CVE-2025-0986 MEDIUM

CVE-2025-0986: IBM PowerVM Hypervisor data manipulation

Vendor Ibm
Product PowerVM Hypervisor
Weakness CWE-409
Published March 28, 2025
Last update September 1, 2025

CVSS base score

4.5/10
Attack vector Local
Attack complexity High
Privileges required None
User interaction None
Confidentiality None
Integrity Low

CVSS vector

CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:L

What the vulnerability does

01Description

IBM PowerVM Hypervisor FW1050.00 through FW1050.30 and FW1060.00 through FW1060.20 could allow a local user, under certain Linux processor combability mode configurations, to cause undetected data loss or errors when performing gzip compression using HW acceleration.

Key dates

02Disclosure timeline

March 28, 2025 CVE published
September 1, 2025 Record updated