Siemens SIMATIC Devices Use After Free (CVE-2025-21760)

ndisc: extend RCU protection in ndiscsendskb This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid503636; scriptversion"1.2";...

Siemens SIMATIC Devices Missing Release of Memory after Effective Lifetime (CVE-2024-58063)

wifi: rtlwifi: fix memory leaks and invalid access at probe error path This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid503591; scriptversion"1.2";...

Siemens SIMATIC Devices Improper Input Validation (CVE-2025-21728)

bpf: Send signals asynchronously if !preemptible BPF programs can execute in all kinds of contexts and when a program running in a non- preemptible context uses the bpfsendsignal kfunc, it will cause issues because this kfunc can sleep. This plugin only works with Tenable.ot. Please visit...

Siemens SIMATIC Devices Use After Free (CVE-2025-21761)

openvswitch: use RCU protection in ovsvportcmdfillinfo This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid503450; scriptversion"1.2";...

Siemens SIMATIC Devices Improper Input Validation (CVE-2024-26993)

In the Linux kernel, the following vulnerability has been resolved: fs: sysfs: Fix reference leak in sysfsbreakactiveprotection This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc...

Siemens SIMATIC Devices Improper Input Validation (CVE-2024-26861)

wireguard: receive: data-race around receivingcounter.counter. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid503717; scriptversion"1.2";...

Siemens SIMATIC Devices Out-of-bounds Write (CVE-2025-21865)

gtp: Suppress list corruption splat in gtpnetexitbatchrtnl. Commit eb28fd76c0a0 gtp: Destroy device along with udp socket's netns dismantle. added the foreachnetdev loop in gtpnetexitbatchrtnl to destroy devices in each netns as done in geneve and ip tunnels. However, this could trigger -dellink...

Siemens SIMATIC Devices NULL Pointer Dereference (CVE-2025-21639)

In the Linux kernel, the following vulnerability has been resolved: sctp: sysctl: rtomin/max: avoid using current-nsproxy As mentioned in a previous commit of this series, using the 'net' structure via 'current' is not recommended for different reasons: - Inconsistency: getting info from the...

Siemens SIMATIC, SCALANCE and RUGGEDCOM Devices Use After Free (CVE-2024-44987)

In the Linux kernel, the following vulnerability has been resolved: ipv6: prevent UAF in ip6sendskb. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description...

Siemens SIMATIC Devices NULL Pointer Dereference (CVE-2025-21744)

wifi: brcmfmac: fix NULL pointer dereference in brcmftxfinalize This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid503684; scriptversion"1.2";...

Siemens SIMATIC Devices Race Condition (CVE-2024-57913)

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: ffs: Remove WARNON in functionfsbind This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if...

Siemens SIMATIC Devices Incorrect Calculation of Buffer Size (CVE-2024-42259)

In the Linux kernel, the following vulnerability has been resolved: drm/i915/gem: Fix Virtual Memory mapping boundaries calculation Calculating the size of the mapped area as the lesser value between the requested size and the actual size does not consider the partial mapping offset. This can cau...

Siemens SIMATIC Devices Race Condition (CVE-2024-35898)

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: Fix potential data-race in nftflowtabletypeget nftunregisterflowtabletype within nfflowinetmoduleexit can concurrent with nftflowtabletypeget within nftablesnewflowtable. And thhere is not any protection when...

Siemens SIMATIC, SCALANCE and RUGGEDCOM Devices Improper Initialization (CVE-2024-50015)

ext4: dax: Overflowing extents beyond inode size when partially writing. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid503434; scriptversion"1.3...

Siemens SIMATIC, SCALANCE and RUGGEDCOM Devices Out-of-bounds Write (CVE-2024-50188)

net: phy: dp83869: fix memory corruption when enabling fiber. When configuring the fiber port, the DP83869 PHY driver incorrectly calls linkmodesetbit with a bit mask 1 10 rather than a bit number 10. This corrupts some other memory location -- in case of arm64 the priv pointer in the same...

Siemens SIMATIC Devices Improper Check for Unusual or Exceptional Conditions (CVE-2024-47672)

In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: don't wait for tx queues if firmware is dead There is a WARNING in iwltranswaittxqueuesempty that was recently converted from just a message, that can be hit if we wait for TX queues to become empty after...

Siemens SIMATIC Devices Improper Input Validation (CVE-2024-38558)

net: openvswitch: fix overwriting ct original tuple for ICMPv6 OVSPACKETCMDEXECUTE has 3 main attributes: - OVSPACKETATTRKEY - Packet metadata in a netlink format. - OVSPACKETATTRPACKET - Binary packet content. - OVSPACKETATTRACTIONS - Actions to execute on the packet. OVSPACKETATTRKEY is parsed...

Siemens SIMATIC Devices Divide By Zero (CVE-2024-50205)

In the Linux kernel, the following vulnerability has been resolved: ALSA: firewire-lib: Avoid division by zero in applyconstrainttosize The step variable is initialized to zero. It is changed in the loop, but if it's not changed it will remain zero. Add a variable check before the division. The...

Siemens SIMATIC Devices NULL Pointer Dereference (CVE-2024-36902)

Vulnerability in Linux kernel: ipv6: fib6rules: avoid possible NULL dereference in fib6ruleaction syzbot is able to trigger the following crash 1, caused by unsafe ip6dstidev use. Indeed ip6dstidev can return NULL, and must always be checked. This plugin only works with Tenable.ot. Please visit...

Siemens SIMATIC Devices NULL Pointer Dereference (CVE-2024-58020)

HID: multitouch: Add NULL check in mtinputconfigured This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid503738; scriptversion"1.2";...