CVE-2026-46128
MEDIUMipmi: Check event message buffer response for bad data
Title source: cnaDescription
In the Linux kernel, the following vulnerability has been resolved: ipmi: Check event message buffer response for bad data The event message buffer response data size got checked later when processing, but check it right after the response comes back. It appears some BMCs may return an empty message instead of an error when fetching events. There are apparently some new BMCs that make this error, so we need to compensate.
References (8)
Core 8
Core References
Scores
CVSS v3
5.5
EPSS
0.0013
EPSS Percentile
2.8%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Details
Status
published
Products (29)
linux/Kernel
2.6.12 - 5.10.258linux
linux/Kernel
5.11.0 - 5.15.209linux
linux/Kernel
5.16.0 - 6.1.175linux
linux/Kernel
6.13.0 - 6.18.30linux
linux/Kernel
6.19.0 - 7.0.7linux
linux/Kernel
6.2.0 - 6.6.140linux
linux/Kernel
6.7.0 - 6.12.88linux
Linux/Linux
< 2.6.12
Linux/Linux
1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - 01f8387fa5b796f13cf50014c171f6da7abc46ea
Linux/Linux
1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - 2418e4b21fb1355504d095da5d5f0a210564a43d
... and 19 more
Published
May 28, 2026
Tracked Since
May 28, 2026