13 matches found
Siemens SIMATIC, SCALANCE and RUGGEDCOM Devices Uncontrolled Resource Consumption (CVE-2024-46745)
In the Linux kernel, the following vulnerability has been resolved: Input: uinput - reject requests with unreasonable number of slots When exercising uinput interface syzkaller may try setting up device with a really large number of slots, which causes memory allocation failure in inputmtinitslot...
Linux Distros Unpatched Vulnerability : CVE-2024-46745
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Input: uinput - reject requests with unreasonable number of slots When exercising uinput interface syzkaller may try setting up device with a really large numbe...
Azure Linux 3.0 Security Update: kernel (CVE-2024-46758)
The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-46758 advisory. - 2024-10-24: CVE-2024-46828 was added to this advisory. 2024-10-24: CVE-2024-46840 was added to this advisory...
Ubuntu: Security Advisory (USN-7100-2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Important: kernel
Issue Overview: In the Linux kernel, the following vulnerability has been resolved: perf/aux: Fix AUX buffer serialization CVE-2024-46713 In the Linux kernel, the following vulnerability has been resolved: btrfs: fix race between direct IO write and fsync when using same fd CVE-2024-46734 In the...
Amazon Linux 2023 : bpftool, kernel, kernel-devel (ALAS2023-2024-744)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2024-744 advisory. In the Linux kernel, the following vulnerability has been resolved: bpf: Silence a warning in btftypeidsize CVE-2023-54247 In the Linux kernel, the following vulnerability has been resolved:...
Medium: kernel
Issue Overview: In the Linux kernel, the following vulnerability has been resolved: perf/aux: Fix AUX buffer serialization CVE-2024-46713 In the Linux kernel, the following vulnerability has been resolved: btrfs: fix race between direct IO write and fsync when using same fd CVE-2024-46734 In the...
Amazon Linux 2023 : bpftool, kernel, kernel-devel (ALAS2023-2024-724)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2024-724 advisory. In the Linux kernel, the following vulnerability has been resolved: perf/aux: Fix AUX buffer serialization CVE-2024-46713 In the Linux kernel, the following vulnerability has been resolved:...
SUSE-SU-2024:3566-1 Security update for the Linux Kernel
The SUSE Linux Enterprise 12 SP5 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2024-46854: net: dpaa: Pad packets to ETHZLEN bsc1231084. - CVE-2024-46770: ice: Add netifdeviceattach/detach into PF reset flow bsc1230763. - CVE-2024-41073:...
Amazon Linux 2 : kernel, --advisory ALAS2KERNEL-5.4-2024-086 (ALASKERNEL-5.4-2024-086)
The version of kernel installed on the remote host is prior to 5.4.284-196.380. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.4-2024-086 advisory. In the Linux kernel, the following vulnerability has been resolved: ima: Fix use-after-free on a dentry's...
CVE-2024-46745
In the Linux kernel, the following vulnerability has been resolved: Input: uinput - reject requests with unreasonable number of slots When exercising uinput interface syzkaller may try setting up device with a really large number of slots, which causes memory allocation failure in inputmtinitslot...
CVE-2024-46745
In the Linux kernel, the following vulnerability has been resolved: Input: uinput - reject requests with unreasonable number of slots When exercising uinput interface syzkaller may try setting up device with a really large number of slots, which causes memory allocation failure in inputmtinitslot...
CVE-2024-46745
CVE-2024-46745 affects the Linux kernel uinput interface. The root cause is an unbounded request for slots via syzkaller, causing memory allocation failure in input_mt_init_slots. The fix limits the allowed number of slots to 100 (extendable if devices require more). Consequences described in the...