CVE-2021-39295

Name of the Vulnerable Software and Affected Versions OpenBMC version 2.9

Description The issue allows an attacker to cause a denial of service to the BMC via the netipmid (IPMI lan+) interface by sending crafted IPMI messages.

Recommendations For OpenBMC version 2.9, consider restricting access to the netipmid interface until a patch is available. As a temporary workaround, monitor the system for unusual IPMI message traffic to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.