CVE-2026-50031

Published: Giu 03, 2026 Last Modified: Giu 03, 2026
ExploitDB:
Other exploit source:
Google Dorks:
HIGH 7,5
Source: [email protected]
Attack Vector: network
Attack Complexity: low
Privileges Required: none
User Interaction: none
Scope: unchanged
Confidentiality: none
Integrity: none
Availability: high

Description

AI Translation Available

ipmi-oem in FreeIPMI before 1.6.18 has exploitable buffer overflows on response messages. The Intelligent Platform Management Interface (IPMI) specification defines a set of interfaces for platform management. It is implemented by a large number of hardware manufacturers to support system management. It is most commonly used for sensor reading (e.g., CPU temperatures through the ipmi-sensors command within FreeIPMI) and remote power control (the ipmipower command). The ipmi-oem client command implements a set of a IPMI OEM commands for specific hardware vendors. If a user has supported hardware, they may wish to use the ipmi-oem command to send a request to a server to retrieve specific information. Two subcommands 'ipmi-oem dell get-active-directory-config' and 'ipmi-oem fujitsu get-sel-entry-long-text' were found to have exploitable buffer overflows on response messages.

121

Stack-based Buffer Overflow

Draft
Abstraction: Variant Structure: Simple
Common Consequences
Security Scopes Affected:
Availability Integrity Confidentiality Access Control Other
Potential Impacts:
Modify Memory Dos: Crash, Exit, Or Restart Dos: Resource Consumption (Cpu) Dos: Resource Consumption (Memory) Execute Unauthorized Code Or Commands Bypass Protection Mechanism Other
Applicable Platforms
Languages: Memory-Unsafe, C, C++
Likelihood of Exploit: High
View CWE Details
https://lists.gnu.org/archive/html/info-gnu/2026-06/msg0000…
https://lists.gnu.org/archive/html/info-gnu/2026-06/msg00000.html
https://savannah.gnu.org/bugs/index.php?68363
https://savannah.gnu.org/bugs/index.php?68363
https://savannah.gnu.org/bugs/index.php?68364
https://savannah.gnu.org/bugs/index.php?68364