Lucene search
K

5 matches found

Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2024-46697

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: nfsd: ensure that nfsd4fattrargs.context is zeroed out If nfsd4encodefattr4 ends up doing a...

5.5CVSS5.9AI score0.00188EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2024/09/13 3:13 p.m.17 views

CVE-2024-46697

In the Linux kernel, the following vulnerability has been resolved: nfsd: ensure that nfsd4fattrargs.context is zeroed out If nfsd4encodefattr4 ends up doing a "goto out" before we get to checking for the security label, then args.context will be set to uninitialized junk on the stack, which we'l...

5.5CVSS7.3AI score0.00188EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2024/09/13 5:29 a.m.12 views

CVE-2024-46697 nfsd: ensure that nfsd4_fattr_args.context is zeroed out

In the Linux kernel, the following vulnerability has been resolved: nfsd: ensure that nfsd4fattrargs.context is zeroed out If nfsd4encodefattr4 ends up doing a "goto out" before we get to checking for the security label, then args.context will be set to uninitialized junk on the stack, which we'l...

6.9AI score0.00188EPSS
Exploits0References2
CVE
CVE
added 2024/09/13 5:29 a.m.105 views

CVE-2024-46697

CVE-2024-46697 is a Linux kernel issue in nfsd where nfsd4_fattr_args.context could contain uninitialized data if control flow used a goto out before the security label check. The fix initializes context early to prevent freeing junk on the stack when nfsd4_encode_fattr4 takes that path. Connecte...

5.5CVSS5.2AI score0.00188EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVE
added 2024/09/13 5:29 a.m.10 views

CVE-2024-46697

In the Linux kernel, the following vulnerability has been resolved: nfsd: ensure that nfsd4fattrargs.context is zeroed out If nfsd4encodefattr4 ends up doing a "goto out" before we get to checking for the security label, then args.context will be set to uninitialized junk on the stack, which we'l...

5.5CVSS5.5AI score0.00188EPSS
Exploits0
Rows per page
Query Builder