep PHKL_24518

hope this helps.

Regds
0 Kudos
Reply
Jim Lynn
Contributor

‎01-16-2002 09:07 AM

‎01-16-2002 09:07 AM

Re: How do we tell what patches ?(new to AIX and inherited HP)

If the patch is in a bundled set - do you have to go to the HP site or can you break to thebundle down by patch list....
I'm really new
0 Kudos
Reply
James R. Ferguson
Acclaimed Contributor

‎01-16-2002 09:27 AM

‎01-16-2002 09:27 AM

Re: How do we tell what patches ?(new to AIX and inherited HP)

Hi Jim:

You can go to the ITRC Maintenance & Support -> Standard Bundles -> View Support Plus Release and drill into any bundle to see all the patches it contains.

On the Support Plus Release Index page there, you can also find recent Support Plus bundles that contain a particular patch by entering its number (PHxx_nnnn).

Don't worry about selecting a patch from the patch database that has been superseded. You will be automatically advised of this and can select the successor.

Regards!

...JRF...
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.