250 matches found
Siemens SIMATIC Devices Improper Input Validation (CVE-2024-42304)
In the Linux kernel, the following vulnerability has been resolved: ext4: make sure the first directory block is not a hole This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc...
Siemens SIMATIC Devices Improper Input Validation (CVE-2024-26884)
bpf: Fix hashtab overflow check on 32-bit arches. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid503610; scriptversion"1.2";...
Siemens SIMATIC Devices NULL Pointer Dereference (CVE-2025-21844)
smb: client: Add check for nextbuffer in receiveencryptedstandard This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid503639; scriptversion"1.2";...
Siemens SIMATIC, SCALANCE and RUGGEDCOM Devices Use of Uninitialized Resource (CVE-2024-46744)
In the Linux kernel, the following vulnerability has been resolved: Squashfs: sanity check symbolic link size. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if...
Siemens SIMATIC Devices Race Condition (CVE-2024-35899)
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: flush pending destroy work before exitnet release Similar to 2c9f0293280e netfilter: nftables: flush pending destroy work before netlink notifier to address a race between exitnet and the destroy workqueue. T...
Siemens SIMATIC Devices NULL Pointer Dereference (CVE-2025-21669)
vsock/virtio: discard packets if the transport changes This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid503433; scriptversion"1.2";...
Siemens SIMATIC Devices Improper Input Validation (CVE-2024-35845)
wifi: iwlwifi: dbg-tlv: ensure NUL termination The iwlfwinidebuginfotlv is used as a string, so we must ensure the string is terminated correctly before using it. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL...
Siemens SIMATIC Devices Classic Buffer Overflow (CVE-2024-50131)
In the Linux kernel, the following vulnerability has been resolved: tracing: Consider the NULL character when validating the event length strlen returns a string length excluding the null byte. If the string length equals to the maximum buffer length, the buffer will have no space for the NULL...
Siemens SIMATIC, SCALANCE and RUGGEDCOM Devices Missing Initialization of a Variable (CVE-2024-53101)
In the Linux kernel, the following vulnerability has been resolved: fs: Fix uninitialized value issue in fromkuid and fromkgid ocfs2setattr uses attr-iamode, attr-iauid and attr-iagid in a trace point even though ATTRMODE, ATTRUID and ATTRGID aren't set. Initialize all fields of newattrs to avoid...
Siemens SIMATIC Devices Use After Free (CVE-2024-27395)
In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: Fix Use-After-Free in ovsctexit Since kfreercu, which is called in the hlistforeachentryrcu traversal of ovsctlimitexit, is not part of the RCU read critical section, it is possible that the RCU grace period wil...
Siemens SIMATIC Devices Improper Input Validation (CVE-2024-38578)
ecryptfs: Fix buffer size for tag 66 packet The 'TAG 66 Packet Format' description is missing the cipher code and checksum fields that are packed into the message packet. As a result, the buffer allocated for the packet is 3 bytes too small and writetag66packet will write up to 3 bytes past the e...
Siemens SIMATIC Devices Improper Check for Unusual or Exceptional Conditions (CVE-2024-44948)
In the Linux kernel, the following vulnerability has been resolved: x86/mtrr: Check if fixed MTRRs exist before saving them MTRRs have an obsolete fixed variant for fine grained caching control of the 640K-1MB region that uses separate MSRs. This fixed variant has a separate capability bit in the...
Siemens SIMATIC Devices Improper Validation of Array Index (CVE-2024-35813)
In the Linux kernel, the following vulnerability has been resolved: mmc: core: Avoid negative index with array access Commit 4d0c8d0aef63 mmc: core: Use mrq.sbc in close-ended ffu assigns previdata = idatasi - 1, but doesn't check that the iterator i is greater than zero. Let's fix this by adding...
Siemens SIMATIC Devices Use After Free (CVE-2024-23848)
In the Linux kernel through 6.7.1, there is a use-after-free in cecqueuemsgfh, related to drivers/media/cec/core/cec-adap.c and drivers/media/cec/core/cec-api.c. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL...
Siemens SIMATIC Devices Exposure of Resource to Wrong Sphere (CVE-2024-36959)
In the Linux kernel, the following vulnerability has been resolved: pinctrl: devicetree: fix refcount leak in pinctrldttomap If we fail to allocate propname buffer, we need to drop the reference count we just took. Because the pinctrldtfreemaps includes the droping operation, here we call it...
Siemens SIMATIC, SCALANCE and RUGGEDCOM Devices Use of Uninitialized Resource (CVE-2024-50035)
In the Linux kernel, the following vulnerability has been resolved: ppp: fix pppasyncencode illegal access syzbot reported an issue in pppasyncencode 1 In this case, pppoesendmsg is called with a zero size. Then pppasyncencode is called with an empty skb. BUG: KMSAN: uninit-value in pppasyncencod...
Siemens SIMATIC, SCALANCE and RUGGEDCOM Devices Improper Input Validation (CVE-2024-49977)
net: stmmac: porttransmitratekbps could be set to a value of 0, which is then passed to the divs64 function when tc-cbs is disabled. This leads to a zero-division error. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information...
Siemens SIMATIC Devices Improper Validation of Array Index (CVE-2024-35905)
In the Linux kernel, the following vulnerability has been resolved: bpf: Protect against int overflow for stack access size This patch re-introduces protection against the size of access to stack memory being negative; the access size can appear negative as a result of overflowing its signed int...
Siemens SIMATIC Devices Improper Input Validation (CVE-2024-27437)
In the Linux kernel, the following vulnerability has been resolved: vfio/pci: Disable auto-enable of exclusive INTx IRQ Currently for devices requiring masking at the irqchip for INTx, ie. devices without DisINTx support, the IRQ is enabled in requestirq and subsequently disabled as necessary to...
Siemens SIMATIC Devices Improper Input Validation (CVE-2024-26875)
media: pvrusb2: fix uaf in pvr2contextsetnotify. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid503541; scriptversion"1.2";...