FKIE_CVE-2025-36194

Vulnerability from fkie_nvd - Published: 2026-02-02 23:15 - Updated: 2026-02-19 14:46
Severity ?
2.8 (Low) - CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:N/A:N
3.3 (Low) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Summary
IBM PowerVM Hypervisor FW1110.00 through FW1110.03, FW1060.00 through FW1060.51, and FW950.00 through FW950.F0 may expose a limited amount of data to a peer partition in specific shared processor configurations during certain operations.
References
psirt@us.ibm.comhttps://www.ibm.com/support/pages/node/7257555Vendor Advisory
Impacted products
Vendor Product Version
ibm powervm_hypervisor fw950.00
ibm powervm_hypervisor fw950.10
ibm powervm_hypervisor fw950.11
ibm powervm_hypervisor fw950.20
ibm powervm_hypervisor fw950.30
ibm powervm_hypervisor fw950.40
ibm powervm_hypervisor fw950.50
ibm powervm_hypervisor fw950.60
ibm powervm_hypervisor fw950.70
ibm powervm_hypervisor fw950.71
ibm powervm_hypervisor fw950.80
ibm powervm_hypervisor fw950.90
ibm powervm_hypervisor fw950.a0
ibm powervm_hypervisor fw950.b0
ibm powervm_hypervisor fw950.c0
ibm powervm_hypervisor fw950.c1
ibm powervm_hypervisor fw950.c2
ibm powervm_hypervisor fw950.d0
ibm powervm_hypervisor fw950.d1
ibm powervm_hypervisor fw950.e0
ibm powervm_hypervisor fw950.e1
ibm powervm_hypervisor fw950.f0
ibm powervm_hypervisor fw1060.00
ibm powervm_hypervisor fw1060.10
ibm powervm_hypervisor fw1060.12
ibm powervm_hypervisor fw1060.20
ibm powervm_hypervisor fw1060.21
ibm powervm_hypervisor fw1060.40
ibm powervm_hypervisor fw1060.41
ibm powervm_hypervisor fw1060.50
ibm powervm_hypervisor fw1060.51
ibm powervm_hypervisor fw1110.00
ibm powervm_hypervisor fw1110.01
ibm powervm_hypervisor fw1110.03
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:powervm_hypervisor:fw950.00:*:*:*:*:*:*:*",
              "matchCriteriaId": "632A24F5-C141-4C25-9EC7-45D2EAB42485",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:powervm_hypervisor:fw950.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "9761698A-9082-40BB-8F55-317C88743317",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:powervm_hypervisor:fw950.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "79E8EED1-9815-4855-817A-3AADADE7349C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:powervm_hypervisor:fw950.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "6CB10FCF-6B15-4A56-827F-201133821A39",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:powervm_hypervisor:fw950.30:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B14954B-DF10-4245-A9CC-1D230DF4BD0A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:powervm_hypervisor:fw950.40:*:*:*:*:*:*:*",
              "matchCriteriaId": "B786DA7F-CDDF-42FF-88B9-CF7F87EDB413",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:powervm_hypervisor:fw950.50:*:*:*:*:*:*:*",
              "matchCriteriaId": "E485A8B0-B757-463D-A39D-DD54D8B9991A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:powervm_hypervisor:fw950.60:*:*:*:*:*:*:*",
              "matchCriteriaId": "376DE841-A509-43E6-8C7D-B2D797A8320B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:powervm_hypervisor:fw950.70:*:*:*:*:*:*:*",
              "matchCriteriaId": "8148844C-CE2F-47DF-931D-4C645C8A6991",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:powervm_hypervisor:fw950.71:*:*:*:*:*:*:*",
              "matchCriteriaId": "E9634703-C057-493F-A06C-202296BDF95D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:powervm_hypervisor:fw950.80:*:*:*:*:*:*:*",
              "matchCriteriaId": "5BD06A7C-90F4-4417-80D9-FFDF5575475A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:powervm_hypervisor:fw950.90:*:*:*:*:*:*:*",
              "matchCriteriaId": "B78BA924-5621-437F-9736-9CDA49534333",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:powervm_hypervisor:fw950.a0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E0ADB1F8-7422-4E3B-9E5E-211DB5342127",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:powervm_hypervisor:fw950.b0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A960A5D0-4BB3-4075-9D12-150CEA36FFF3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:powervm_hypervisor:fw950.c0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3FFE786C-F1F2-4473-B66E-E181BC44DA52",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:powervm_hypervisor:fw950.c1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4CBC82F4-731B-4171-A272-38D8DDE5DF32",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:powervm_hypervisor:fw950.c2:*:*:*:*:*:*:*",
