CVE-2026-46108 Linux CVE debrief

Who should care

System administrators managing servers with IPMI BMC interfaces; Linux kernel maintainers; organizations relying on out-of-band server management capabilities

Technical summary

The IPMI System Interface (SI) driver in the Linux kernel contains a state management defect where message allocation failures do not properly return the driver to normal operational state. This can result in the driver becoming stalled and unresponsive. The vulnerability is triggered when memory allocation for IPMI messages fails under resource pressure or error conditions. The resolution adds proper state restoration logic to ensure the driver recovers to normal state after allocation failures, maintaining interface availability.

Defensive priority

medium

Recommended defensive actions

• Apply kernel updates containing the referenced stable branch commits when available through distribution channels
• Monitor IPMI SI driver functionality on systems where kernel updates cannot be immediately applied
• Review system logs for IPMI-related stalls or unresponsiveness that may indicate trigger conditions

Evidence notes

The vulnerability description indicates that message allocation failures in the IPMI SI driver could leave the driver in a non-functional state without proper recovery. The fix adds state restoration to normal operational mode when allocation fails. Multiple stable kernel branch commits are referenced, indicating backports to supported kernel versions.

Official resources