Volerion logoVolerion
Volerion logoVolerion

Linux Kernel IPMI IPMB Event Handler Initialization Vulnerability

Vulnerability

A vulnerability exists in the Linux kernel's IPMI IPMB event handler, where the handler fails to properly initialize a value before an I2C read. This oversight can lead to the I2C read returning an uninitialized value from the bus driver. The issue arises because IPMB does not utilize I2C reads, yet the event handler is required to set a value to ensure proper functionality.

Impact

The vulnerability can cause the I2C read operation to return an uninitialized value, potentially leading to undefined behavior or incorrect data being processed.

Reproduction

The vulnerability can be reproduced by configuring IPMI over IPMB and initiating an I2C read request. Without the proper initialization in the event handler, the read will return an uninitialized value, demonstrating the vulnerability.

Remediation

Users can apply the latest patches available in the Linux kernel stable tree to address this vulnerability.

Added: May 6, 2026, 1:49 PM
Updated: May 6, 2026, 1:49 PM

Vulnerability Rating

Custom Algorithm
spread
9.0
impact
0.6
exploitability
4.3
remediation
7.7
relevance
7.7
threat
4.8
urgency
2.9
incentive
0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.