CNNVD-202509-1854 Information
CNNVD ID
CNNVD-202509-1854
Related CVE
- CNNVD Published: 2025-09-14
Description (Chinese)
IBM PowerVM Hypervisor是美国国际商业机器(IBM)公司的一个应用软件。提供了一个安全且可扩展的虚拟化环境,这些应用程序基于 Power Systems 平台的高级 RAS 功能和领先性能而构建。 IBM PowerVM Hypervisor FW950.00版本至FW950.E0版本、FW1050.00版本至FW1050.50版本和FW1060.00版本至FW1060.40版本存在安全漏洞,该漏洞源于本地特权用户可通过特制IBM i管理程序调用导致内存内容泄露或消耗过多内存资源,可能导致拒绝服务。
Description (English)
IBM PowerVM Hypervisor is an application of IBM. A secure and scalable virtual environment is provided for applications based on advanced RAS features and lead performance of the Power Systems platform. There are security loopholes in IBM PowerVM Hypervisor FW950.00 versions to FW950.E0, FW1050.00 to FW1050.50 and FW1060.00 to FW1060.40, which stem from the fact that local privileged users can access the IBM i management program, leading to the leakage of memory content or the consumption of excess memory resources, which may lead to the denial of services.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
ICEcoder
Published
2025-09-14
Last Modified
2026-02-24
References
https://www.ibm.com/support/pages/node/7244813 https://access.redhat.com/security/cve/cve-2025-36035
Patch
https://www.ibm.com/support/pages/node/7244813
Share on: