CVE-2023-30440

HIGH Year: 2023
CVSS v3 Score
7.9
High
Weakness Type
CWE-20
View all →

Vulnerability Description

IBM PowerVM Hypervisor FW860.00 through FW860.B3, FW950.00 through FW950.70, FW1010.00 through FW1010.50, FW1020.00 through FW1020.30, and FW1030.00 through FW1030.10 could allow a local attacker with control a partition that has been assigned SRIOV virtual function (VF) to cause a denial of service to a peer partition or arbitrary data corruption. IBM X-Force ID: 253175.

Related Vulnerabilities

CVE-2016-9379

HIGH
CVSS:7.9(High)

The pygrub boot loader emulator in Xen, when S-expression output format is requested, allows local pygrub-using guest OS administrators to read or delete arbitrary files on the host via string quotes ...

CWE-202016

CVE-2022-42269

HIGH
CVSS:7.9(High)

NVIDIA Trusted OS contains a vulnerability in an SMC call handler, where failure to validate untrusted input may allow a highly privileged local attacker to cause information disclosure and compromise...

CWE-202022

CVE-2023-45745

HIGH
CVSS:7.9(High)

Improper input validation in some Intel(R) TDX module software before version 1.5.05.46.698 may allow a privileged user to potentially enable escalation of privilege via local access.

CWE-202023

CVE-2024-21978

HIGH
CVSS:7.9(High)

Improper input validation in SEV-SNP could allow a malicious hypervisor to read or overwrite guest memory potentially leading to data leakage or data corruption.

CWE-202024

CVE-2024-52880

HIGH
CVSS:7.9(High)

An issue was discovered in Insyde InsydeH2O kernel 5.2 before version 05.29.50, kernel 5.3 before version 05.38.50, kernel 5.4 before version 05.46.50, kernel 5.5 before version 05.54.50, kernel 5.6 b...

CWE-202024

CVE-2025-20032

HIGH
CVSS:7.9(High)

Improper input validation for some Intel(R) PROSet/Wireless WiFi Software for Windows before version 23.100 may allow a privileged user to potentially enable denial of service via local access.

CWE-202025