Lucene search
+L

8 matches found

Tenable Nessus
Tenable Nessus
added 2025/11/18 12:0 a.m.2 views

Siemens SCALANCE and RUGGEDCOM Devices Improper Restriction of Operations within the Bounds of a Memory Buffer (CVE-2024-39499)

vmci: speculation leaks by sanitizing event in eventdeliver. eventmsg is controlled by user-space, eventmsg-eventdata.event is passed to eventdeliver and used as an index without sanitization, leading to information leaks. This plugin only works with Tenable.ot. Please visit...

7.1CVSS6.8AI score0.00296EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2024-39499

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - vmci: prevent speculation leaks by sanitizing event in eventdeliver Coverity spotted that eventmsg is controlled by user-space, eventmsg-eventdata.event is pass...

7.1CVSS6.3AI score0.00296EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2024/12/18 12:0 a.m.17 views

RHEL 9 : kernel (RHSA-2024:11313)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:11313 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: hwmon: w83793 Fix NULL pointe...

7.8CVSS6.8AI score0.01028EPSS
Exploits0References11
Oracle linux
Oracle linux
added 2024/11/27 12:0 a.m.54 views

Unbreakable Enterprise kernel security update

4.1.12-124.92.3 - memcgwriteeventcontrol: fix a user-triggerable oops Al Viro Orabug: 37070674 CVE-2024-45021 - ocfs2: fix races between hole punching and AIO+DIO Su Yue Orabug: 36835819 CVE-2024-40943 4.1.12-124.92.2 - fbdev: savage: Handle err return when savagefbcheckvar failed Cai Xinchen...

7.8CVSS7.2AI score0.00622EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2024/07/15 5:4 p.m.27 views

CVE-2024-39499

A vulnerability was found in the eventdeliver function in the Linux kernel's VMCI component, where the issue involves a lack of sanitization for the eventdata.event index controlled by user-space, which could lead to speculative information leaks. Mitigation Mitigation for this issue is either no...

4.1CVSS8.3AI score0.00296EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2024/07/12 1:15 p.m.23 views

CVE-2024-39499

In the Linux kernel, the following vulnerability has been resolved: vmci: prevent speculation leaks by sanitizing event in eventdeliver Coverity spotted that eventmsg is controlled by user-space, eventmsg-eventdata.event is passed to eventdeliver and used as an index without sanitization. This...

7.1CVSS6.4AI score0.00296EPSS
Exploits0References21
Debian CVE
Debian CVE
added 2024/07/12 12:20 p.m.22 views

CVE-2024-39499

In the Linux kernel, the following vulnerability has been resolved: vmci: prevent speculation leaks by sanitizing event in eventdeliver Coverity spotted that eventmsg is controlled by user-space, eventmsg-eventdata.event is passed to eventdeliver and used as an index without sanitization. This...

7.1CVSS5.5AI score0.00296EPSS
Exploits0
CVE
CVE
added 2024/07/12 12:20 p.m.192 views

CVE-2024-39499

CVE-2024-39499 (Linux kernel, vmci): The vulnerability allows speculative leaks via event_deliver() because user-controlled event_msg->event_data.event was used as an index without sanitization. The fix sanitizes the index to mitigate speculative information leaks. The issue is exploitable loc...

7.1CVSS6.3AI score0.00296EPSS
Exploits0References9Affected Software1
Rows per page
Query Builder