Instituto Nacional de ciberseguridad. Sección Incibe
Instituto Nacional de Ciberseguridad. Sección INCIBE-CERT

CVE-2026-46177

Gravedad CVSS v3.1:
ALTA
Tipo:
No Disponible / Otro tipo
Fecha de publicación:
28/05/2026
Última modificación:
10/06/2026

Descripción

*** Pendiente de traducción *** In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> ipmi: Add limits to event and receive message requests<br /> <br /> The driver would just fetch events and receive messages until the<br /> BMC said it was done. To avoid issues with BMCs that never say they are<br /> done, add a limit of 10 fetches at a time.<br /> <br /> In addition, an si interface has an attn state it can return from the<br /> hardware which is supposed to cause a flag fetch to see if the driver<br /> needs to fetch events or message or a few other things. If the attn<br /> bit gets stuck, it&amp;#39;s a similar problem. So allow messages in between<br /> flag fetches so the driver itself doesn&amp;#39;t get stuck.<br /> <br /> This is a more general fix than the previous fix for the specific bad<br /> BMC, but should fix the more general issue of a BMC that won&amp;#39;t stop<br /> saying it has data.<br /> <br /> This has been there from the beginning of the driver. It&amp;#39;s not a bug<br /> per-se, but it is accounting for bugs in BMCs.

Productos y versiones vulnerables

CPE Desde Hasta
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* 2.6.12.1 (incluyendo) 5.10.258 (excluyendo)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* 5.11 (incluyendo) 5.15.209 (excluyendo)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* 5.16 (incluyendo) 6.1.175 (excluyendo)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* 6.2 (incluyendo) 6.6.140 (excluyendo)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* 6.7 (incluyendo) 6.12.88 (excluyendo)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* 6.13 (incluyendo) 6.18.30 (excluyendo)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* 6.19 (incluyendo) 7.0.7 (excluyendo)
cpe:2.3:o:linux:linux_kernel:2.6.12:-:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.12:rc2:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.12:rc3:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.12:rc4:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.12:rc5:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:7.1:rc1:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:7.1:rc2:*:*:*:*:*:*