CVE-2025-36035

CWE-770Allocation without Limits3 documents3 sources
Severity
5.1MEDIUM
EPSS
0.0%
top 97.69%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
IBM Powervm Hypervisor
Timeline
PublishedSep 14

Description

IBM PowerVM Hypervisor FW950.00 through FW950.E0, FW1050.00 through FW1050.50, and FW1060.00 through FW1060.40 could allow a local privileged user to cause a denial of service by issuing a specially crafted IBM i hypervisor call that would disclose memory contents or consume excessive memory resources.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:N/A:HExploitability: 1.5 | Impact: 4.7

Affected Packages2 packages

CVEListV5ibm/powervm_hypervisorFW950.00FW950.E0+2
NVDibm/powervm_hypervisorFW950.00FW950.E0+2

🔴Vulnerability Details

2
GHSA
GHSA-mj6x-h8pr-f5jh: IBM PowerVM Hypervisor FW9502025-09-14
CVEList
IBM PowerVM Hypervisor denial of service2025-09-14
CVE-2025-36035 (MEDIUM CVSS 5.1) | IBM PowerVM Hypervisor FW950.00 thr | cvebase.io