Request a Demo
Rewterz
Rewterz Threat Advisory – CVE-2021-4038 – McAfee Network Security Manager
December 13, 2021
Rewterz
Rewterz Threat Advisory – CVE-2018-25020 – Linux Kernel Vulnerability
December 13, 2021

Rewterz Threat Advisory – Multiple IBM PowerVM Hypervisor Vulnerabilities

Severity

Medium

Analysis Summary

CVE-2021-38937

IBM PowerVM Hypervisor FW940, FW950, and FW1010 could allow an authenticated user to cause the system to crash using a specially crafted IBMi Hypervisor call.

CVE-2021-38917

IBM PowerVM Hypervisor FW860, FW940, and FW950 could allow an attacker that gains service access to the FSP can read and write arbitrary host system memory through a series of carefully crafted service procedures

Impact

  • Denial of Service
  • Security Bypass

Affected Vendors

IBM

Affected Products

  • IBM PowerVM Hypervisor FW940
  • IBM PowerVM Hypervisor FW950
  • IBM PowerVM Hypervisor FW1010

Remediation

Refer to IBM Security Advisory for patch, upgrade or suggested workaround information.

CVE-2021-38937 

https://www.ibm.com/support/pages/node/6525014

CVE-2021-38917

https://www.ibm.com/support/pages/node/6525010