UBUNTU-CVE-2026-46108

In the Linux kernel, the following vulnerability has been resolved: ipmi:si: Return state to normal if message allocation fails There were places where nothing would get started if a message allocation failed, so the driver needs to return to normal state...

EUVD-2026-32887

In the Linux kernel, the following vulnerability has been resolved: ipmi: Check event message buffer response for bad data The event message buffer response data size got checked later when processing, but check it right after the response comes back. It appears some BMCs may return an empty...

CVE-2026-46128

The CVE covers a Linux kernel IPMI issue where event message buffer data size was only validated later in processing instead of immediately after the response. Some BMCs may return an empty message rather than signaling an error when fetching events. The available connected documents indicate thi...

CVE-2026-46108 ipmi:si: Return state to normal if message allocation fails

In the Linux kernel, the following vulnerability has been resolved: ipmi:si: Return state to normal if message allocation fails There were places where nothing would get started if a message allocation failed, so the driver needs to return to normal state...

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the failure to promptly check the response data in the IPMI event message buffer. This could lead to...

CVE-2026-46044

In the Linux kernel, the following vulnerability has been resolved: ipmi:ssif: Clean up kthread on errors If an error occurs after the ssif kthread is created, but before the main IPMI code starts the ssif interface, the ssif kthread will not be stopped. So make sure the kthread is stopped on an...

PT-2026-43911

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified openSUSE Tumbleweed versions prior to kernel-devel-7.0.11-1.1 Description An issue exists in the ipmi:ssif component where a kernel thread kthread is not properly stopped if an error occurs after it...

Moderate: Red Hat Security Advisory: freeipmi security update

An update for freeipmi is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

ALSA-2026:20579 Moderate: freeipmi security update

The freeipmi packages contain an Intelligent Platform Management Interface IPMI remote console and system management software based on the IPMI specification. Security Fixes: freeipmi: buffer overflows on response messages via ipmi-oem CVE-2026-33554 For more details about the security issues,...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: “Revert ‘ipmi: fix msg stack when IPMI is disconnected’” This change is reflected in the commit c608966f3f9c2dca596967501d00753282b395fc. This patch contains a subtle bug that can cause the IPMI driver to enter an infinite loop i...

RLSA-2026:13515 Moderate: freeipmi security update

The freeipmi packages contain an Intelligent Platform Management Interface IPMI remote console and system management software based on the IPMI specification. Security Fixes: freeipmi: buffer overflows on response messages via ipmi-oem CVE-2026-33554 For more details about the security issues,...

CVE-2026-43221

CVE-2026-43221 affects Linux kernel IPMI/IPMB: the event handler responsible for IPMB read bytes may fail to initialize reads, causing an I2C read to return an uninitialised value from the bus driver. This is described across multiple advisories (Root-OS-UBUNTU-2404, SUSE, Red Hat) as a patchable...

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: ipmi: Fixed UAF when uninstalling the ipmisi and ipmimsghandler modules Hi, During testing the installation and uninstallation of the ipmisi.ko and ipmimsghandler.ko modules, the system crashed. The log message is as follows:...

CVE-2026-23322

In the Linux kernel, the following vulnerability has been resolved: ipmi: Fix use-after-free and list corruption on sender error The analysis from Breno: When the SMI sender returns an error, smiwork delivers an error response but then jumps back to restart without cleaning up properly: 1...

EUVD-2026-14899

ipmi-oem in FreeIPMI before 1.16.17 has exploitable buffer overflows on response messages. The Intelligent Platform Management Interface IPMI specification defines a set of interfaces for platform management. It is implemented by a large number of hardware manufacturers to support system...

UBUNTU-CVE-2026-33554

ipmi-oem in FreeIPMI before 1.16.17 has exploitable buffer overflows on response messages. The Intelligent Platform Management Interface IPMI specification defines a set of interfaces for platform management. It is implemented by a large number of hardware manufacturers to support system...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-000317)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000317 advisory. In the Linux kernel before 4.20.5, attackers can trigger a drivers/char/ipmi/ipmimsghandler.c use-after- free and OOPS by arranging for certain simultaneous executio...

EUVD-2022-55728

In the Linux kernel, the following vulnerability has been resolved: ipmi: fix use after free in ipmidestroyuser The intffree function frees the "intf" pointer so we cannot dereference it again on the next line...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a post-release reuse issue in ipmidestroyuser...

TencentOS Server 4: OpenIPMI (TSSA-2024:0414)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:0414 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...