IBM PowerVM Hypervisor denial of service
CVE-2023-30440

6.7MEDIUM

Key Information:

Vendor: IBM
Status: Powervm Hypervisor
Vendor: CVE Published:; 23 May 2023

What is CVE-2023-30440?

The vulnerability in IBM PowerVM Hypervisor allows a local attacker with control of a partition assigned a SRIOV virtual function to disrupt services in a peer partition, which can lead to denial of service or arbitrary data corruption. This could have significant implications for the integrity and availability of virtualized environments.

Affected Version(s)

PowerVM Hypervisor FW860.00

PowerVM Hypervisor FW950.00

PowerVM Hypervisor FW1010.00

References

https://www.ibm.com/support/pages/node/6997133

vendor-advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/253175

vdb-entry

CVSS V3.1

Score:

6.7

Severity:

MEDIUM

Confidentiality:

None

Integrity:

Low

Availability:

None

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 23, 2023
Vulnerability Reserved
Apr 8, 2023