CVE-2025-36035

Summary

IBM PowerVM Hypervisor FW950.00 through FW950.E0, FW1050.00 through FW1050.50, and FW1060.00 through FW1060.40 could allow a local privileged user to cause a denial of service by issuing a specially crafted IBM i hypervisor call that would disclose memory contents or consume excessive memory resources.

Affected Software

VendorProductVersion RangeStatus
IBMPowerVM HypervisorFW950.00 <= FW950.E0affected
IBMPowerVM HypervisorFW1050.00 <= FW1050.50affected
IBMPowerVM HypervisorFW1060.00 <= FW1060.40affected

Weaknesses

  • CWE-770: CWE-770 Allocation of Resources Without Limits or Throttling

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References