Denial of Service Vulnerability in IBM PowerVM Hypervisor
CVE-2021-29795

6MEDIUM

Key Information:

Vendor: IBM
Status: Powervm Hypervisor
Vendor: CVE Published:; 21 September 2021

Summary

A local user could potentially exploit a series of specifically crafted hypervisor calls within IBM PowerVM Hypervisor FW860, FW930, FW940, and FW950, leading to system instability and crashes. This vulnerability poses significant risks to users, disrupting operations and providing unauthorized access to critical system functions. Proper mitigations should be applied to prevent potential exploitation.

Affected Version(s)

PowerVM Hypervisor FW930

PowerVM Hypervisor FW940

PowerVM Hypervisor FW950

References

https://www.ibm.com/support/pages/node/6490877

x_refsource_CONFIRM

https://exchange.xforce.ibmcloud.com/vulnerabilities/203557

vdb-entryx_refsource_XF

CVSS V3.1

Score:

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Changed

Timeline

Vulnerability published
Sep 21, 2021
Vulnerability Reserved
Mar 31, 2021