CVE-2024-0002
published 2024-09-23CVE-2024-0002: A condition exists in FlashArray Purity whereby an attacker can employ a privileged account allowing remote access to the array.
PriorityP260critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
0.50%
38.8th percentile
A condition exists in FlashArray Purity whereby an attacker can employ a privileged account allowing remote access to the array.
Affected
14 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| purestorage | flasharray | — | — |
| purestorage | flasharray | 5.3.17 – 5.3.21 | — |
| purestorage | flasharray | 6.0.7 – 6.0.9 | — |
| purestorage | flasharray | 6.1.8 – 6.1.25 | — |
| purestorage | flasharray | 6.2.0 – 6.2.17 | — |
| purestorage | flasharray | 6.3.0 – 6.3.14 | — |
| purestorage | flasharray | 6.4.0 – 6.4.10 | — |
| purestorage | purity_fa | — | — |
| purestorage | purity_fa | 5.3.17 – 5.3.21 | — |
| purestorage | purity_fa | 6.0.7 – 6.0.9 | — |
| purestorage | purity_fa | 6.1.8 – 6.1.25 | — |
| purestorage | purity_fa | 6.2.0 – 6.2.17 | — |
| purestorage | purity_fa | 6.3.0 – 6.3.14 | — |
| purestorage | purity_fa | 6.4.0 – 6.4.10 | — |
CVSS provenance
nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
vendor_redhat7.1HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-ww64-xcqm-5jhf: A condition exists in FlashArray Purity whereby an attacker can employ a privileged account allowing remote access to the array
ghsa_unreviewed·2024-09-23
CVE-2024-0002 [CRITICAL] CWE-287 GHSA-ww64-xcqm-5jhf: A condition exists in FlashArray Purity whereby an attacker can employ a privileged account allowing remote access to the array
A condition exists in FlashArray Purity whereby an attacker can employ a privileged account allowing remote access to the array.
Red Hat
kernel: blk-rq-qos: fix crash on rq_qos_wait vs. rq_qos_wake_function race
vendor_redhat·2024-10-29·CVSS 4.7
CVE-2024-50082 [MEDIUM] CWE-362 kernel: blk-rq-qos: fix crash on rq_qos_wait vs. rq_qos_wake_function race
kernel: blk-rq-qos: fix crash on rq_qos_wait vs. rq_qos_wake_function race
In the Linux kernel, the following vulnerability has been resolved:
blk-rq-qos: fix crash on rq_qos_wait vs. rq_qos_wake_function race
We're seeing crashes from rq_qos_wake_function that look like this:
BUG: unable to handle page fault for address: ffffafe180a40084
#PF: supervisor write access in kernel mode
#PF: error_code(0x0002) - not-present page
PGD 100000067 P4D 100000067 PUD 10027c067 PMD 10115d067 PTE 0
Oops: Oops: 0002 [#1] PREEMPT SMP PTI
CPU: 17 UID: 0 PID: 0 Comm: swapper/17 Not tainted 6.12.0-rc3-00013-geca631b8fe80 #11
Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014
RIP: 0010:_raw_spin_lock_irqsave+0x1d/0x40
Code: 90 90 90 90 90 90 90
Red Hat
kernel: bonding: fix xfrm real_dev null pointer dereference
vendor_redhat·2024-09-04·CVSS 5.5
CVE-2024-44989 [MEDIUM] CWE-476 kernel: bonding: fix xfrm real_dev null pointer dereference
kernel: bonding: fix xfrm real_dev null pointer dereference
In the Linux kernel, the following vulnerability has been resolved:
bonding: fix xfrm real_dev null pointer dereference
We shouldn't set real_dev to NULL because packets can be in transit and
xfrm might call xdo_dev_offload_ok() in parallel. All callbacks assume
real_dev is set.
Example trace:
kernel: BUG: unable to handle page fault for address: 0000000000001030
kernel: bond0: (slave eni0np1): making interface the new active one
kernel: #PF: supervisor write access in kernel mode
kernel: #PF: error_code(0x0002) - not-present page
kernel: PGD 0 P4D 0
kernel: Oops: 0002 [#1] PREEMPT SMP
kernel: CPU: 4 PID: 2237 Comm: ping Not tainted 6.7.7+ #12
kernel: Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-2.fc40 04/01/20
Red Hat
kernel: scsi: qedi: Fix crash while reading debugfs attribute
vendor_redhat·2024-07-12·CVSS 7.1
CVE-2024-40978 [HIGH] CWE-822 kernel: scsi: qedi: Fix crash while reading debugfs attribute
kernel: scsi: qedi: Fix crash while reading debugfs attribute
In the Linux kernel, the following vulnerability has been resolved:
scsi: qedi: Fix crash while reading debugfs attribute
The qedi_dbg_do_not_recover_cmd_read() function invokes sprintf() directly
on a __user pointer, which results into the crash.
To fix this issue, use a small local stack buffer for sprintf() and then
call simple_read_from_buffer(), which in turns make the copy_to_user()
call.
