Skip to main content

Linux Kernel CVE-2026-46108

| EUVDEUVD-2026-32867 MEDIUM
2026-05-28 416baaa9-dc9f-4396-8d5f-8c081fb06d67 GHSA-49qj-cwh3-6453
5.5
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
5.5 MEDIUM
AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
vuln.today AI
5.5 MEDIUM

Local access with low privileges required to trigger IPMI allocation failure; no confidentiality or integrity impact, only availability loss confined to the IPMI subsystem.

3.1 AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
4.0 AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
SUSE
MEDIUM
qualitative

Primary rating from NVD.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High

Lifecycle Timeline

5
Analysis Generated
Jun 25, 2026 - 21:40 vuln.today
CVSS changed
Jun 25, 2026 - 21:22 NVD
5.5 (MEDIUM)
Patch available
May 28, 2026 - 12:31 EUVD
CVE Published
May 28, 2026 - 10:16 nvd
MEDIUM 5.5
CVE Published
May 28, 2026 - 10:16 nvd
UNKNOWN (no severity yet)

DescriptionNVD

In the Linux kernel, the following vulnerability has been resolved:

ipmi:si: Return state to normal if message allocation fails

There were places where nothing would get started if a message allocation failed, so the driver needs to return to normal state.

AnalysisAI

Denial of service in the Linux kernel's IPMI SI (System Interface) driver results from improper state machine recovery when message allocation fails, leaving the driver stuck in a non-normal state and rendering the IPMI subsystem non-functional. Locally authenticated users with low privileges on affected systems with an active ipmi_si module can trigger this condition, typically under memory-pressure scenarios. No public exploit has been identified at time of analysis; EPSS at 0.02% (5th percentile) confirms negligible exploitation interest, and patches are available across multiple stable kernel branches.

Technical ContextAI

IPMI (Intelligent Platform Management Interface) is a standardized hardware management interface used for out-of-band server health monitoring, event logging, and remote management. The ipmi_si kernel driver implements the System Interface layer, handling communication between the Linux kernel and IPMI controllers via protocols such as KCS (Keyboard Controller Style), SMIC, or BT (Block Transfer) through a state machine. The vulnerability arises from incomplete error handling in message processing paths: when an allocation function (e.g., alloc_msg) fails, certain code paths exit without executing the state-restoration logic required to return the driver's state machine to its idle/normal state. This matches the general defect class of CWE-703 (Improper Check or Handling of Exceptional Conditions) or CWE-459 (Incomplete Cleanup), though no formal CWE is assigned in the NVD record. CPE data (cpe:2.3:o:linux:linux_kernel:2.6.12) and EUVD version ranges indicate this latent defect has existed since at least Linux 2.6.12 (circa 2005).

RemediationAI

The primary fix is to upgrade to a patched Linux kernel: 6.6.140, 6.12.88, 6.18.30, 7.0.7, or 7.1-rc3 (or any subsequent release in those branches). For distributions maintaining their own kernel packages (RHEL, Debian, Ubuntu, SUSE), apply vendor-provided kernel updates once backports are released. For systems where an immediate kernel upgrade is not feasible, restricting unprivileged user access to IPMI interfaces (e.g., via file permissions on /dev/ipmi* or removing ipmi_si from loaded modules if IPMI is not operationally required) reduces the attack surface, though the trade-off is loss of IPMI SI functionality. Monitoring kernel logs (dmesg | grep ipmi) for state anomalies can help detect if the condition has been triggered in production. Patch commits are directly available at https://git.kernel.org/stable/c/ for teams performing manual backports.

Vendor StatusVendor

SUSE

Severity: Moderate
Product Status
openSUSE Tumbleweed Fixed
SUSE Linux Enterprise Desktop 15 SP7 Affected
SUSE Linux Enterprise Desktop 15 SP7 Affected
SUSE Linux Enterprise High Availability Extension 15 SP7 Affected
SUSE Linux Enterprise High Availability Extension 15 SP7 Affected

Share

CVE-2026-46108 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy