CVE-2025-24332 Authenticated admin user can connect baseband internally from one board to another without needing to re-authentication

Nokia Single RAN AirScale baseband allows an authenticated administrative user access to all physical boards after performing a single login to the baseband system board. The baseband does not re-authenticate the user when they connect from the baseband system board to the baseband capacity board...

CVE-2025-24332 Authenticated admin user can connect baseband internally from one board to another without needing to re-authentication

Nokia Single RAN AirScale baseband allows an authenticated administrative user access to all physical boards after performing a single login to the baseband system board. The baseband does not re-authenticate the user when they connect from the baseband system board to the baseband capacity board...

CVE-2025-24332

Nokia Single RAN AirScale baseband prior to 23R4-SR 3.0 MP is affected. An authenticated administrative user can move laterally across baseband boards via the internal bsoc SSH over the baseband backplane, using an SSH private key on the baseband system board, without re-authentication. This effe...

kernel: use-after-free in drivers/char/ipmi/ipmi_si_intf.c, ipmi_si_mem_io.c, ipmi_si_port_io.c

A flaw was found in the Linux kernel's implementation of IPMI remote baseband access. An attacker, with local access to read /proc/ioports, may be able to create a use-after-free condition when the kernel module is unloaded which may result in privilege escalation...