291 matches found
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: ipmi: Fixed use-after-free and list corruption on sender errors According to the analysis by Breno: When the SMI sender returns an error, smiwork delivers an error response but then jumps back to restart without properly cleaning...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: ipmi:ipmb: Fixed the refcount leak in ipmiipmbprobe. ofparsephandle returns a node pointer with a refcount incremented; we should use ofnodeput on it after processing. Added ofnodeput to prevent the refcount leak from occurrin...
Astra Linux – Vulnerability in Linux, Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: ipmi: Fixed UAF when uninstalling the ipmisi and ipmimsghandler modules Hi, During testing the installation and uninstallation of the ipmisi.ko and ipmimsghandler.ko modules, the system crashed. The log contains the following...
CVE-2025-29936
Improper input validation within the AMD Platform Management Framework PMF could allow an attacker to unmap arbitrary memory pages potentially impacting integrity and availability, or allowing privilege escalation resulting in loss of confidentiality...
CVE-2025-48520
An improper input validation vulnerability within the AMD Platform Management Framework PMF driver can allow a local attacker to read Out-of-Bounds potentially resulting in information disclosure or a crash...
CVE-2025-48513
Use of uninitialized resource within the AMD Platform Management Framework PMF could allow an attacker to read a uninitialized kernel memory resulting in loss of confidentiality or availability...
CVE-2025-0028
An unchecked return value within the AMD Platform Management Framework PMF could allow an attacker to read or modify an arbitrary address potentially resulting in loss of confidentiality, integrity, or availability...
CVE-2026-50031
ipmi-oem in FreeIPMI before 1.6.18 has exploitable buffer overflows on response messages. The Intelligent Platform Management Interface IPMI specification defines a set of interfaces for platform management. It is implemented by a large number of hardware manufacturers to support system managemen...
Linux Distros Unpatched Vulnerability : CVE-2026-50031
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ipmi-oem in FreeIPMI before 1.6.18 has exploitable buffer overflows on response messages. The Intelligent Platform Management Interface IPMI specification defin...
freeipmi security update
An update is available for freeipmi. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The freeipmi packages contain an Intelligent Platform Management Interface...
ipmi: Add limits to event and receive message requests
...
ipmi: Check event message buffer response for bad data
...
SUSE CVE-2026-46128
In the Linux kernel, the following vulnerability has been resolved: ipmi: Check event message buffer response for bad data The event message buffer response data size got checked later when processing, but check it right after the response comes back. It appears some BMCs may return an empty...
RLSA-2026:20579 Moderate: freeipmi security update
The freeipmi packages contain an Intelligent Platform Management Interface IPMI remote console and system management software based on the IPMI specification. Security Fixes: freeipmi: buffer overflows on response messages via ipmi-oem CVE-2026-33554 For more details about the security issues,...
Linux Distros Unpatched Vulnerability : CVE-2026-46128
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ipmi: Check event message buffer response for bad data The event message buffer response data size got checked later when processing, but check it right after t...
CVE-2026-46108
A flaw was found in the Linux kernel's Intelligent Platform Management Interface IPMI System Interface SI driver. This vulnerability occurs when the driver fails to return to a normal operational state after a message allocation failure. This improper state handling can lead to the driver not...
CVE-2026-46177
A flaw was found in the Linux kernel's Intelligent Platform Management Interface IPMI driver. This vulnerability allows a malfunctioning Baseboard Management Controller BMC to cause the IPMI driver to continuously fetch events and messages, or become stuck if the attention bit remains active. Thi...
EUVD-2026-32867
In the Linux kernel, the following vulnerability has been resolved: ipmi:si: Return state to normal if message allocation fails There were places where nothing would get started if a message allocation failed, so the driver needs to return to normal state...
CVE-2026-46177
In the Linux kernel, the following vulnerability has been resolved: ipmi: Add limits to event and receive message requests The driver would just fetch events and receive messages until the BMC said it was done. To avoid issues with BMCs that never say they are done, add a limit of 10 fetches at a...
UBUNTU-CVE-2026-46108
In the Linux kernel, the following vulnerability has been resolved: ipmi:si: Return state to normal if message allocation fails There were places where nothing would get started if a message allocation failed, so the driver needs to return to normal state...