Vulnerability-Lookup

GHSA-9G3M-JQ99-WVQP

Vulnerability from github – Published: 2026-05-27 15:33 – Updated: 2026-05-27 15:33

Details

In the Linux kernel, the following vulnerability has been resolved:

ipmi:ssif: Clean up kthread on errors

If an error occurs after the ssif kthread is created, but before the main IPMI code starts the ssif interface, the ssif kthread will not be stopped.

So make sure the kthread is stopped on an error condition if it is running.

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2026-46044"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-05-27T14:17:23Z",
    "severity": null
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nipmi:ssif: Clean up kthread on errors\n\nIf an error occurs after the ssif kthread is created, but before the\nmain IPMI code starts the ssif interface, the ssif kthread will not\nbe stopped.\n\nSo make sure the kthread is stopped on an error condition if it is\nrunning.",
  "id": "GHSA-9g3m-jq99-wvqp",
  "modified": "2026-05-27T15:33:22Z",
  "published": "2026-05-27T15:33:22Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-46044"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/75c486cb1bcaa1a3ec3a6438498176a3a4998ae4"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/800febc637d1c1974b1e899dea8a07e115d60766"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/858bc8b9edb6eaf0522900128bb9053e2df6b0f6"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

CVE-2026-46044 (GCVE-0-2026-46044)

Vulnerability from cvelistv5 – Published: 2026-05-27 12:56 – Updated: 2026-05-27 12:56

Title

ipmi:ssif: Clean up kthread on errors

Summary

In the Linux kernel, the following vulnerability has been resolved: ipmi:ssif: Clean up kthread on errors If an error occurs after the ssif kthread is created, but before the main IPMI code starts the ssif interface, the ssif kthread will not be stopped. So make sure the kthread is stopped on an error condition if it is running.

Severity

No CVSS data available.

Assigner

Linux

References

3 references

URL	Tags
https://git.kernel.org/stable/c/858bc8b9edb6eaf05…
https://git.kernel.org/stable/c/800febc637d1c1974…
https://git.kernel.org/stable/c/75c486cb1bcaa1a3e…

Impacted products

2 products

Vendor	Product	Version
Linux	Linux	Affected: 259307074bfcf1ff88016e12c68f057aee6cb694 , < 858bc8b9edb6eaf0522900128bb9053e2df6b0f6 (git) Affected: 259307074bfcf1ff88016e12c68f057aee6cb694 , < 800febc637d1c1974b1e899dea8a07e115d60766 (git) Affected: 259307074bfcf1ff88016e12c68f057aee6cb694 , < 75c486cb1bcaa1a3ec3a6438498176a3a4998ae4 (git)
Linux	Linux	Affected: 3.19 Unaffected: 0 , < 3.19 (semver) Unaffected: 6.18.27 , ≤ 6.18.* (semver) Unaffected: 7.0.4 , ≤ 7.0.* (semver) Unaffected: 7.1-rc1 , ≤ * (original_commit_for_fix)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/char/ipmi/ipmi_ssif.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "858bc8b9edb6eaf0522900128bb9053e2df6b0f6",
              "status": "affected",
              "version": "259307074bfcf1ff88016e12c68f057aee6cb694",
              "versionType": "git"
            },
            {
              "lessThan": "800febc637d1c1974b1e899dea8a07e115d60766",
              "status": "affected",
              "version": "259307074bfcf1ff88016e12c68f057aee6cb694",
              "versionType": "git"
            },
            {
              "lessThan": "75c486cb1bcaa1a3ec3a6438498176a3a4998ae4",
              "status": "affected",
              "version": "259307074bfcf1ff88016e12c68f057aee6cb694",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/char/ipmi/ipmi_ssif.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "3.19"
            },
            {
              "lessThan": "3.19",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.18.*",
              "status": "unaffected",
              "version": "6.18.27",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "7.0.*",
              "status": "unaffected",
              "version": "7.0.4",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "7.1-rc1",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.18.27",
                  "versionStartIncluding": "3.19",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "7.0.4",
                  "versionStartIncluding": "3.19",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "7.1-rc1",
                  "versionStartIncluding": "3.19",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nipmi:ssif: Clean up kthread on errors\n\nIf an error occurs after the ssif kthread is created, but before the\nmain IPMI code starts the ssif interface, the ssif kthread will not\nbe stopped.\n\nSo make sure the kthread is stopped on an error condition if it is\nrunning."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-05-27T12:56:59.663Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/858bc8b9edb6eaf0522900128bb9053e2df6b0f6"
        },
        {
          "url": "https://git.kernel.org/stable/c/800febc637d1c1974b1e899dea8a07e115d60766"
        },
        {
          "url": "https://git.kernel.org/stable/c/75c486cb1bcaa1a3ec3a6438498176a3a4998ae4"
        }
      ],
      "title": "ipmi:ssif: Clean up kthread on errors",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2026-46044",
    "datePublished": "2026-05-27T12:56:59.663Z",
    "dateReserved": "2026-05-13T15:03:33.094Z",
    "dateUpdated": "2026-05-27T12:56:59.663Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

GHSA-9G3M-JQ99-WVQP

CVE-2026-46044 (GCVE-0-2026-46044)

Tags

Sightings

Nomenclature