SUSE-SU-2026:2380-1 Security update for hplip

This update for hplip fixes the following issues Update to HPLIP 3.26.4: Security issues: - CVE-2025-43023: weak code signing DSA key used to generate package signatures can lead to key spoofing and malicious software installation bsc1266031. - CVE-2026-8631: escalation of privileges and/or...

SHARP MFPs Stored Cross-Site Scripting (CVE-2024-48870)

Sharp and Toshiba Tec MFPs improperly validate input data in URI data registration, resulting in a stored cross-site scripting vulnerability. If crafted input is stored by an administrative user, malicious script may be executed on the web browsers of other victim users. This plugin only works wi...

SHARP MFPs Configuration API Vulnerability (CVE-2024-47005)

Sharp and Toshiba Tec MFPs provide configuration related APIs. They are expected to be called by administrative users only, but insufficiently restricted. A non-administrative user may execute some configuration APIs. This plugin only works with Tenable.ot. Please visit...

EUVD-2025-206522

Multiple MFPs provided by Brother Industries, Ltd. does not properly validate server certificates, which may allow a man-in-the-middle attacker to replace the set of root certificates used by the product with a set of arbitrary certificates...

Azure Linux 3.0 Security Update: hyperv-daemons (CVE-2024-27434)

The version of hyperv-daemons installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-27434 advisory. - In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: don't set th...

Siemens SIMATIC, SCALANCE and RUGGEDCOM Devices Use of Uninitialized Resource (CVE-2024-46744)

In the Linux kernel, the following vulnerability has been resolved: Squashfs: sanity check symbolic link size. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if...

Siemens SIMATIC, SCALANCE and RUGGEDCOM Devices Incomplete Cleanup (CVE-2024-49851)

tpm: Clean up TPM space after command failure tpmdevtransmit prepares the TPM space before attempting command transmission. However if the command fails no rollback of this preparation is done. This can result in transient handles being leaked if the device is subsequently closed with no further...

Siemens SIMATIC Devices Use After Free (CVE-2024-26961)

In the Linux kernel, the following vulnerability has been resolved: mac802154: fix llsec key resources release in mac802154llseckeydel This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc...

Siemens SIMATIC Devices Exposure of Resource to Wrong Sphere (CVE-2024-36959)

In the Linux kernel, the following vulnerability has been resolved: pinctrl: devicetree: fix refcount leak in pinctrldttomap If we fail to allocate propname buffer, we need to drop the reference count we just took. Because the pinctrldtfreemaps includes the droping operation, here we call it...

Siemens SIMATIC Devices Improper Input Validation (CVE-2025-21704)

usb: cdc-acm: Check control transfer buffer size before access This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid503558; scriptversion"1.2";...

Siemens SIMATIC, SCALANCE and RUGGEDCOM Devices Return of Wrong Status Code (CVE-2024-40945)

iommu: Return right value in iommusvabinddevice iommusvabinddevice should return either a sva bond handle or an ERRPTR value in error cases. Existing drivers idxd and uacce only check the return value with ISERR. This could potentially lead to a kernel NULL pointer dereference issue if the functi...

Siemens SIMATIC Devices Improper Input Validation (CVE-2024-35902)

net/rds: possible cp null dereference cp might be null, calling cp-cpconn would produce null dereference. Cp is a parameter of rdsrdmamap and is not reassigned. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 809...

Siemens SIMATIC Devices Integer Overflow or Wraparound (CVE-2024-23307)

Integer Overflow or Wraparound vulnerability in Linux Linux kernel kernel on Linux, x86, ARM md, raid, raid5 modules allows Forced Integer Overflow. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable...

Siemens SIMATIC Devices Race Condition (CVE-2024-50010)

In the Linux kernel, the following vulnerability has been resolved: exec: don't WARN for racy pathnoexec check Both imode and noexec checks wrapped in WARNON stem from an artifact of the previous implementation. They used to legitimately check for the condition, but that got moved up in two...

Siemens SIMATIC Devices Improper Input Validation (CVE-2024-27437)

In the Linux kernel, the following vulnerability has been resolved: vfio/pci: Disable auto-enable of exclusive INTx IRQ Currently for devices requiring masking at the irqchip for INTx, ie. devices without DisINTx support, the IRQ is enabled in requestirq and subsequently disabled as necessary to...

Siemens SIMATIC Devices Improper Validation of Array Index (CVE-2024-35905)

In the Linux kernel, the following vulnerability has been resolved: bpf: Protect against int overflow for stack access size This patch re-introduces protection against the size of access to stack memory being negative; the access size can appear negative as a result of overflowing its signed int...

Siemens SIMATIC, SCALANCE and RUGGEDCOM Devices Improper Input Validation (CVE-2024-49977)

net: stmmac: porttransmitratekbps could be set to a value of 0, which is then passed to the divs64 function when tc-cbs is disabled. This leads to a zero-division error. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information...

Siemens SIMATIC, SCALANCE and RUGGEDCOM Devices Improper Locking (CVE-2024-50044)

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: RFCOMM: FIX possible deadlock in rfcommskstatechange rfcommskstatechange attempts to use socklock so it must never be called with it locked but rfcommsockioctl always attempt to lock it. This plugin only works with...

Siemens SIMATIC Devices Improper Input Validation (CVE-2024-26872)

RDMA/srpt: use-after-free Write in srptrefreshport. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid503489; scriptversion"1.2";...

Siemens SIMATIC Devices Improper Input Validation (CVE-2024-26882)

net: iptunnel: make sure to pull inner header in iptunnelrcv. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid503477; scriptversion"1.2";...