              "matchCriteriaId": "88E44CA9-CB56-4583-9756-13E6410C1A22",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:powervm_hypervisor:fw950.d0:*:*:*:*:*:*:*",
              "matchCriteriaId": "AE48A31D-9DFF-4CF1-9383-1DD7B30244C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:powervm_hypervisor:fw950.d1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4FB59886-C52E-4007-9591-A12162368461",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:powervm_hypervisor:fw950.e0:*:*:*:*:*:*:*",
              "matchCriteriaId": "64CE106E-E157-4559-B9A4-D40BC46CB3EC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:powervm_hypervisor:fw950.e1:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D01DFA9-5E4B-471D-9EC7-AFD598F7E024",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:powervm_hypervisor:fw950.f0:*:*:*:*:*:*:*",
              "matchCriteriaId": "86F8E3AD-FAE9-48BE-990D-F81A5092A042",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:powervm_hypervisor:fw1060.00:*:*:*:*:*:*:*",
              "matchCriteriaId": "911607B1-E5D6-49D4-AA0C-474694B59FEC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:powervm_hypervisor:fw1060.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "D742B8BB-7672-405B-A367-7ECF984A645A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:powervm_hypervisor:fw1060.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "2A328209-CF34-4EE6-8AAF-AE336081C3F8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:powervm_hypervisor:fw1060.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "9FDE0E8C-1488-4E37-9A26-32DE8AE97481",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:powervm_hypervisor:fw1060.21:*:*:*:*:*:*:*",
              "matchCriteriaId": "2057DC3F-B929-4496-A19C-C9506153318F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:powervm_hypervisor:fw1060.40:*:*:*:*:*:*:*",
              "matchCriteriaId": "D395E59B-1470-4B61-B6F9-7256224A4B00",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:powervm_hypervisor:fw1060.41:*:*:*:*:*:*:*",
              "matchCriteriaId": "EB4EEDC4-18A6-4B92-9DBF-2A2622089A3C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:powervm_hypervisor:fw1060.50:*:*:*:*:*:*:*",
              "matchCriteriaId": "1CD4F341-EFBC-44D8-A396-86EA2C1D925A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:powervm_hypervisor:fw1060.51:*:*:*:*:*:*:*",
              "matchCriteriaId": "F432C112-51A5-4F85-9073-D7DC0EC651C5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:powervm_hypervisor:fw1110.00:*:*:*:*:*:*:*",
              "matchCriteriaId": "54D6C052-6E19-49C2-8BA8-99233EF9C8E4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:powervm_hypervisor:fw1110.01:*:*:*:*:*:*:*",
              "matchCriteriaId": "C9E9EB5E-FB7A-4F54-958F-451568C9CA62",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:powervm_hypervisor:fw1110.03:*:*:*:*:*:*:*",
              "matchCriteriaId": "C35A539E-155C-4643-B43C-65FA91F2CBD9",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "IBM PowerVM Hypervisor FW1110.00 through FW1110.03, FW1060.00 through FW1060.51, and FW950.00 through FW950.F0 may expose a limited amount of data to a peer partition in specific shared processor configurations during certain operations."
    },
    {
      "lang": "es",
      "value": "IBM PowerVM Hypervisor FW1110.00 hasta FW1110.03, FW1060.00 hasta FW1060.51, y FW950.00 hasta FW950.F0 podr\u00edan exponer una cantidad limitada de datos a una partici\u00f3n par en configuraciones espec\u00edficas de procesador compartido durante ciertas operaciones."
    }
  ],
  "id": "CVE-2025-36194",
  "lastModified": "2026-02-19T14:46:37.653",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "LOCAL",
          "availabilityImpact": "NONE",
          "baseScore": 2.8,
          "baseSeverity": "LOW",
          "confidentialityImpact": "LOW",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:N/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 1.1,
        "impactScore": 1.4,
        "source": "psirt@us.ibm.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "NONE",
          "baseScore": 3.3,
          "baseSeverity": "LOW",
          "confidentialityImpact": "LOW",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 1.4,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2026-02-02T23:15:59.210",
  "references": [
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.ibm.com/support/pages/node/7257555"
    }
  ],
  "sourceIdentifier": "psirt@us.ibm.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-1262"
        }
      ],
      "source": "psirt@us.ibm.com",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.