CVE-2026-46108 - Vulnerability Details

- ipmi:si: Return state to normal if message allocation fails

Description

In the Linux kernel, the following vulnerability has been resolved:

ipmi:si: Return state to normal if message allocation fails

There were places where nothing would get started if a message
allocation failed, so the driver needs to return to normal state.

Published: 2026-05-28

Score: n/a

EPSS: < 1% Very Low

KEV: No

Impact:

Action:

Analysis

Impact

In the Linux kernel, the IPMI monitor interface lacks proper error recovery when a message allocation fails, leaving the driver in an unusable state. This can stall IPMI operations and degrade system stability, effectively causing a denial of service. The weakness is a failure to handle resource allocation errors.

Affected Systems

All Linux kernel distributions that ship the default IPMI driver are affected; the issue is present in the kernel's IPMI silicon interface, regardless of vendor or distribution.

Risk and Exploitability

The CVSS score is not available publicly. EPSS is not provided and the vulnerability is not listed in CISA KEV. Exploitation requires a kernel‑space memory allocation failure, which is unlikely to be triggered remotely without elevated privileges. The risk is considered moderate; systems should address the defect promptly.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

Linux

unaffected

Version	Status	Constraints
`1da177e4c3f41524e886b7f1b8a0c1fc7321cac2`	affected	< ce905b65e649eee378a0f37e8219f1d70efb3007
`1da177e4c3f41524e886b7f1b8a0c1fc7321cac2`	affected	< 88881dc1da86064f479378bc9d0a4956c3d0bb12
`1da177e4c3f41524e886b7f1b8a0c1fc7321cac2`	affected	< bc13fce9eeec88c4950924754c3347c6dc66ff4c
`1da177e4c3f41524e886b7f1b8a0c1fc7321cac2`	affected	< ba60140d4133231b49185ac8bf6e54f318d3134e
`1da177e4c3f41524e886b7f1b8a0c1fc7321cac2`	affected	< 09dd798270ff582d7309f285d4aaf5dbebae01cb

Linux

affected

Version	Status	Constraints
`2.6.12`	affected	—
`0`	unaffected	< 2.6.12
`6.6.140`	unaffected	≤ 6.6.*
`6.12.88`	unaffected	≤ 6.12.*
`6.18.30`	unaffected	≤ 6.18.*
`7.0.7`	unaffected	≤ 7.0.*
`7.1-rc3`	unaffected	≤ *

No data.

Vendor Product Confidence Versions

Linux

Linux Kernel

99%

Version	Status	Scheme	Platform
`[1da177e4c3f41524e886b7f1b8a0c1fc7321cac2,ce905b65e649eee378a0f37e8219f1d70efb3007)`	affected	code_commit	—
`[1da177e4c3f41524e886b7f1b8a0c1fc7321cac2,88881dc1da86064f479378bc9d0a4956c3d0bb12)`	affected	code_commit	—
`[1da177e4c3f41524e886b7f1b8a0c1fc7321cac2,bc13fce9eeec88c4950924754c3347c6dc66ff4c)`	affected	code_commit	—
`[1da177e4c3f41524e886b7f1b8a0c1fc7321cac2,ba60140d4133231b49185ac8bf6e54f318d3134e)`	affected	code_commit	—
`[1da177e4c3f41524e886b7f1b8a0c1fc7321cac2,09dd798270ff582d7309f285d4aaf5dbebae01cb)`	affected	code_commit	—

Linux

Linux Kernel

99%

Version	Status	Scheme	Platform
`2.6.12`	affected	semver	—
`[0,2.6.12)`	unaffected	semver	—
`[6.6.140,6.7.0)`	unaffected	semver	—
`[6.12.88,6.13.0)`	unaffected	semver	—
`[6.18.30,6.19.0)`	unaffected	semver	—
`[7.0.7,7.1.0)`	unaffected	semver	—
`[7.1-rc3,*]`	unaffected	generic	—

Found an issue or want to improve our Enrichment? You can suggest it directly by opening an issue on our dedicated GitHub repository .

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

Upgrade the Linux kernel to the latest stable release that incorporates the commits referenced in the advisory.
If an immediate kernel upgrade is not feasible, unload or disable the ipmi_si kernel module to stop IPMI activity until the patch is applied.
Restrict or block network traffic destined for the IPMI service, for example using firewall rules, to prevent management traffic from reaching the affected device during the mitigation period.

Generated by OpenCVE AI on May 28, 2026 at 12:21 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00018.

Key SSVC decision points have not yet been added.

References

Link	Providers
https://git.kernel.org/stable/c/09dd798270ff582d7309f285d4aaf5dbebae01cb
https://git.kernel.org/stable/c/88881dc1da86064f479378bc9d0a4956c3d0bb12
https://git.kernel.org/stable/c/ba60140d4133231b49185ac8bf6e54f318d3134e
https://git.kernel.org/stable/c/bc13fce9eeec88c4950924754c3347c6dc66ff4c
https://git.kernel.org/stable/c/ce905b65e649eee378a0f37e8219f1d70efb3007

History

Thu, 28 May 2026 12:45:00 +0000

Type	Values Removed	Values Added
Weaknesses		CWE-775

Thu, 28 May 2026 10:15:00 +0000

Type	Values Removed	Values Added
Description		In the Linux kernel, the following vulnerability has been resolved: ipmi:si: Return state to normal if message allocation fails There were places where nothing would get started if a message allocation failed, so the driver needs to return to normal state.
Title		ipmi:si: Return state to normal if message allocation fails
First Time appeared		Linux Linux linux Kernel
CPEs		cpe:2.3:o:linux:linux_kernel::::::::
Vendors & Products		Linux Linux linux Kernel
References		https://git.kernel.org/stable/c/09dd798270ff582d7309f285d4aaf5dbebae01cb https://git.kernel.org/stable/c/88881dc1da86064f479378bc9d0a4956c3d0bb12 https://git.kernel.org/stable/c/ba60140d4133231b49185ac8bf6e54f318d3134e https://git.kernel.org/stable/c/bc13fce9eeec88c4950924754c3347c6dc66ff4c https://git.kernel.org/stable/c/ce905b65e649eee378a0f37e8219f1d70efb3007

Subscriptions

Linux Linux Kernel

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2026-05-28T09:35:14.978Z

Updated: 2026-05-28T09:35:14.978Z

Reserved: 2026-05-13T15:03:33.098Z

Link: CVE-2026-46108

Vulnrichment

No data.

NVD

Status : Awaiting Analysis

Published: 2026-05-28T10:16:26.190

Modified: 2026-05-28T13:44:01.663

Link: CVE-2026-46108

Redhat

No data.

OpenCVE Enrichment

Updated: 2026-05-28T12:30:16Z

Weaknesses

CWE-775

Impact

Affected Systems

Risk and Exploitability

Tracking

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object