4 matches found
Siemens RUGGEDCOM ROX II Improper Neutralization of Special Elements in Output Used By a Downstream Component (CVE-2024-56839)
Code injection can be achieved when the affected device is using VRF Virtual Routing and Forwarding. An attacker could leverage this scenario to execute arbitrary code as root user. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more...
SUSE-SU-2025:03543-1 Security update for the Linux Kernel (Live Patch 34 for SLE 15 SP4)
This update for the Linux Kernel 5.14.21-15040024144 fixes several issues. The following security issues were fixed: - CVE-2024-53168: sunrpc: fix one UAF issue caused by sunrpc kernel tcp socket bsc1243650. - CVE-2025-38477: net/sched: schqfq: Fix race condition on qfqaggregate bsc1247315. -...
DEBIAN-CVE-2025-21791
In the Linux kernel, the following vulnerability has been resolved: vrf: use RCU protection in l3mdevl3out l3mdevl3out can be called without RCU being held: rawsendmsg ippushpendingframes ipsendskb iplocalout iplocalout l3mdevipout Add rcureadlock / rcureadunlock pair to avoid a potential UAF...
CVE-2024-49980 vrf: revert "vrf: Remove unnecessary RCU-bh critical section"
In the Linux kernel, the following vulnerability has been resolved: vrf: revert "vrf: Remove unnecessary RCU-bh critical section" This reverts commit 504fc6f4f7f681d2a03aa5f68aad549d90eab853. devqueuexmitnit is expected to be called with BH disabled. devqueuexmit has the following: / Disable soft...