freeipmi-1.6.18-1.el8_10
エラータID: AXSA:2026-1225:03
Release date:
Thursday, July 9, 2026 - 13:59
Subject:
freeipmi-1.6.18-1.el8_10
Affected Channels:
Asianux Server 8 for x86_64
Severity:
Moderate
Description:
The freeipmi packages contain an Intelligent Platform Management Interface (IPMI) remote console and system management software based on the IPMI specification.
Security Fix(es):
* freeipmi: FreeIPMI: Denial of service via buffer overflow in ipmi-oem client (CVE-2026-50031)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
CVE-2026-50031
Solution:
Update packages.
CVEs:
CVE-2026-50031
ipmi-oem in FreeIPMI before 1.6.18 has exploitable buffer overflows on response messages. The Intelligent Platform Management Interface (IPMI) specification defines a set of interfaces for platform management. It is implemented by a large number of hardware manufacturers to support system management. It is most commonly used for sensor reading (e.g., CPU temperatures through the ipmi-sensors command within FreeIPMI) and remote power control (the ipmipower command). The ipmi-oem client command implements a set of a IPMI OEM commands for specific hardware vendors. If a user has supported hardware, they may wish to use the ipmi-oem command to send a request to a server to retrieve specific information. Two subcommands "ipmi-oem dell get-active-directory-config" and "ipmi-oem fujitsu get-sel-entry-long-text" were found to have exploitable buffer overflows on response messages.
ipmi-oem in FreeIPMI before 1.6.18 has exploitable buffer overflows on response messages. The Intelligent Platform Management Interface (IPMI) specification defines a set of interfaces for platform management. It is implemented by a large number of hardware manufacturers to support system management. It is most commonly used for sensor reading (e.g., CPU temperatures through the ipmi-sensors command within FreeIPMI) and remote power control (the ipmipower command). The ipmi-oem client command implements a set of a IPMI OEM commands for specific hardware vendors. If a user has supported hardware, they may wish to use the ipmi-oem command to send a request to a server to retrieve specific information. Two subcommands "ipmi-oem dell get-active-directory-config" and "ipmi-oem fujitsu get-sel-entry-long-text" were found to have exploitable buffer overflows on response messages.
Additional Info:
N/A
Download:
SRPMS
- freeipmi-1.6.18-1.el8_10.src.rpm
MD5: 1f891c4c533667288240faef8da3dc6e
SHA-256: d7ee7e2409cd59e677c8e8df37840a3addd6ad96fda6fb7121dd07e4a5bc09ac
Size: 3.31 MB
Asianux Server 8 for x86_64
- freeipmi-1.6.18-1.el8_10.i686.rpm
MD5: 0c54fde241633d3898067d2edfa7a913
SHA-256: 524fdf44376f68ae77e186003f50b477a13759eefda06335b4b0a3a4ff6aad25
Size: 2.04 MB - freeipmi-1.6.18-1.el8_10.x86_64.rpm
MD5: a044441c19f503e8910839638bd6ae41
SHA-256: af146150302adce536d2e447c52df9df3913ba4f7d2f21baa01141f96ddedd83
Size: 2.09 MB - freeipmi-bmc-watchdog-1.6.18-1.el8_10.x86_64.rpm
MD5: 11bbcd3efc3b82394a335f4084f0465a
SHA-256: cf4a77a56dcf3f3014289f0a85d01b8227beb1d0d30e8c03da1c8f24bc3993e0
Size: 82.99 kB - freeipmi-devel-1.6.18-1.el8_10.i686.rpm
MD5: 4c372902114b09e039f51d24a6a40b90
SHA-256: a688c1764b4de06baacbfcca6d5fcb29c6a7117c34065f3ff1ab0e7199900eb2
Size: 267.27 kB - freeipmi-devel-1.6.18-1.el8_10.x86_64.rpm
MD5: a4f132975771bc1bd96bcb4105bd6c80
SHA-256: 76482ba48851d85fc649009b23fcbdb13f796f0fc7fe916363af0a0606d84b0a
Size: 267.29 kB - freeipmi-ipmidetectd-1.6.18-1.el8_10.x86_64.rpm
MD5: 9c5fff9ae9a84bd8b533232dd24bf9be
SHA-256: 2f4a115389a2f9ed60509c50ebb0c60c7e98b1d3d9b375c1cabc869591e29a97
Size: 58.80 kB - freeipmi-ipmiseld-1.6.18-1.el8_10.x86_64.rpm
MD5: c3fdbd2ef06147536d39d9a7727b0f9c
SHA-256: dc7bd3f871e9dac43dd63c2ebcb6b2eee500cf57c759526505a410fefab2f0fa
Size: 124.55 kB