IBM PowerVM Novalink are vulnerable to a denial of service, caused by sending a specially-crafted request. A remote attacker could exploit this vulnerability to cause the server to consume memory resources.

Project Subscriptions

Vendors Products
Powervm Novalink Subscribe
Advisories

No advisories yet.

Fixes

Solution

IBM strongly recommends addressing the vulnerability now by upgrading based on the table below. ProductVersionRemediationPowerVM Novalink 2.2.1.1 Update to pvm-novalink-2.2.1.1-260708 https://public.dhe.ibm.com/systems/virtualization/Novalink/readme/NovaLink_2.2.1.1_readme.html or Update to pvm-novalink-2.3.3-260714 https://public.dhe.ibm.com/systems/virtualization/Novalink/readme/NovaLink_2.3.3_readme.html PowerVM Novalink 2.3.3 Update to pvm-novalink-2.3.3-260714 https://public.dhe.ibm.com/systems/virtualization/Novalink/readme/NovaLink_2.3.3_readme.html


Workaround

No workaround given by the vendor.

History

Fri, 17 Jul 2026 18:45:00 +0000

Type Values Removed Values Added
Description IBM PowerVM Novalink are vulnerable to a denial of service, caused by sending a specially-crafted request. A remote attacker could exploit this vulnerability to cause the server to consume memory resources.
Title Vulnerabilities in IBM WebSphere Application affects IBM PowerVM Novalink.
First Time appeared Ibm
Ibm powervm Novalink
Weaknesses CWE-400
CPEs cpe:2.3:a:ibm:powervm_novalink:2.2.02.2.12.2.1.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:powervm_novalink:2.3.02.3.0.12.3.12.3.2:*:*:*:*:*:*:*
Vendors & Products Ibm
Ibm powervm Novalink
References
Metrics cvssV3_1

{'score': 7.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H'}


Projects

Sign in to view the affected projects.

cve-icon MITRE

Status: PUBLISHED

Assigner: ibm

Published:

Updated: 2026-07-17T18:26:10.326Z

Reserved: 2026-05-21T14:37:46.761Z

Link: CVE-2026-9171

cve-icon Vulnrichment

No data.

cve-icon NVD

No data.

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.

Weaknesses