USN-5997-1: IPMItool vulnerability
4 April 2023
IPMItool could be made to crash or run programs if it received specially crafted input.
Releases
Packages
- ipmitool - utility for IPMI control with kernel driver or LAN interface (dae
Details
It was discovered that IPMItool was not properly checking the data received
from a remote LAN party. A remote attacker could possibly use this issue to
to cause a crash or arbitrary code execution.
Update instructions
The problem can be corrected by updating your system to the following package versions:
Ubuntu 20.04
Ubuntu 18.04
Ubuntu 16.04
-
ipmitool
-
1.8.16-3ubuntu0.2+esm1
Available with Ubuntu Pro
In general, a standard system update will make all the necessary changes.