CVE-2026-23322Linux vulnerability

7 documents6 sources
Severity
N/A
No vector
EPSS
0.0%
top 94.14%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedMar 25

Description

In the Linux kernel, the following vulnerability has been resolved: ipmi: Fix use-after-free and list corruption on sender error The analysis from Breno: When the SMI sender returns an error, smi_work() delivers an error response but then jumps back to restart without cleaning up properly: 1. intf->curr_msg is not cleared, so no new message is pulled 2. newmsg still points to the message, causing sender() to be called again with the same message 3. If sender() fails again, deliver_err_respon

Affected Packages4 packages

Linuxlinux/linux_kernel6.18.06.18.17+1
Debianlinux/linux_kernel< 6.19.8-1
CVEListV5linux/linux9cf93a8fa9513c6d3cc65bdd50e05c1355cef322c08ec55617cb9674a060a3392ea08391ab2a4f74+3
debiandebian/linux< linux 6.19.8-1 (forky)

🔴Vulnerability Details

3
GHSA
GHSA-668m-q5h4-jfjc: In the Linux kernel, the following vulnerability has been resolved: ipmi: Fix use-after-free and list corruption on sender error The analysis from B2026-03-25
OSV
ipmi: Fix use-after-free and list corruption on sender error2026-03-25
OSV
CVE-2026-23322: In the Linux kernel, the following vulnerability has been resolved: ipmi: Fix use-after-free and list corruption on sender error The analysis from Bre2026-03-25

📋Vendor Advisories

2
Red Hat
kernel: ipmi: Fix use-after-free and list corruption on sender error2026-03-25
Debian
CVE-2026-23322: linux - In the Linux kernel, the following vulnerability has been resolved: ipmi: Fix u...2026

🕵️Threat Intelligence

1
Wiz
CVE-2026-23322 Impact, Exploitability, and Mitigation Steps | Wiz