Ya-Mouse

**Name of the Vulnerable Software and Affected Versions** OpenBMC version 2.9 **Description** The issue allows an attacker to cause a denial of service to the BMC via the netipmid (IPMI lan+) interface by sending crafted IPMI messages. **Recommendations** For OpenBMC version 2.9, consider restricting access to the netipmid interface until a patch is available. As a temporary workaround, monitor the system for unusual IPMI message traffic to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** OpenBMC version 2.9 **Description** The issue is related to the netipmid interface (IPMI lan+) in the OpenBMC embedded operating system, which is associated with errors during the authentication procedure. An attacker can exploit this issue by sending crafted IPMI messages, allowing them to bypass authentication and gain full control of the system. **Recommendations** For OpenBMC version 2.9, as a temporary workaround, consider restricting access to the netipmid interface until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.