Critical flaw reported in OpenBMC is an open-source server management firmware

A critical security vulnerability has been identified in the OpenBMC firmware, affecting the slpd-lite component. OpenBMC is an open-source firmware stack designed for Baseboard Management Controllers (BMCs), which are embedded systems used for remote monitoring and management of servers, data centers, and other IT infrastructure.

Thie flaw, tracked as CVE-2024-41660 (CVSS score 9.8) allows attackers with access to the BMC management network to execute malicious code. The vulnerability exists in the default build of OpenBMC, where the slpd-lite package is active by default, posing a significant risk to systems if left unpatched.

The slpd service, which runs with root privileges and listens on UDP port 427, is susceptible due to inadequate input validation. A specially crafted UDP packet can trigger a memory error, enabling attackers to inject malicious code.

No active exploitation of this vulnerability has been reported yet.

The OpenBMC development team has released a patch in the openbmc/slpd-lite repository. Administrators should update their systems immediately.

If an immediate update is not feasible, disabling the slpd service or blocking UDP port 427 can provide temporary protection until the patch can be applied.