Copyright © 2012 Red Hat, Inc. All rights reserved. Moderate 2026-05-27T00:00:00 kernel: ibmasm: fix heap over-read in ibmasm_send_i2o_message() 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CWE-125

A flaw was found in the Linux kernel's ibmasm module. A local root user can exploit a heap over-read vulnerability within the `ibmasm_send_i2o_message()` function. This vulnerability arises from insufficient validation of user-controlled input sizes, allowing the system to read beyond allocated memory. Such an exploit could lead to the disclosure of sensitive kernel heap information and potentially cause the service processor to desynchronize, impacting overall system stability.

Red Hat Enterprise Linux 10 Not affected kernel Red Hat Enterprise Linux 6 Out of support scope kernel Red Hat Enterprise Linux 7 Not affected kernel Red Hat Enterprise Linux 7 Not affected kernel-rt Red Hat Enterprise Linux 8 Not affected kernel Red Hat Enterprise Linux 8 Not affected kernel-rt Red Hat Enterprise Linux 9 Not affected kernel Red Hat Enterprise Linux 9 Not affected kernel-rt https://www.cve.org/CVERecord?id=CVE-2026-46064 https://nvd.nist.gov/vuln/detail/CVE-2026-46064 https://lore.kernel.org/linux-cve-announce/2026052756-CVE-2026-46064-ba4f@gregkh/T