Description
In the Linux kernel, the following vulnerability has been resolved: mctp i2c: initialise event handler read bytes Set a 0xff value for i2c reads of an mctp-i2c device. Otherwise reads will return "val" from the i2c bus driver. For i2c-aspeed and i2c-npcm7xx that is a stack uninitialised u8. Tested with "i2ctransfer -y 1 r10@0x34" where 0x34 is a mctp-i2c instance, now it returns all 0xff.
References (6)
Core 6
Core References
Scores
CVSS v3
5.5
EPSS
0.0016
EPSS Percentile
5.1%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Details
Status
published
Products (20)
linux/Kernel
5.18.0 - 6.1.165linux
linux/Kernel
6.13.0 - 6.18.14linux
linux/Kernel
6.19.0 - 6.19.4linux
linux/Kernel
6.2.0 - 6.6.128linux
linux/Kernel
6.7.0 - 6.12.75linux
Linux/Linux
< 5.18
Linux/Linux
5.18
Linux/Linux
6.1.165 - 6.1.*
Linux/Linux
6.12.75 - 6.12.*
Linux/Linux
6.18.14 - 6.18.*
... and 10 more
Published
May 27, 2026
Tracked Since
May 27, 2026