14 matches found
CVE-2023-25683 IBM PowerVM Hypervisor information disclosure
IBM PowerVM Hypervisor FW950.00 through FW950.71, FW1010.00 through FW1010.40, FW1020.00 through FW1020.20, and FW1030.00 through FW1030.11 could allow an attacker to obtain sensitive information if they gain service access to the HMC. IBM X-Force ID: 247592...
Security Bulletin: This Power System update is being released to address CVE 2023-30440
Summary A vulnerability was identified internally by IBM related to SRIOV virtual function support in PowerVM. An attacker with privileged user access to a logical partition that has an assigned SRIOV virtual function VF may be able to create a Denial of Service of the VF assigned to other logica...
CVE-2023-30440
IBM PowerVM Hypervisor FW860.00 through FW860.B3, FW950.00 through FW950.70, FW1010.00 through FW1010.50, FW1020.00 through FW1020.30, and FW1030.00 through FW1030.10 could allow a local attacker with control a partition that has been assigned SRIOV virtual function VF to cause a denial of servic...
CVE-2022-34331
CVE-2022-34331 affects IBM PowerVM Hypervisor (FW950 through FW1010) where a sequence of maintenance operations on SRIOV NICs can misconfigure the adapter and disable the intended VEPA configuration. The IBM/Power9+ PowerVM firmware updates listed as remediation are FW950.50 (950_105), FW1010.40 ...
CVE-2021-38918
CVE-2021-38918 – IBM PowerVM Hypervisor Affected products: IBM PowerVM Hypervisor firmware FW860, FW940, FW950, and FW1010 (Power 8/9/10 platforms listed in the IBM bulletin). What is vulnerable: A specific sequence of VM management operations from the management console (HMC, Novalink, or PowerV...
CVE-2021-38937
IBM PowerVM Hypervisor FW940, FW950, and FW1010 could allow an authenticated user to cause the system to crash using a specially crafted IBMi Hypervisor call. IBM X-Force ID: 210894...
CVE-2021-38937
IBM PowerVM Hypervisor FW940, FW950, and FW1010 could allow an authenticated user to cause the system to crash using a specially crafted IBMi Hypervisor call. IBM X-Force ID: 210894...
Design/Logic Flaw
IBM PowerVM Hypervisor FW940, FW950, and FW1010 could allow an authenticated user to cause the system to crash using a specially crafted IBMi Hypervisor call. IBM X-Force ID: 210894...
CVE-2021-38937
IBM PowerVM Hypervisor CVE-2021-38937 affects FW940, FW950, and FW1010. An authenticated user can trigger a specially crafted IBMi Hypervisor call to crash the system. Remediation is to upgrade to FW940.50(940_095), FW950.30(950_092), FW1010.01(1010_69) or newer. Affected Power VM Hypervisor vers...
Security Bulletin: The PowerVM hypervisor can violate the isolation between peer VMs in certain scenarios
Summary A specific sequence of VM management operations from the management console HMC, Novalink, or PowerVC can lead to a violation of the isolation between peer VMs. Vulnerability Details CVEID: CVE-2021-38918 DESCRIPTION: IBM PowerVM Hypervisor through a specific sequence of VM management...
CVE-2021-38923
IBM PowerVM Hypervisor FW1010 could allow a privileged user to gain access to another VM due to assigning duplicate WWPNs. IBM X-Force ID: 210162...
Code injection
IBM PowerVM Hypervisor FW1010 could allow a privileged user to gain access to another VM due to assigning duplicate WWPNs. IBM X-Force ID: 210162...
CVE-2021-38923
IBM PowerVM Hypervisor FW1010 could allow a privileged user to gain access to another VM due to assigning duplicate WWPNs. IBM X-Force ID: 210162...
CVE-2021-38923
CVE-2021-38923 affects IBM PowerVM Hypervisor FW1010. The vulnerability arises from assigning duplicate WWPNs to virtual fiber channel adapters in peer VMs, which could allow a privileged user to gain access to another VM. Affected product: PowerVM Hypervisor FW1010 (Power 10 lineage). The IBM Se...