Lucene search
+L

89 matches found

osv
osv
added 3 days ago5 views

RLSA-2026:36211 Moderate: freeipmi security update

The freeipmi packages contain an Intelligent Platform Management Interface IPMI remote console and system management software based on the IPMI specification. Security Fixes: freeipmi: FreeIPMI: Denial of service via buffer overflow in ipmi-oem client CVE-2026-50031 For more details about the...

7.5CVSS6.2AI score0.00405EPSS
Exploits0References2
redhat
redhat
added 3 days ago8 views

freeipmi: buffer overflows on response messages via ipmi-oem

A flaw was found in FreeIPMI. The ipmi-oem program is used to send Intelligent Platform Management Interface IPMI OEM commands for specific hardware vendors to retrieve specific information from the hardware. A malicious server can reply with crafted response messages and cause buffer overflows...

7.5CVSS6.1AI score0.00403EPSS
Exploits0References8
attackerkb
attackerkb
added 6 days ago7 views

CVE-2026-54423

In OpenStack Ironic before 37.0.1, an Ironic user with the ability to deploy nodes using the IPMI management interface can maliciously use the sendraw step to send arbitrary IPMI commands to a node, bypassing Ironic's access control...

8.2CVSS6AI score0.00516EPSS
Exploits0References3Affected Software1
redhat
redhat
added 2026/07/07 2:33 p.m.5 views

freeipmi: FreeIPMI: Denial of service via buffer overflow in ipmi-oem client

A flaw was found in FreeIPMI. Specifically, the ipmi-oem client command, which implements Intelligent Platform Management Interface IPMI OEM commands, contains exploitable buffer overflows. A remote attacker could exploit these vulnerabilities by sending specially crafted response messages to the...

7.5CVSS6.1AI score0.00405EPSS
Exploits0References7
osv
osv
added 2026/07/07 12:0 a.m.3 views

ALSA-2026:36307 Moderate: freeipmi security update

The freeipmi packages contain an Intelligent Platform Management Interface IPMI remote console and system management software based on the IPMI specification. Security Fixes: freeipmi: FreeIPMI: Denial of service via buffer overflow in ipmi-oem client CVE-2026-50031 For more details about the...

7.5CVSS6.2AI score0.00405EPSS
Exploits0References4
osv
osv
added 2026/07/07 12:0 a.m.3 views

ALSA-2026:36211 Moderate: freeipmi security update

The freeipmi packages contain an Intelligent Platform Management Interface IPMI remote console and system management software based on the IPMI specification. Security Fixes: freeipmi: FreeIPMI: Denial of service via buffer overflow in ipmi-oem client CVE-2026-50031 For more details about the...

7.5CVSS6.2AI score0.00405EPSS
Exploits0References4
osv
osv
added 2026/06/19 2:13 p.m.2 views

SUSE-SU-2026:22243-1 Security update for freeipmi

This update for freeipmi fixes the following issue - CVE-2026-50031: denial of service via buffer overflow in ipmi-oem client bsc1267605...

7.5CVSS6AI score0.00405EPSS
Exploits0References3
mscve
mscve
added 2026/05/29 8:6 a.m.8 views

ipmi: Add limits to event and receive message requests

...

7.5CVSS5.4AI score0.00501EPSS
Exploits0
osv
osv
added 2026/05/28 10:16 a.m.6 views

UBUNTU-CVE-2026-46108

In the Linux kernel, the following vulnerability has been resolved: ipmi:si: Return state to normal if message allocation fails There were places where nothing would get started if a message allocation failed, so the driver needs to return to normal state...

5.5CVSS5.7AI score0.00123EPSS
Exploits0References8
osv
osv
added 2026/05/28 9:36 a.m.4 views

CVE-2026-46177 ipmi: Add limits to event and receive message requests

In the Linux kernel, the following vulnerability has been resolved: ipmi: Add limits to event and receive message requests The driver would just fetch events and receive messages until the BMC said it was done. To avoid issues with BMCs that never say they are done, add a limit of 10 fetches at a...

