CVE-2026-46128
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
28/05/2026
Last modified:
28/05/2026
Description
In the Linux kernel, the following vulnerability has been resolved:<br />
<br />
ipmi: Check event message buffer response for bad data<br />
<br />
The event message buffer response data size got checked later when<br />
processing, but check it right after the response comes back. It<br />
appears some BMCs may return an empty message instead of an error<br />
when fetching events.<br />
<br />
There are apparently some new BMCs that make this error, so we need to<br />
compensate.
Impact
References to Advisories, Solutions, and Tools
- https://git.kernel.org/stable/c/2418e4b21fb1355504d095da5d5f0a210564a43d
- https://git.kernel.org/stable/c/24269264c3d59a49eb09b10af2c75b14f2931482
- https://git.kernel.org/stable/c/36920f30e78e69df01f9691c470b6f3ba8aebf98
- https://git.kernel.org/stable/c/42432b579a594b66ac32e5e7b7c26e6bc578ec89
- https://git.kernel.org/stable/c/7f7ada72c07a83b46045ddfeee526bd9e2e3c8f0