Siemens SIMATIC Devices Unchecked Error Condition (CVE-2024-36939)

In the Linux kernel, the following vulnerability has been resolved: nfs: Handle error of rpcprocregister in nfsnetinit. syzkaller reported a warning 0 triggered while destroying immature netns. rpcprocregister was called in initnfsfs, but its error has been ignored since at least the initial comm...

Siemens SIMATIC Devices Use After Free (CVE-2024-35955)

kprobes: Fix possible use-after-free issue on kprobe registration This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid503699; scriptversion"1.2";...

Siemens SIMATIC, SCALANCE and RUGGEDCOM Devices NULL Pointer Dereference (CVE-2024-47705)

In the Linux kernel, the following vulnerability has been resolved: block: fix potential invalid pointer dereference in blkaddpartition The blkaddpartition function initially used a single if-condition ISERRpart to check for errors when adding a partition. This was modified to handle the specific...

Siemens SIMATIC Devices Improper Resource Shutdown or Release (CVE-2024-36004)

i40e: Do not use WQMEMRECLAIM flag for workqueue This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid503470; scriptversion"1.2";...

Siemens SIMATIC Devices NULL Pointer Dereference (CVE-2024-58058)

ubifs: skip dumping tnc tree when zroot is null This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid503392; scriptversion"1.2";...

Siemens SIMATIC and SCALANCE Devices Improper Validation of Array Index (CVE-2025-21692)

net: sched: fix ets qdisc OOB Indexing This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid503404; scriptversion"1.3";...

Siemens SIMATIC, SCALANCE and RUGGEDCOM Devices Use of Uninitialized Resource (CVE-2024-50302)

In the Linux kernel, the following vulnerability has been resolved: HID: core: zero-initialize the report buffer Since the report buffer is used by all kinds of drivers in various ways, let's zero-initialize it during allocation to make sure that it can't be ever used to leak kernel memory via...

Siemens SIMATIC Devices Improper Input Validation (CVE-2024-27078)

Vulnerability in Linux kernel: media: v4l2-tpg: some memleaks in tpgalloc In tpgalloc, resources should be deallocated in each and every error-handling paths, since they are allocated in for statements. Otherwise there would be memleaks because tpgfree is called only when tpgalloc return 0. This...

Siemens SIMATIC Devices Use of Uninitialized Resource (CVE-2024-35915)

nfc: nci: Fix uninit-value in ncidevup and ncintfpacket This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid503499; scriptversion"1.2";...

Siemens SIMATIC Devices Improper Input Validation (CVE-2024-27024)

Vulnerability in the Linux kernel: net/rds: WARNING in rdsconnconnectifdown If connection isn't established yet, getmr will fail, trigger connection after getmr. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL...

Siemens SIMATIC Devices Race Condition (CVE-2024-24858)

A race condition was found in the Linux kernel's net/bluetooth in conn,advmin,maxintervalset function. This can result in I2cap connection or broadcast abnormality issue, possibly leading to denial of service. This plugin only works with Tenable.ot. Please visit...

Siemens SIMATIC Devices Improper Input Validation (CVE-2024-26883)

bpf: Fix stackmap overflow check on 32-bit arches. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid503495; scriptversion"1.2";...

Siemens SIMATIC Devices Integer Overflow or Wraparound (CVE-2025-21711)

net/rose: prevent integer overflows in rosesetsockopt This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid503507; scriptversion"1.2";...

Siemens SIMATIC Devices Improper Input Validation (CVE-2024-33847)

f2fs: compress: Released compress inode f2fs image may be corrupted. The reason is partial truncation assume compressed inode has reserved blocks, after partial truncation, valid block count may change w/o .iblocks and .totalvalidblockcount update, resulting in corruption. This plugin only works...

Siemens SIMATIC Devices Deadlock (CVE-2024-42090)

pinctrl: deadlock in createpinctrl when handling -EPROBEDEFER. In createpinctrl, pinctrlmapsmutex is acquired before calling addsetting. If addsetting returns -EPROBEDEFER, createpinctrl calls pinctrlfree. However, pinctrlfree attempts to acquire pinctrlmapsmutex, which is already held by...

Siemens SIMATIC Devices Missing Release of Memory after Effective Lifetime (CVE-2025-21683)

bpf: Fix bpfskselectreuseport memory leak This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid503626; scriptversion"1.2";...

Siemens SIMATIC, SCALANCE and RUGGEDCOM Devices Race Condition (CVE-2024-46679)

In the Linux kernel, the following vulnerability has been resolved: ethtool: check device is present when getting link settings. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc...

Siemens SIMATIC Devices Race Condition (CVE-2024-26810)

In the Linux kernel, the following vulnerability has been resolved: vfio/pci: Lock external INTx masking ops This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if descripti...

Siemens SIMATIC Devices Stack-based Buffer Overflow (CVE-2021-47107)

NFSD: READDIR buffer overflow. If a client sends a READDIR count argument that is too small say, zero, then the buffer size calculation in the new initdirlist helper functions results in an underflow, allowing the XDR stream functions to write beyond the actual buffer. This calculation has always...

Siemens SIMATIC Devices Improper Locking (CVE-2024-27004)

In the Linux kernel, the following vulnerability has been resolved: clk: Get runtime PM before walking tree during disableunused This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc...