4.5
CVE-2025-0986
- EPSS 0.03%
- Veröffentlicht 28.03.2025 13:21:05
- Zuletzt bearbeitet 18.08.2025 19:46:43
- Quelle psirt@us.ibm.com
- CVE-Watchlists
- Unerledigt
IBM PowerVM Hypervisor data manipulation
IBM PowerVM Hypervisor FW1050.00 through FW1050.30 and FW1060.00 through FW1060.20 could allow a local user, under certain Linux processor combability mode configurations, to cause undetected data loss or errors when performing gzip compression using HW acceleration.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Ibm ≫ Powervm Hypervisor Version >= fw1050.00 <= fw1050.30
Ibm ≫ Powervm Hypervisor Version >= fw1060.00 <= fw1060.20
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. 
Login
Login| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.03% | 0.092 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 4.4 | 1.8 | 2.5 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
|
| psirt@us.ibm.com | 4.5 | 1.4 | 2.7 |
CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:L
|
CWE-409 Improper Handling of Highly Compressed Data (Data Amplification)
The product does not handle or incorrectly handles a compressed input with a very high compression ratio that produces a large output.