9 matches found
Siemens SIMATIC, SCALANCE and RUGGEDCOM Devices Use After Free (CVE-2024-39503)
netfilter: ipset: race between namespace cleanup and gc in the list:set type. The namespace cleanup can destroy the list:set type of sets while the gc of the set type is waiting to run in rcu cleanup. The latter uses data from the destroyed set which thus leads use after free. This plugin only...
Linux Distros Unpatched Vulnerability : CVE-2024-39503
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: Fix race between namespace cleanup and gc in the list:set type Lion...
Amazon Linux 2023 : bpftool, kernel, kernel-devel (ALAS2023-2025-836)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-836 advisory. In the Linux kernel, the following vulnerability has been resolved: net: sched: schmultiq: fix possible OOB write in multiqtune CVE-2024-36978 In the Linux kernel, the following vulnerability h...
RLSA-2024:8856 Moderate: kernel security update
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: net/bluetooth: race condition in conninfomin,maxageset CVE-2024-24857 kernel: dmaengine: fix NULL pointer in channel unregistration function CVE-2023-52492 kernel: netfilter:...
RHEL 8 : kernel (RHSA-2024:8856)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:8856 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: net/bluetooth: race condition ...
ALSA-2024:8856 Moderate: kernel security update
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: net/bluetooth: race condition in conninfomin,maxageset CVE-2024-24857 kernel: dmaengine: fix NULL pointer in channel unregistration function CVE-2023-52492 kernel: netfilter:...
Moderate: kernel-rt security update
The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fixes: kernel: net/bluetooth: race condition in conninfomin,maxageset CVE-2024-24857 kernel: dmaengine: fix NULL pointer in channel unregistratio...
Oracle Linux 7 / 8 : Unbreakable Enterprise kernel (ELSA-2024-12581)
The remote Oracle Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-12581 advisory. - net/mlx5e: drop shorter ethernet frames Manjunath Patil Orabug: 36879157 CVE-2024-41090 CVE-2024-41091 - netfilter: ipset: Fix race between...
CVE-2024-39503 netfilter: ipset: Fix race between namespace cleanup and gc in the list:set type
In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: Fix race between namespace cleanup and gc in the list:set type Lion Ackermann reported that there is a race condition between namespace cleanup in ipset and the garbage collection of the list:set type. The...