250 matches found
Siemens SIMATIC Devices Improper Input Validation (CVE-2024-35902)
net/rds: possible cp null dereference cp might be null, calling cp-cpconn would produce null dereference. Cp is a parameter of rdsrdmamap and is not reassigned. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 809...
Siemens SIMATIC Devices Improper Locking (CVE-2024-50210)
In the Linux kernel, the following vulnerability has been resolved: posix-clock: posix-clock: Fix unbalanced locking in pcclocksettime If getclockdesc succeeds, it calls fget for the clockid's fd, and get the clk-rwsem read lock, so the error path should release the lock to make the lock balance...
Siemens SIMATIC, SCALANCE and RUGGEDCOM Devices Out-of-bounds Write (CVE-2024-47697)
In the Linux kernel, the following vulnerability has been resolved: drivers: media: dvb-frontends/rtl2830: fix an out-of-bounds write error Ensure index in rtl2830pidfilter does not exceed 31 to prevent out-of-bounds access. dev-filters is a 32-bit value, so setbit and clearbit functions should...
Siemens SIMATIC Devices Improper Input Validation (CVE-2024-26651)
sr9800: Local Denial of Service Vulnerability. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid503678; scriptversion"1.2";...
Siemens SIMATIC Devices Out-of-bounds Write (CVE-2024-50134)
In the Linux kernel, the following vulnerability has been resolved: drm/vboxvideo: Replace fake VLA at end of vbvamousepointershape with real VLA Replace the fake VLA at end of the vbvamousepointershape shape with a real VLA to fix a memcpy: detected field-spanning write error. Note as mentioned ...
Siemens SIMATIC Devices Improper Input Validation (CVE-2025-21704)
usb: cdc-acm: Check control transfer buffer size before access This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid503558; scriptversion"1.2";...
Siemens SIMATIC Devices Improper Input Validation (CVE-2024-26872)
RDMA/srpt: use-after-free Write in srptrefreshport. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid503489; scriptversion"1.2";...
Siemens SIMATIC, SCALANCE and RUGGEDCOM Devices Use of Uninitialized Resource (CVE-2024-50035)
In the Linux kernel, the following vulnerability has been resolved: ppp: fix pppasyncencode illegal access syzbot reported an issue in pppasyncencode 1 In this case, pppoesendmsg is called with a zero size. Then pppasyncencode is called with an empty skb. BUG: KMSAN: uninit-value in pppasyncencod...
Siemens SIMATIC, SCALANCE and RUGGEDCOM Devices Improper Input Validation (CVE-2024-49977)
net: stmmac: porttransmitratekbps could be set to a value of 0, which is then passed to the divs64 function when tc-cbs is disabled. This leads to a zero-division error. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information...
Siemens SIMATIC Devices Use After Free (CVE-2024-26961)
In the Linux kernel, the following vulnerability has been resolved: mac802154: fix llsec key resources release in mac802154llseckeydel This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc...
Siemens SIMATIC, SCALANCE and RUGGEDCOM Devices Improper Locking (CVE-2024-50044)
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: RFCOMM: FIX possible deadlock in rfcommskstatechange rfcommskstatechange attempts to use socklock so it must never be called with it locked but rfcommsockioctl always attempt to lock it. This plugin only works with...
Siemens SIMATIC Devices Improper Locking (CVE-2024-26643)
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: mark set as dead when unbinding anonymous set with timeout This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable,...
Siemens SIMATIC Devices Classic Buffer Overflow (CVE-2024-50131)
In the Linux kernel, the following vulnerability has been resolved: tracing: Consider the NULL character when validating the event length strlen returns a string length excluding the null byte. If the string length equals to the maximum buffer length, the buffer will have no space for the NULL...
Siemens SIMATIC Devices Improper Validation of Array Index (CVE-2024-35813)
In the Linux kernel, the following vulnerability has been resolved: mmc: core: Avoid negative index with array access Commit 4d0c8d0aef63 mmc: core: Use mrq.sbc in close-ended ffu assigns previdata = idatasi - 1, but doesn't check that the iterator i is greater than zero. Let's fix this by adding...
Siemens SIMATIC Devices Improper Check for Unusual or Exceptional Conditions (CVE-2024-44948)
In the Linux kernel, the following vulnerability has been resolved: x86/mtrr: Check if fixed MTRRs exist before saving them MTRRs have an obsolete fixed variant for fine grained caching control of the 640K-1MB region that uses separate MSRs. This fixed variant has a separate capability bit in the...
Siemens SIMATIC Devices Improper Input Validation (CVE-2024-38578)
ecryptfs: Fix buffer size for tag 66 packet The 'TAG 66 Packet Format' description is missing the cipher code and checksum fields that are packed into the message packet. As a result, the buffer allocated for the packet is 3 bytes too small and writetag66packet will write up to 3 bytes past the e...
Siemens SIMATIC Devices Improper Input Validation (CVE-2024-26875)
media: pvrusb2: fix uaf in pvr2contextsetnotify. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid503541; scriptversion"1.2";...
Siemens SIMATIC Devices Race Condition (CVE-2024-35899)
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: flush pending destroy work before exitnet release Similar to 2c9f0293280e netfilter: nftables: flush pending destroy work before netlink notifier to address a race between exitnet and the destroy workqueue. T...
Siemens SIMATIC Devices Use After Free (CVE-2024-23848)
In the Linux kernel through 6.7.1, there is a use-after-free in cecqueuemsgfh, related to drivers/media/cec/core/cec-adap.c and drivers/media/cec/core/cec-api.c. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL...
Siemens SIMATIC Devices Incorrect Calculation of Buffer Size (CVE-2024-42259)
In the Linux kernel, the following vulnerability has been resolved: drm/i915/gem: Fix Virtual Memory mapping boundaries calculation Calculating the size of the mapped area as the lesser value between the requested size and the actual size does not consider the partial mapping offset. This can cau...