ALT-PU-2023-2333-1
Package ipmitool updated to version 1.8.19-alt1 for branch sisyphus_e2k.
Closed vulnerabilities
BDU:2020-03947
Уязвимость реализации функций read_fru_area(), read_fru_area_section(), ipmi_spd_print_fru(), ipmi_get_session_info(), ipmi_get_channel_cipher_suites() и get_lan_param_select() утилиты для управления и настройки устройств с поддержкой IPMI ipmitool, позволяющая нарушителю вызвать отказ в обслуживании или выполнить произвольный код
BDU:2020-04640
Уязвимость функции read_fru_area_section (lib/ipmi_fru.c) утилиты для управления и настройки устройств с поддержкой IPMI ipmitool, связанная с выходом операции за границы буфера в памяти, позволяющая нарушителю выполнить произвольный код
Modified: 2024-11-21
CVE-2020-5208
It's been found that multiple functions in ipmitool before 1.8.19 neglect proper checking of the data received from a remote LAN party, which may lead to buffer overflows and potentially to remote code execution on the ipmitool side. This is especially dangerous if ipmitool is run as a privileged user. This problem is fixed in version 1.8.19.
- openSUSE-SU-2020:0247
- openSUSE-SU-2020:0247
- https://github.com/ipmitool/ipmitool/commit/e824c23316ae50beb7f7488f2055ac65e8b341f2
- https://github.com/ipmitool/ipmitool/commit/e824c23316ae50beb7f7488f2055ac65e8b341f2
- https://github.com/ipmitool/ipmitool/security/advisories/GHSA-g659-9qxw-p7cp
- https://github.com/ipmitool/ipmitool/security/advisories/GHSA-g659-9qxw-p7cp
- [debian-lts-announce] 20200209 [SECURITY] [DLA 2098-1] ipmitool security update
- [debian-lts-announce] 20200209 [SECURITY] [DLA 2098-1] ipmitool security update
- [debian-lts-announce] 20210630 [SECURITY] [DLA 2699-1] ipmitool security update
- [debian-lts-announce] 20210630 [SECURITY] [DLA 2699-1] ipmitool security update
- FEDORA-2020-eb0cf4d268
- FEDORA-2020-eb0cf4d268
- FEDORA-2020-92cc67ff5a
- FEDORA-2020-92cc67ff5a
- GLSA-202101-03
- GLSA-202101-03