Linux Kernel IPMI Driver Message Allocation Failure Normalization Vulnerability

A vulnerability in the Linux kernel's IPMI driver has been addressed. The issue arose in the IPMI subsystem, specifically within the 'ipmi_si' interface, where the driver failed to properly manage its state following a message allocation failure. This oversight could prevent the driver from initiating necessary operations. The vulnerability affects the Linux kernel stable tree.

Impact

The vulnerability could lead to improper driver behavior, where the IPMI interface does not recover correctly from message allocation failures, potentially causing communication issues with the system management hardware.

Reproduction

The vulnerability can be reproduced by inducing a message allocation failure in the IPMI driver. This can be done by configuring the driver to handle messages or events, but then causing the allocation process to fail, such as by exhausting available resources. Once the allocation fails, the driver should ideally return to a normal state, but in this case, it does not, leading to the vulnerability.

Remediation

Users can apply the latest patches available in the Linux kernel stable tree to address this vulnerability.