{"id":"MGASA-2023-0135","summary":"Updated ipmitool packages fix security vulnerability","details":"It's been found that multiple functions in ipmitool before 1.8.19 neglect\nproper checking of the data received from a remote LAN party, which may\nlead to buffer overflows and potentially to remote code execution on the\nipmitool side. This is especially dangerous if ipmitool is run as a\nprivileged user. This problem is fixed in version 1.8.19. (CVE-2020-5208)\n","modified":"2026-02-01T11:01:50.495036Z","published":"2023-04-11T19:02:20Z","related":["CVE-2020-5208"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2023-0135.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=31759"},{"type":"REPORT","url":"https://ubuntu.com/security/notices/USN-5997-1"}],"affected":[{"package":{"name":"ipmitool","ecosystem":"Mageia:8","purl":"pkg:rpm/mageia/ipmitool?arch=source&distro=mageia-8"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.8.18-7.1.mga8"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2023-0135.json"}}],"schema_version":"1.7.3","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}