CVE-2026-46128

In the Linux kernel, the following vulnerability has been resolved: ipmi: Check event message buffer response for bad data The event message buffer response data size got checked later when processing, but check it right after the response comes back. It appears some BMCs may return an empty...

CVE-2026-46128 ipmi: Check event message buffer response for bad data

In the Linux kernel, the following vulnerability has been resolved: ipmi: Check event message buffer response for bad data The event message buffer response data size got checked later when processing, but check it right after the response comes back. It appears some BMCs may return an empty...

CVE-2026-46044 ipmi:ssif: Clean up kthread on errors

In the Linux kernel, the following vulnerability has been resolved: ipmi:ssif: Clean up kthread on errors If an error occurs after the ssif kthread is created, but before the main IPMI code starts the ssif interface, the ssif kthread will not be stopped. So make sure the kthread is stopped on an...

Astra Linux - уязвимость в linux-5.15, linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: ipmi: fix use after free in ipmidestroyuser The intffree function frees the "intf" pointer so we cannot dereference it again on the next line...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-013165)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013165 advisory. In the Linux kernel, the following vulnerability has been resolved: ipmisi: fix a memleak in trysmiinit Kmemleak reported the following leak info in trysmiinit:...

📄 Supermicro X8 Vulnerability Scanner

This code is a vulnerability scanner designed to scan for vulnerabilities in the Supermicro Onboard IPMI interface. The code checks for two known buffer overflow vulnerabilities. The checks are for older issues from 2013...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003748)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003748 advisory. An issue was discovered in the Linux kernel before 5.0.4. There is a use-after-free upon attempted read access to /proc/ioports after the ipmisi module is removed,...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003627)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003627 advisory. An issue was discovered in the Linux kernel before 5.0.4. There is a use-after-free upon attempted read access to /proc/ioports after the ipmisi module is removed,...

CVE-2023-54064

In the Linux kernel, the following vulnerability has been resolved: ipmi:ssif: Fix a memory leak when scanning for an adapter The adapter scan ssifinfofind sets info-adaptername if the adapter info came from SMBIOS, as it's not set in that case. However, this function can be called more than once...

EUVD-2025-150372

In the Linux kernel, the following vulnerability has been resolved: ipmi: Rework user message limit handling The limit on the number of user messages had a number of issues, improper counting in some cases and a use after free. Restructure how this is all done to handle more in the receive messag...

EUVD-2023-59997

In the Linux kernel, the following vulnerability has been resolved: netlink: fix potential deadlock in netlinkseterr syzbot reported a possible deadlock in netlinkseterr 1 A similar issue was fixed in commit 1d482e666b8e "netlink: disable IRQs for netlinklocktable" in netlinklocktable This patch...

CVE-2023-53611

In the Linux kernel, the following vulnerability has been resolved: ipmisi: fix a memleak in trysmiinit Kmemleak reported the following leak info in trysmiinit: unreferenced object 0xffff00018ecf9400 size 1024: comm "modprobe", pid 2707763, jiffies 4300851415 age 773.308s backtrace:...

CVE-2023-53611 ipmi_si: fix a memleak in try_smi_init()

In the Linux kernel, the following vulnerability has been resolved: ipmisi: fix a memleak in trysmiinit Kmemleak reported the following leak info in trysmiinit: unreferenced object 0xffff00018ecf9400 size 1024: comm "modprobe", pid 2707763, jiffies 4300851415 age 773.308s backtrace:...

PT-2025-46759

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel has a flaw in how user message limits are handled within the Intelligent Platform Management Interface IPMI. The existing implementation had issues with incorrect messag...

(Pwn2Own) QNAP QHora-322 IPMI Use of Weak Credentials Authentication Bypass Vulnerability

This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of QNAP QHora-322 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the IPMI interface. The issue results from the use of the WAN MAC addres...

Supermicro X9 Buffer Overflow Scanner

Supermicro X9 generation motherboards before SMT X9 317 overflow scanner that checks for two flaws that date back to 2013 related to IPMI. ============================================================================================================================================= | Title :...

PT-2021-8141 · Linux +3 · Linux Kernel +3

Name of the Vulnerable Software and Affected Versions: Linux kernel versions 4.18.0.x86 64 46 and 47 Description: The vulnerability in the Linux kernel is related to a use-after-free UAF issue when uninstalling the ipmi si and ipmi msghandler modules. This can cause the system to crash. The issue...

Security Bulletin: IBM MQ Appliance is affected by an unauthorised access vulnerability (CVE-2019-4621)

Summary IBM MQ Appliance has addressed the following unauthorised access vulnerability. Vulnerability Details CVEID: CVE-2019-4621 DESCRIPTION: IBM DataPower Appliance and IBM MQ Appliance have a default administrator account that is enabled if the IPMI LAN channel is enabled. A remote attacker...

DEBIAN-CVE-2019-11811

An issue was discovered in the Linux kernel before 5.0.4. There is a use-after-free upon attempted read access to /proc/ioports after the ipmisi module is removed, related to drivers/char/ipmi/ipmisiintf.c, drivers/char/ipmi/ipmisimemio.c, and drivers/char/ipmi/ipmisiportio.c...

UBUNTU-CVE-2019-11811

An issue was discovered in the Linux kernel before 5.0.4. There is a use-after-free upon attempted read access to /proc/ioports after the ipmisi module is removed, related to drivers/char/ipmi/ipmisiintf.c, drivers/char/ipmi/ipmisimemio.c, and drivers/char/ipmi/ipmisiportio.c...