11 matches found
Siemens SIMATIC, SCALANCE and RUGGEDCOM Devices Race Condition (CVE-2024-36894)
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: ffs: Fix race between aiocancel and AIO request complete This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc...
Ubuntu: Security Advisory (USN-7009-2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 20.04 LTS / 22.04 LTS : Linux kernel vulnerabilities (USN-7007-1)
The remote Ubuntu 20.04 LTS / 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7007-1 advisory. Chenyuan Yang discovered that the CEC driver driver in the Linux kernel contained a use-after-free vulnerability. A local attacker could use...
SUSE SLES15: cluster-md-kmp-default / dlm-kmp-default / gfs2-kmp-default / etc (SUSE-SU-2024:2495-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:2495-1 advisory. The SUSE Linux Enterprise 15 SP4 kernel was updated to receive various security bugfixes. The following security bugs were fixed: -...
Debian: Security Advisory (DSA-5731-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE-SU-2024:2495-1 Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP4 kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2023-52846: hsr: Prevent use after free in prpcreatetaggedframe bsc1225098. - CVE-2024-36904: tcp: Use refcountincnotzero in tcptwskunique bsc1225732. -...
Debian dsa-5730 : affs-modules-5.10.0-29-4kc-malta-di - security update
The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5730 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-5730-1 [email protected] https://www.debian.org/securit...
SUSE-SU-2024:2362-1 Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2021-47247: net/mlx5e: Fix use-after-free of encap entry in neigh update handler bsc1224865. - CVE-2021-47311: net: qcom/emac: fix UAF in emacremove bsc1225010. ...
SUSE CVE-2024-36894
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: ffs: Fix race between aiocancel and AIO request complete FFS based applications can utilize the aiocancel callback to dequeue pending USB requests submitted to the UDC. There is a scenario where the FFS application...
CVE-2024-36894
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: ffs: Fix race between aiocancel and AIO request complete FFS based applications can utilize the aiocancel callback to dequeue pending USB requests submitted to the UDC. There is a scenario where the FFS application...
CVE-2024-36894
CVE-2024-36894 (Linux kernel) : A race in usb: gadget: f_fs between AIO cancellation and AIO completion for FFS UDC USB requests could lead to use-after-free of io_data->req. The issue occurs when an aio_cancel() from the FFS app overlaps with the UDC soft-disconnect path (notably in DWC3-base...