CVE-2026-46128
Awaiting Analysis Awaiting Analysis - Queue
IPMI Event Message Buffer Response Validation Flaw

Publication date: 2026-05-28

Last updated on: 2026-06-01

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: ipmi: Check event message buffer response for bad data The event message buffer response data size got checked later when processing, but check it right after the response comes back. It appears some BMCs may return an empty message instead of an error when fetching events. There are apparently some new BMCs that make this error, so we need to compensate.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-05-28
Last Modified
2026-06-01
Generated
2026-06-17
AI Q&A
2026-05-28
EPSS Evaluated
2026-06-16
NVD
CVE-2026-46128
EUVD
EUVD-2026-32887
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
linux linux_kernel *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability exists in the Linux kernel's IPMI (Intelligent Platform Management Interface) implementation. It involves improper checking of the event message buffer response data size. Specifically, the size of the response data was only checked later during processing, rather than immediately after receiving the response. Some Baseboard Management Controllers (BMCs) may return an empty message instead of an error when fetching events, which could lead to issues if not properly handled.

Impact Analysis

If the Linux kernel does not properly check the event message buffer response immediately, it may process bad or empty data from certain BMCs. This could potentially lead to incorrect event handling or system instability related to IPMI event processing.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-46128. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart