CNNVD-202602-071 Information

CNNVD ID

CNNVD-202602-071

Related CVE

CVE-2025-36238

• CNNVD Published: 2026-02-02

Description (Chinese)

IBM PowerVM Hypervisor是美国国际商业机器（IBM）公司的一个应用软件。提供了一个安全且可扩展的虚拟化环境，这些应用程序基于 Power Systems 平台的高级 RAS 功能和领先性能而构建。 IBM PowerVM Hypervisor FW1110.00至FW1110.03版本、FW1060.00至FW1060.51版本和FW950.00至FW950.F0版本存在安全漏洞，该漏洞源于具有管理权限的本地用户可能通过一系列PowerVM服务过程从虚拟TPM获取敏感信息。

Description (English)

IBM PowerVM Hypervisor is an application of IBM. A secure and scalable virtual environment is provided for applications based on advanced RAS features and lead performance of the Power Systems platform. IBM PowerVM Hypervisor FW1110.00 to FW1110.03, FW1060.00 to FW1060.51 and FW950.00 to FW950.F0 have security gaps that stem from the possibility that local users with management privileges may obtain sensitive information from virtual TPM through a series of PowerVM service processes.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

国际商业机器

Published

2026-02-02

Last Modified

2026-02-24

References

https://www.ibm.com/support/pages/node/7257556

Patch

https://www.ibm.com/support/pages/node/7257556