CVE-2026-46177

HIGH

ipmi: Add limits to event and receive message requests

Title source: cna
STIX 2.1

Description

In the Linux kernel, the following vulnerability has been resolved: ipmi: Add limits to event and receive message requests The driver would just fetch events and receive messages until the BMC said it was done. To avoid issues with BMCs that never say they are done, add a limit of 10 fetches at a time. In addition, an si interface has an attn state it can return from the hardware which is supposed to cause a flag fetch to see if the driver needs to fetch events or message or a few other things. If the attn bit gets stuck, it's a similar problem. So allow messages in between flag fetches so the driver itself doesn't get stuck. This is a more general fix than the previous fix for the specific bad BMC, but should fix the more general issue of a BMC that won't stop saying it has data. This has been there from the beginning of the driver. It's not a bug per-se, but it is accounting for bugs in BMCs.

Scores

CVSS v3 7.5
EPSS 0.0050
EPSS Percentile 39.4%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Details

Status published
Products (29)
linux/Kernel 2.6.12 - 5.10.258linux
linux/Kernel 5.11.0 - 5.15.209linux
linux/Kernel 5.16.0 - 6.1.175linux
linux/Kernel 6.13.0 - 6.18.30linux
linux/Kernel 6.19.0 - 7.0.7linux
linux/Kernel 6.2.0 - 6.6.140linux
linux/Kernel 6.7.0 - 6.12.88linux
Linux/Linux < 2.6.12
Linux/Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - 112df8e631636cafda64dcee4561daf09ce74a4a
Linux/Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - 304b56883b7eff73eb606c35d062c8101aaf5471
... and 19 more
Published May 28, 2026
Tracked Since May 28, 2026