Operational Defect Database
BugZero found this defect 396 days ago.
Data sources
All data on this page is proprietary to BugZero® or gathered from public sources
Hewlett Packard Enterprise | a00131594en_us
Advisory: HPE Integrated Lights-Out 6 (iLO 6) – FIRMWARE UPDATE REQUIRED: HPE ProLiant RL300 Gen11 Server has a Required Update to iLO 6 v1.35 (or Later) and System ROM v1.20 (or Later)
Last update date:
1/26/2024
Affected products:
HPE ProLiant RL300 Gen11
Affected releases:
No affected releases provided.
Fixed releases:
No fixed releases provided.
Description:
Info
IMPORTANT: The iLO 6 v1.35 firmware and System ROM v1.20 firmware are considered critical fixes and are required to avoid the issue detailed below. HPE strongly recommends immediate application of this critical fix. By disregarding this notification and not performing the recommended resolution, the customer accepts the risk of incurring future related errors. For HPE ProLiant RL300 servers, the required firmware is iLO 6 v1.35 (or later) and System ROM v1.20 (or later), iLO 6 v1.05 firmware has a security issue that can result in the system being vulnerable to exploits by attackers with physical access inside the server chassis. After upgrading to HPE ProLiant RL300 System ROM v1.12 and HPE Integrated Lights-Out 6 (iLO 6) firmware v1.35 (or later), the system cannot boot. When this occurs, the following is displayed in the Integrated Management Log (IML) iLO detected invalid System ROM firmware This does not occur with iLO 6 firmware v1.05 and HPE ProLiant RL300 System ROM v1.12.
Scope
HPE ProLiant RL300 Gen11 servers.
Resolution
Customers are required to perform the following updates: iLO 6 v1.35 And ROM Flash Firmware Package - HPE ProLiant RL300 Gen11 (R11) Or System ROM Flash Binary and SCP - HPE ProLiant RL300 Gen11 (R11) Servers Refer to details given below for the sequence to be followed for applying the updates. IMPORTANT : Disregarding the sequence below may cause the system to fail to boot and require recovery (recovery steps explained below). For HPE ProLiant RL300 Gen11 servers with iLO 6 v1.05 and System ROM v1.10 or v1.12, performing the following steps in the specific order: Update System ROM version to v1.20 (or later) using the iLO 6 web interface Update iLO 6 firmware version to v1.35 (or later) using the iLO 6 web interface Note : If the server is updated to HPE Integrated Lights-Out 6 (iLO 6) firmware v1.35 (or later) when using HPE ProLiant RL300 System ROM v1.12, the system cannot boot. HPE ProLiant RL300 System ROM v1.12 will be unpublished. Perform the following steps to recover the system. Upgrade System ROM to v1.20 (or later) using the iLO 6 web interface Or Downgrade the System ROM to v1.10 (or later) using the iLO 6 web interface Refer to the iLO 6 v1.35 User Guide for steps to update the firmware using the iLO 6 web interface. RECEIVE PROACTIVE UPDATES : Receive support alerts (such as Customer Advisories), as well as updates on drivers, software, firmware, and customer replaceable components, proactively in your e-mail through HPE Support Alerts. Sign up for Support Alerts at the following URL: HPE Email Preference Center NAVIGATION TIP: For hints on navigating HPE.com to locate the latest drivers, patches and other support software downloads, refer to the Navigation Tips document. SEARCH TIP: For hints on locating similar documents on HPE.com, refer to the Search Tips document.
