Wind River Support Network

HomeDefectsLIN1021-11152
Fixed

LIN1021-11152 : Security Advisory - openipmi - CVE-2024-42934

Created: Aug 29, 2024    Updated: Nov 15, 2024
Resolved Date: Nov 14, 2024
Found In Version: 10.21.20.1
Severity: Standard
Applicable for: Wind River Linux LTS 21
Component/s: Userspace

Description

OpenIPMI before 2.0.36 has an out-of-bounds array access (for authentication type) in the ipmi_sim simulator, resulting in denial of service or (with very low probability) authentication bypass or code execution.

https://nvd.nist.gov/vuln/detail/CVE-2024-42934

CVEs

Live chat
Online
  • Linkedin
  • Facebook
  • Twitter
  • Youtube