160 matches found
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: ipmi: Fixed use-after-free and list corruption on sender errors According to the analysis by Breno: When the SMI sender returns an error, smiwork delivers an error response but then jumps back to restart without properly cleaning...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: ipmi:ipmb: Fixed the refcount leak in ipmiipmbprobe. ofparsephandle returns a node pointer with a refcount incremented; we should use ofnodeput on it after processing. Added ofnodeput to prevent the refcount leak from occurrin...
CVE-2026-50031
ipmi-oem in FreeIPMI before 1.6.18 has exploitable buffer overflows on response messages. The Intelligent Platform Management Interface IPMI specification defines a set of interfaces for platform management. It is implemented by a large number of hardware manufacturers to support system managemen...
Linux Distros Unpatched Vulnerability : CVE-2026-50031
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ipmi-oem in FreeIPMI before 1.6.18 has exploitable buffer overflows on response messages. The Intelligent Platform Management Interface IPMI specification defin...
freeipmi security update
An update is available for freeipmi. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The freeipmi packages contain an Intelligent Platform Management Interface...
ipmi: Check event message buffer response for bad data
...
SUSE CVE-2026-46128
In the Linux kernel, the following vulnerability has been resolved: ipmi: Check event message buffer response for bad data The event message buffer response data size got checked later when processing, but check it right after the response comes back. It appears some BMCs may return an empty...
RLSA-2026:20579 Moderate: freeipmi security update
The freeipmi packages contain an Intelligent Platform Management Interface IPMI remote console and system management software based on the IPMI specification. Security Fixes: freeipmi: buffer overflows on response messages via ipmi-oem CVE-2026-33554 For more details about the security issues,...
Linux Distros Unpatched Vulnerability : CVE-2026-46128
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ipmi: Check event message buffer response for bad data The event message buffer response data size got checked later when processing, but check it right after t...
CVE-2026-46108
A flaw was found in the Linux kernel's Intelligent Platform Management Interface IPMI System Interface SI driver. This vulnerability occurs when the driver fails to return to a normal operational state after a message allocation failure. This improper state handling can lead to the driver not...
CVE-2026-46128
A flaw was found in the Linux kernel's Intelligent Platform Management Interface IPMI subsystem. This vulnerability occurs when the kernel processes event message buffer responses from Baseboard Management Controllers BMCs. Some BMCs may return an empty message instead of an expected error, which...
CVE-2026-46177
A flaw was found in the Linux kernel's Intelligent Platform Management Interface IPMI driver. This vulnerability allows a malfunctioning Baseboard Management Controller BMC to cause the IPMI driver to continuously fetch events and messages, or become stuck if the attention bit remains active. Thi...
EUVD-2026-32867
In the Linux kernel, the following vulnerability has been resolved: ipmi:si: Return state to normal if message allocation fails There were places where nothing would get started if a message allocation failed, so the driver needs to return to normal state...
CVE-2026-46177
In the Linux kernel, the following vulnerability has been resolved: ipmi: Add limits to event and receive message requests The driver would just fetch events and receive messages until the BMC said it was done. To avoid issues with BMCs that never say they are done, add a limit of 10 fetches at a...
UBUNTU-CVE-2026-46128
In the Linux kernel, the following vulnerability has been resolved: ipmi: Check event message buffer response for bad data The event message buffer response data size got checked later when processing, but check it right after the response comes back. It appears some BMCs may return an empty...
CVE-2026-46177 ipmi: Add limits to event and receive message requests
In the Linux kernel, the following vulnerability has been resolved: ipmi: Add limits to event and receive message requests The driver would just fetch events and receive messages until the BMC said it was done. To avoid issues with BMCs that never say they are done, add a limit of 10 fetches at a...
CVE-2026-46128
The CVE-2026-46128 issue concerns the Linux kernel IPMI event message handling. The root cause is an insufficiently validated event message buffer/data size occurring when fetching events, with some BMCs returning an empty message instead of an error. This leads to a potential failure in processi...
CVE-2026-46128
In the Linux kernel, the following vulnerability has been resolved: ipmi: Check event message buffer response for bad data The event message buffer response data size got checked later when processing, but check it right after the response comes back. It appears some BMCs may return an empty...
CVE-2026-46108
In the Linux kernel, the following vulnerability has been resolved: ipmi:si: Return state to normal if message allocation fails There were places where nothing would get started if a message allocation failed, so the driver needs to return to normal state...
CVE-2026-46108
In the Linux kernel, CVE-2026-46108 affects the ipmi:si path where a failure to allocate a message could leave the driver in a bad state. The root cause is insufficiently returning to normal operation after allocation fails, which can impact availability (local access, low privileges). The vulner...