Qnap QTS and QuTS hero Use of Externally-Controlled Format String (CVE-2024-50397)

A use of externally-controlled format string vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained user access to obtain secret data or modify memory. We have already fixed the vulnerability i...

Linux Distros Unpatched Vulnerability : CVE-2022-50397

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net/ieee802154: reject zero-sized rawsendmsg syzbot is hitting skbassertlen warning at rawsendmsg for ieee802154 socket. What commit dc633700f00f726e...

CVE-2022-50397

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

CVE-2022-50397

Removed by vendor...

CVE-2022-50397

...

CVE-2022-50397

The CVE-2022-50397 entry is tied to the Linux kernel net/ieee802154 path: raw_sendmsg() with a zero-sized header leading to a skb_assert_len() scenario in the ieee802154 socket. Connected sources indicate this vulnerability has been resolved via a patch/code fix (e.g., the commit referenced by Re...

CVE-2024-50397

A use of externally-controlled format string vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained user access to obtain secret data or modify memory. We have already fixed the vulnerability i...

QNAP QTS Multiple Vulnerabilities (QSA-24-43)

QNAP QTS is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/o:qnap:qts"; ifdescription...

QNAP QuTS hero Multiple Vulnerabilities (QSA-24-43)

QNAP QuTS hero is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/o:qnap:qutshero"; ifdescriptio...

CVE-2024-50397

creationtimestamp| type| source ---|---|--- 2024-11-22 15:51:44+00:00| seen| https://infosec.exchange/users/cve/statuses/113527403614765239 2024-11-23 13:09:03+00:00| seen| https://infosec.exchange/users/vuldb/statuses/113532426204507846 2024-11-26 17:52:20+00:00| seen| https://t.me/itsecnews/482...

CVE-2024-50397

CVE-2024-50397 affects QNAP QTS and QuTS hero: a use of externally-controlled format string vulnerability could allow remote attackers with user access to obtain secret data or modify memory. Affected versions include QTS 5.2.1.2930 build 20241025 and later, and QuTS hero h5.2.1.2929 build 202410...

CVE-2024-50397 QTS, QuTS hero

A use of externally-controlled format string vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained user access to obtain secret data or modify memory. We have already fixed the vulnerability i...