7.5CVSS5.8AI score0.00501EPSS
Exploits0References11
cve
cve
added 2026/05/28 9:35 a.m.30 views

CVE-2026-46128

The CVE-2026-46128 issue concerns the Linux kernel IPMI event message handling. The root cause is an insufficiently validated event message buffer/data size occurring when fetching events, with some BMCs returning an empty message instead of an error. This leads to a potential failure in processi...

5.5CVSS5.8AI score0.00128EPSS
Exploits0References8Affected Software1
euvd
euvd
added 2026/05/28 9:35 a.m.12 views

EUVD-2026-32887

In the Linux kernel, the following vulnerability has been resolved: ipmi: Check event message buffer response for bad data The event message buffer response data size got checked later when processing, but check it right after the response comes back. It appears some BMCs may return an empty...

5.8AI score0.00128EPSS
Exploits0References5
cvelist
cvelist
added 2026/05/28 9:35 a.m.38 views

CVE-2026-46108 ipmi:si: Return state to normal if message allocation fails

In the Linux kernel, the following vulnerability has been resolved: ipmi:si: Return state to normal if message allocation fails There were places where nothing would get started if a message allocation failed, so the driver needs to return to normal state...

0.00123EPSS
Exploits0References8
cnnvd
cnnvd
added 2026/05/28 12:0 a.m.12 views

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the failure to promptly check the response data in the IPMI event message buffer. This could lead to...

5.8AI score0.00128EPSS
Exploits0References5
nvd
nvd
added 2026/05/27 2:17 p.m.15 views

CVE-2026-46044

In the Linux kernel, the following vulnerability has been resolved: ipmi:ssif: Clean up kthread on errors If an error occurs after the ssif kthread is created, but before the main IPMI code starts the ssif interface, the ssif kthread will not be stopped. So make sure the kthread is stopped on an...

5.5CVSS0.00123EPSS
Exploits0References6
ptsecurity
ptsecurity
added 2026/05/27 12:0 a.m.16 views

PT-2026-43911

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified openSUSE Tumbleweed versions prior to kernel-devel-7.0.11-1.1 Description An issue exists in the ipmi:ssif component where a kernel thread kthread is not properly stopped if an error occurs after it...

5.5CVSS6AI score0.00123EPSS
Exploits0
redhat
redhat
added 2026/05/26 4:7 a.m.12 views

Moderate: Red Hat Security Advisory: freeipmi security update

An update for freeipmi is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

7.5CVSS6AI score0.00403EPSS
Exploits0References2
osv
osv
added 2026/05/26 12:0 a.m.11 views

ALSA-2026:20579 Moderate: freeipmi security update

The freeipmi packages contain an Intelligent Platform Management Interface IPMI remote console and system management software based on the IPMI specification. Security Fixes: freeipmi: buffer overflows on response messages via ipmi-oem CVE-2026-33554 For more details about the security issues,...

7.5CVSS6AI score0.00403EPSS
Exploits0References4
astralinux
astralinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: ipmi: Fixed UAF when uninstalling the ipmisi and ipmimsghandler modules Hi, During testing the installation and uninstallation of the ipmisi.ko and ipmimsghandler.ko modules, the system crashed. The log contains the following...

5.5CVSS6.5AI score0.00239EPSS
Exploits0References2
osv
osv
added 2026/05/06 12:5 p.m.6 views

RLSA-2026:13515 Moderate: freeipmi security update

The freeipmi packages contain an Intelligent Platform Management Interface IPMI remote console and system management software based on the IPMI specification. Security Fixes: freeipmi: buffer overflows on response messages via ipmi-oem CVE-2026-33554 For more details about the security issues,...

8.8CVSS6AI score0.00403EPSS
Exploits0References2
Rows per page
Query Builder