Security Advisory Description
In OpenBMC 2.9, crafted IPMI messages allow an attacker to cause a denial of service to the BMC via the netipmid (IPMI lan+) interface.
In OpenBMC 2.9, crafted IPMI messages allow an attacker to bypass authentication and gain full control of the system.
Uncaught exception in webserver for the Integrated BMC in some Intel® platforms before versions 2.86, 2.09 and 2.78 may allow a privileged user to potentially enable denial of service via network access.
Improper input validation in firmware for OpenBMC in some Intel® platforms before versions egs-0.91-179 and bhs-04-45 may allow an authenticated user to potentially enable denial of service via network access.
Out of bounds read in firmware for OpenBMC in some Intel® platforms before version 0.72 may allow unauthenticated user to potentially enable denial of service via network access.
Impact
There is no impact; F5 products are not affected by these vulnerabilities.