19 matches found
Siemens SCALANCE and RUGGEDCOM Devices Improper Input Validation (CVE-2024-44999)
gtp: missing network headers in gtpdevxmit. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid504489; scriptversion"1.2";...
Linux Distros Unpatched Vulnerability : CVE-2024-44999
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - gtp: pull network headers in gtpdevxmit syzbot/KMSAN reported use of uninit-value in getdevxmit 1 We must make sure the IPv4 or Ipv6 header is pulled in skb-hea...
Azure Linux 3.0 Security Update: kernel (CVE-2024-44999)
The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-44999 advisory. - In the Linux kernel, the following vulnerability has been resolved: gtp: pull network headers in gtpdevxmit...
CVE-2024-44999 affecting package kernel for versions less than 6.6.51.1-1
CVE-2024-44999 affecting package kernel for versions less than 6.6.51.1-1. An upgraded version of the package is available that resolves this issue...
CBL Mariner 2.0 Security Update: kernel (CVE-2024-44999)
The version of kernel installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-44999 advisory. - In the Linux kernel, the following vulnerability has been resolved: gtp: pull network headers in gtpdevxmit...
CVE-2024-44999 affecting package kernel for versions less than 5.15.167.1-1
CVE-2024-44999 affecting package kernel for versions less than 5.15.167.1-1. An upgraded version of the package is available that resolves this issue...
SUSE SLED12: cluster-md-kmp-default / dlm-kmp-default / gfs2-kmp-default / etc (SUSE-SU-2024:3559-1)
The remote SUSE Linux SLED12 / SLEDSAP12 / SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:3559-1 advisory. The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security bugfixes. The following securi...
SUSE SLES15: kernel-coco / kernel-coco-devel / kernel-coco_debug / etc (SUSE-SU-2024:3553-1)
The remote SUSE Linux SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:3553-1 advisory. The SUSE Linux Enterprise 15 SP6 CoCo kernel was updated to receive various security bugfixes. The following security bugs were fixed: -...
SUSE-SU-2024:3551-1 Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP6 Azure kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2023-52610: net/sched: actct: fix skb leak and crash on ooo frags bsc1221610. - CVE-2023-52752: smb: client: fix use-after-free bug in cifsdebugdataprocsho...
Photon OS 3.0: Linux PHSA-2024-3.0-0795
An update of the linux package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2024-3.0-0795. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...
Photon OS 5.0: Linux PHSA-2024-5.0-0374
An update of the linux package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2024-5.0-0374. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...
CVE-2024-44999
A use-after-free vulnerability was found in the Linux kernel's GPRS Tunneling Protocol GTP driver, specifically in the gtpdevxmit function. This issue is due to the IPv4 or IPv6 headers not being properly pulled into the skb-head before being accessed. This led to the use of uninitialized values,...
CVE-2024-44999
In the Linux kernel, the following vulnerability has been resolved: gtp: pull network headers in gtpdevxmit syzbot/KMSAN reported use of uninit-value in getdevxmit 1 We must make sure the IPv4 or Ipv6 header is pulled in skb-head before accessing fields in them. Use pskbinetmaypull to fix this...
AZL-48777 CVE-2024-44999 affecting package kernel for versions less than 5.15.167.1-1
In the Linux kernel, the following vulnerability has been resolved: gtp: pull network headers in gtpdevxmit syzbot/KMSAN reported use of uninit-value in getdevxmit 1 We must make sure the IPv4 or Ipv6 header is pulled in skb-head before accessing fields in them. Use pskbinetmaypull to fix this...
CVE-2024-44999
In the Linux kernel, the following vulnerability has been resolved: gtp: pull network headers in gtpdevxmit syzbot/KMSAN reported use of uninit-value in getdevxmit 1 We must make sure the IPv4 or Ipv6 header is pulled in skb-head before accessing fields in them. Use pskbinetmaypull to fix this...
UBUNTU-CVE-2024-44999
In the Linux kernel, the following vulnerability has been resolved: gtp: pull network headers in gtpdevxmit syzbot/KMSAN reported use of uninit-value in getdevxmit 1 We must make sure the IPv4 or Ipv6 header is pulled in skb-head before accessing fields in them. Use pskbinetmaypull to fix this...
CVE-2024-44999
In the Linux kernel, the following vulnerability has been resolved: gtp: pull network headers in gtpdevxmit syzbot/KMSAN reported use of uninit-value in getdevxmit 1 We must make sure the IPv4 or Ipv6 header is pulled in skb-head before accessing fields in them. Use pskbinetmaypull to fix this...
CVE-2024-44999
CVE-2024-44999 refers to a Linux kernel issue in gtp: pull network headers in gtp_dev_xmit() where syzbot/KMSAN detected uninitialized usage in get_dev_xmit(). The problem required ensuring IPv4/IPv6 headers are pulled into skb->head before accessing their fields. The fix implemented is to use...
CVE-2024-44999 gtp: pull network headers in gtp_dev_xmit()
In the Linux kernel, the following vulnerability has been resolved: gtp: pull network headers in gtpdevxmit syzbot/KMSAN reported use of uninit-value in getdevxmit 1 We must make sure the IPv4 or Ipv6 header is pulled in skb-head before accessing fields in them. Use pskbinetmaypull to fix this...