ipmi: Add limits to event and receive message requests

7.5 / 10

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Description

In the Linux kernel, the following vulnerability has been resolved:

ipmi: Add limits to event and receive message requests

The driver would just fetch events and receive messages until the
BMC said it was done. To avoid issues with BMCs that never say they are
done, add a limit of 10 fetches at a time.

In addition, an si interface has an attn state it can return from the
hardware which is supposed to cause a flag fetch to see if the driver
needs to fetch events or message or a few other things. If the attn
bit gets stuck, it's a similar problem. So allow messages in between
flag fetches so the driver itself doesn't get stuck.

This is a more general fix than the previous fix for the specific bad
BMC, but should fix the more general issue of a BMC that won't stop
saying it has data.

This has been there from the beginning of the driver. It's not a bug
per-se, but it is accounting for bugs in BMCs.

Basic Information

ID CVE-2026-46177

Source Linux

Published May 28, 2026 at 09:36

Modified May 30, 2026 at 10:48

Affected Product

Vendor Linux

Product Linux

Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Affected Versions Linux Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
Linux Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
Linux Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
Linux Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
Linux Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
Linux Linux 2.6.12

References

{
    "lastseen": "",
    "description": "In the Linux kernel, the following vulnerability has been resolved:\n\nipmi: Add limits to event and receive message requests\n\nThe driver would just fetch events and receive messages until the\nBMC said it was done.  To avoid issues with BMCs that never say they are\ndone, add a limit of 10 fetches at a time.\n\nIn addition, an si interface has an attn state it can return from the\nhardware which is supposed to cause a flag fetch to see if the driver\nneeds to fetch events or message or a few other things.  If the attn\nbit gets stuck, it's a similar problem.  So allow messages in between\nflag fetches so the driver itself doesn't get stuck.\n\nThis is a more general fix than the previous fix for the specific bad\nBMC, but should fix the more general issue of a BMC that won't stop\nsaying it has data.\n\nThis has been there from the beginning of the driver.  It's not a bug\nper-se, but it is accounting for bugs in BMCs.",
    "published": "2026-05-28T09:36:31.286Z",
    "modified": "2026-05-30T10:48:45.326Z",
    "type": "cve",
    "title": "ipmi: Add limits to event and receive message requests",
    "source": "Linux",
    "references": "https://git.kernel.org/stable/c/67c44e0deba936d5edaebea356b4589eb43acb5c\nhttps://git.kernel.org/stable/c/e20212b431bef217d3886b86bbc90cc3ed00de68\nhttps://git.kernel.org/stable/c/3d37d2165df9504ea99d9e6181552dc4d2d1ab37\nhttps://git.kernel.org/stable/c/c024167fb00489baee08c72182ca2e7dc5fb9f20\nhttps://git.kernel.org/stable/c/c4cca236968683eb0d59abfb12d5c7e4d8514227",
    "id": "CVE-2026-46177",
    "bulletinFamily": "",
    "cwe": null,
    "cvelist": null,
    "sourceData": "Linux Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2\nLinux Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2\nLinux Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2\nLinux Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2\nLinux Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2\nLinux Linux 2.6.12",
    "sourceHref": "",
    "cvss": {
        "score": 7.5,
        "severity": "HIGH",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Linux",
    "version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
    "vendor": "Linux",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

ipmi: Add limits to event and receive message requests_CVE-2026-46177

Description

Basic Information

Affected Product

References

💭 Join the Security Discussion ❌ Cancel Reply