Lucene search
K

84 matches found

ATTACKERKB
ATTACKERKB
added 3 days ago7 views

CVE-2026-54423

In OpenStack Ironic before 37.0.1, an Ironic user with the ability to deploy nodes using the IPMI management interface can maliciously use the sendraw step to send arbitrary IPMI commands to a node, bypassing Ironic's access control...

8.2CVSS6AI score0.00516EPSS
Exploits0References3Affected Software1
RedHat Linux
RedHat Linux
added 6 days ago5 views

freeipmi: FreeIPMI: Denial of service via buffer overflow in ipmi-oem client

A flaw was found in FreeIPMI. Specifically, the ipmi-oem client command, which implements Intelligent Platform Management Interface IPMI OEM commands, contains exploitable buffer overflows. A remote attacker could exploit these vulnerabilities by sending specially crafted response messages to the...

7.5CVSS6.1AI score0.00405EPSS
Exploits0References7
OSV
OSV
added 2026/06/19 2:13 p.m.2 views

SUSE-SU-2026:22243-1 Security update for freeipmi

This update for freeipmi fixes the following issue - CVE-2026-50031: denial of service via buffer overflow in ipmi-oem client bsc1267605...

7.5CVSS6AI score0.00405EPSS
Exploits0References3
Microsoft CVE
Microsoft CVE
added 2026/05/29 8:6 a.m.7 views

ipmi: Add limits to event and receive message requests

...

7.5CVSS5.4AI score0.00501EPSS
Exploits0
OSV
OSV
added 2026/05/28 10:16 a.m.6 views

UBUNTU-CVE-2026-46108

In the Linux kernel, the following vulnerability has been resolved: ipmi:si: Return state to normal if message allocation fails There were places where nothing would get started if a message allocation failed, so the driver needs to return to normal state...

5.5CVSS5.7AI score0.00123EPSS
Exploits0References8
EUVD
EUVD
added 2026/05/28 9:35 a.m.11 views

EUVD-2026-32887

In the Linux kernel, the following vulnerability has been resolved: ipmi: Check event message buffer response for bad data The event message buffer response data size got checked later when processing, but check it right after the response comes back. It appears some BMCs may return an empty...

5.8AI score0.00128EPSS
Exploits0References5
CVE
CVE
added 2026/05/28 9:35 a.m.28 views

CVE-2026-46128

The CVE-2026-46128 issue concerns the Linux kernel IPMI event message handling. The root cause is an insufficiently validated event message buffer/data size occurring when fetching events, with some BMCs returning an empty message instead of an error. This leads to a potential failure in processi...

5.5CVSS5.8AI score0.00128EPSS
Exploits0References8Affected Software1
Cvelist
Cvelist
added 2026/05/28 9:35 a.m.37 views

CVE-2026-46108 ipmi:si: Return state to normal if message allocation fails

In the Linux kernel, the following vulnerability has been resolved: ipmi:si: Return state to normal if message allocation fails There were places where nothing would get started if a message allocation failed, so the driver needs to return to normal state...

0.00123EPSS
Exploits0References8
CNNVD
CNNVD
added 2026/05/28 12:0 a.m.12 views

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the failure to promptly check the response data in the IPMI event message buffer. This could lead to...

5.8AI score0.00128EPSS
Exploits0References5
NVD
NVD
added 2026/05/27 2:17 p.m.14 views

CVE-2026-46044

In the Linux kernel, the following vulnerability has been resolved: ipmi:ssif: Clean up kthread on errors If an error occurs after the ssif kthread is created, but before the main IPMI code starts the ssif interface, the ssif kthread will not be stopped. So make sure the kthread is stopped on an...

5.5CVSS0.00123EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/05/27 12:0 a.m.15 views

PT-2026-43911

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified openSUSE Tumbleweed versions prior to kernel-devel-7.0.11-1.1 Description An issue exists in the ipmi:ssif component where a kernel thread kthread is not properly stopped if an error occurs after it...

5.5CVSS6AI score0.00123EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2026/05/26 4:7 a.m.11 views

Moderate: Red Hat Security Advisory: freeipmi security update

An update for freeipmi is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

7.5CVSS6AI score0.00403EPSS
Exploits0References2
OSV
OSV
added 2026/05/26 12:0 a.m.11 views

ALSA-2026:20579 Moderate: freeipmi security update

The freeipmi packages contain an Intelligent Platform Management Interface IPMI remote console and system management software based on the IPMI specification. Security Fixes: freeipmi: buffer overflows on response messages via ipmi-oem CVE-2026-33554 For more details about the security issues,...

7.5CVSS6AI score0.00403EPSS
Exploits0References4
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: ipmi: Fixed UAF when uninstalling the ipmisi and ipmimsghandler modules Hi, During testing the installation and uninstallation of the ipmisi.ko and ipmimsghandler.ko modules, the system crashed. The log contains the following...

5.5CVSS6.5AI score0.00239EPSS
Exploits0References2
OSV
OSV
added 2026/05/06 12:5 p.m.6 views

RLSA-2026:13515 Moderate: freeipmi security update

The freeipmi packages contain an Intelligent Platform Management Interface IPMI remote console and system management software based on the IPMI specification. Security Fixes: freeipmi: buffer overflows on response messages via ipmi-oem CVE-2026-33554 For more details about the security issues,...

8.8CVSS6AI score0.00403EPSS
Exploits0References2
CVE
CVE
added 2026/05/06 11:28 a.m.19 views

CVE-2026-43221

CVE-2026-43221 affects Linux kernel IPMI/IPMB: the event handler responsible for IPMB read bytes may fail to initialize reads, causing an I2C read to return an uninitialised value from the bus driver. This is described across multiple advisories (Root-OS-UBUNTU-2404, SUSE, Red Hat) as a patchable...

5.5CVSS5.8AI score0.00128EPSS
Exploits0References6Affected Software1
Debian CVE
Debian CVE
added 2026/03/25 10:27 a.m.6 views

CVE-2026-23322

In the Linux kernel, the following vulnerability has been resolved: ipmi: Fix use-after-free and list corruption on sender error The analysis from Breno: When the SMI sender returns an error, smiwork delivers an error response but then jumps back to restart without cleaning up properly: 1...

7.8CVSS5.4AI score0.00124EPSS
Exploits0
EUVD
EUVD
added 2026/03/24 3:30 p.m.13 views

EUVD-2026-14899

ipmi-oem in FreeIPMI before 1.16.17 has exploitable buffer overflows on response messages. The Intelligent Platform Management Interface IPMI specification defines a set of interfaces for platform management. It is implemented by a large number of hardware manufacturers to support system...

7.5CVSS6.2AI score0.00403EPSS
Exploits0References5
OSV
OSV
added 2026/03/24 3:16 p.m.8 views

UBUNTU-CVE-2026-33554

ipmi-oem in FreeIPMI before 1.6.17 has exploitable buffer overflows on response messages. The Intelligent Platform Management Interface IPMI specification defines a set of interfaces for platform management. It is implemented by a large number of hardware manufacturers to support system managemen...

7.5CVSS5.8AI score0.00403EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/01/13 2:1 p.m.2 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: “Revert ‘ipmi: fix msg stack when IPMI is disconnected’” This fix reverts to the previous behavior in commit c608966f3f9c2dca596967501d00753282b395fc. This patch contains a minor bug that can cause the IPMI driver to enter an...

5.8AI score0.00182EPSS
Exploits0References3
Rows per page
Query Builder