BUG: unable to handle page fault for address: 00007f4801111000
PGD 8000000864df6067 P4D 8000000864df6067 PUD 864df7067 PMD 846028067 PTE 0
Oops: 0002 [#1] PREEMPT SMP PTI
Hardware name: HPE ProLiant DL380 Gen10/ProLiant DL380 Gen10, BIOS U30 06/15/2023
RIP: 0010:memcpy_orig+0xcd/0x130
RSP: 0018:ffffb7a18c3ffc40 EFLAGS: 00010202
RAX: 0000
Palo Alto
PAN-SA-2024-0002 Impact of Leaky Vessels Vulnerabilities (CVE-2024-21626, CVE-2024-23651, CVE-2024-23652, and CVE-2024-23653)
vendor_paloalto·2024-02-22·CVSS 8.6
CVE-2024-23651 [HIGH] CWE-22 PAN-SA-2024-0002 Impact of Leaky Vessels Vulnerabilities (CVE-2024-21626, CVE-2024-23651, CVE-2024-23652, and CVE-2024-23653)
PAN-SA-2024-0002 Impact of Leaky Vessels Vulnerabilities (CVE-2024-21626, CVE-2024-23651, CVE-2024-23652, and CVE-2024-23653)
The Palo Alto Networks Product Security Assurance team has evaluated the four vulnerabilities in Open Container Initiative's runc and Moby BuildKit software (collectively known as "Leaky Vessels") as it relates to our products. While Cortex XSOAR 8, Cortex XSOAR 6 Hosted, and Prisma Cloud Compute rely on this software, they do not offer any scenarios required for the successful
CVEs: CVE-2024-21626, CVE-2024-23651, CVE-2024-23652, CVE-2024-23653
Affected products: Cortex XSOAR, Prisma Cloud
Palo Alto
PAN-SA-2024-0002 Impact of Leaky Vessels Vulnerabilities (CVE-2024-21626, CVE-2024-23651, CVE-2024-23652, and CVE-2024-23653)
vendor_paloalto·2024-02-22·CVSS 8.6
CVE-2024-23652 [HIGH] CWE-22 PAN-SA-2024-0002 Impact of Leaky Vessels Vulnerabilities (CVE-2024-21626, CVE-2024-23651, CVE-2024-23652, and CVE-2024-23653)
PAN-SA-2024-0002 Impact of Leaky Vessels Vulnerabilities (CVE-2024-21626, CVE-2024-23651, CVE-2024-23652, and CVE-2024-23653)
The Palo Alto Networks Product Security Assurance team has evaluated the four vulnerabilities in Open Container Initiative's runc and Moby BuildKit software (collectively known as "Leaky Vessels") as it relates to our products. While Cortex XSOAR 8, Cortex XSOAR 6 Hosted, and Prisma Cloud Compute rely on this software, they do not offer any scenarios required for the successful
CVEs: CVE-2024-21626, CVE-2024-23651, CVE-2024-23652, CVE-2024-23653
Affected products: Cortex XSOAR, Prisma Cloud
Palo Alto
PAN-SA-2024-0002 Impact of Leaky Vessels Vulnerabilities (CVE-2024-21626, CVE-2024-23651, CVE-2024-23652, and CVE-2024-23653)
vendor_paloalto·2024-02-22·CVSS 8.6
CVE-2024-23653 [HIGH] CWE-22 PAN-SA-2024-0002 Impact of Leaky Vessels Vulnerabilities (CVE-2024-21626, CVE-2024-23651, CVE-2024-23652, and CVE-2024-23653)
PAN-SA-2024-0002 Impact of Leaky Vessels Vulnerabilities (CVE-2024-21626, CVE-2024-23651, CVE-2024-23652, and CVE-2024-23653)
The Palo Alto Networks Product Security Assurance team has evaluated the four vulnerabilities in Open Container Initiative's runc and Moby BuildKit software (collectively known as "Leaky Vessels") as it relates to our products. While Cortex XSOAR 8, Cortex XSOAR 6 Hosted, and Prisma Cloud Compute rely on this software, they do not offer any scenarios required for the successful
CVEs: CVE-2024-21626, CVE-2024-23651, CVE-2024-23652, CVE-2024-23653
Affected products: Cortex XSOAR, Prisma Cloud
VMware
VMware Aria Operations for Networks (Formerly vRealize Network Insight) updates address multiple vulnerabilities (CVE-2024-22237, CVE-2024-22238, CVE-2024-22239, CVE-2024-22240, CVE-2024-22241)
vendor_vmware·2024-02-06·CVSS 7.8
CVE-2024-22237 [HIGH] VMware Aria Operations for Networks (Formerly vRealize Network Insight) updates address multiple vulnerabilities (CVE-2024-22237, CVE-2024-22238, CVE-2024-22239, CVE-2024-22240, CVE-2024-22241)
VMSA-2024-0002: VMware Aria Operations for Networks (Formerly vRealize Network Insight) updates address multiple vulnerabilities (CVE-2024-22237, CVE-2024-22238, CVE-2024-22239, CVE-2024-22240, CVE-2024-22241)
Aria Operations for Networks contains a local privilege escalation vulnerability. VMware has evaluated the severity of this issue to be in the Important severity range with a maximum CVSSv3 base score of 7.8.
CVEs: CVE-2024-22237, CVE-2024-22238, CVE-2024-22239, CVE-2024-22240, CVE-2024-22241
Affected products: VMware Aria
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2024-09-23
Published