Security Bulletin: The PowerVM hypervisor is vulnerable to a specially crafted sequence of hypervisor calls from a partition that can lead to a system crash

Summary

An attacker that gains total control of a virtual machine running on the PowerVM hypervisor could issue a specially crafted sequence of hypervisor calls that will lead to a system crash and and an outage of all virtual machines running on the same system

Vulnerability Details

CVEID:CVE-2021-29795
**DESCRIPTION:**IBM PowerVM hypervisor could allow a local user to create a specially crafted sequence of hypervisor calls from a partition that could crash the system.
CVSS Base score: 6
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/203557 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H)

Affected Products and Versions

Affected Product(s)
| Version(s)

—|—
PowerVM Hypervisor
| FW860

PowerVM Hypervisor| FW930

PowerVM Hypervisor| FW940
PowerVM Hypervisor| FW950

Remediation/Fixes

Customers with the products below should install FW860.A0(860_231), FW930.50(930_145), FW940.40(940_080), FW950.10(950_072) or newer to remediate this concern.

Power 8

1. IBM Power System S812 (8284-21A)

2. IBM Power System S822 (8284-22A)

3. IBM Power System S814 (8286-41A)

4. IBM Power System S824 (8286-42A)

5. IBM Power System E850 (8408-E8E)

6. IBM Power System E850C (8408-44E)

7. IBM Power System E870 (9119-MME)

8. IBM Power System E880 (9119-MHE)

9. IBM Power System E870C (9080-MME)

10. IBM Power System E880C (9080-MHE)

Power 9

1. IBM Power System S922 (9009-22A, 9009-22G)

2. IBM Power System H922 (9223-22H, 9223-22S)

3. IBM Power System S914 (9009-41A, 9009-41G)

4. IBM Power System S924 (9009-42A, 9009-42G)

5. IBM Power System H924 (9223-42H, 9223-42S)

6. IBM Power System E950 (9040-MR9)

7. IBM Power System E980 (9080-M98, 9080-M9S)

Workarounds and Mitigations

None