Advisories » MGASA-2020-0097

Updated ipmitool packages fix security vulnerability

Publication date: 24 Feb 2020
Modification date: 24 Feb 2020
Type: security
Affected Mageia releases : 7
CVE: CVE-2020-5208

Description

Updated ipmitool package fix security vulnerability:

Christopher Ertl found that multiple functions in ipmitool neglect proper
checking of the data received from a remote LAN party, which may lead to
buffer overflows and potentially to remote code execution on the ipmitool
side (CVE-2020-5208).
                

References

• https://bugs.mageia.org/show_bug.cgi?id=26218
• https://www.debian.org/lts/security/2020/dla-2098
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-5208

SRPMS

7/core

• ipmitool-1.8.18-3.1.mga7