CVE-2024-6504
published 2024-07-18CVE-2024-6504: Rapid7 InsightVM Console versions below 6.6.260 suffer from a protection mechanism failure whereby an attacker with network access to the InsightVM Console can…
PriorityP429medium5.3CVSS 3.1
AVNACLPRNUINSUCNINAL
EPSS
0.32%
23.3th percentile
Rapid7 InsightVM Console versions below 6.6.260 suffer from a protection mechanism failure whereby an attacker with network access to the InsightVM Console can cause it to overload or crash by sending repeated invalid REST requests in a short timeframe, to the Console's port 443 causing the console to enter an exception handling logging loop, exhausting the CPU. There is no indication that an attacker can use this method to escalate privilege, acquire unauthorized access to data, or gain control of protected resources. This issue is fixed in version 6.6.261.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| rapid7 | insightvm | < 6.6.261 | 6.6.261 |
CVSS provenance
nvdv3.15.3MEDIUMCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
vendor_redhat7.8HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-659h-c7mc-5hrw: Rapid7 InsightVM Console versions below 6
ghsa_unreviewed·2024-07-18
CVE-2024-6504 [MEDIUM] CWE-693 GHSA-659h-c7mc-5hrw: Rapid7 InsightVM Console versions below 6
Rapid7 InsightVM Console versions below 6.6.260 suffer from a protection mechanism failure whereby an attacker with network access to the InsightVM Console can cause it to overload or crash by sending repeated invalid REST requests in a short timeframe, to the Console's port 443 causing the console to enter an exception handling logging loop, exhausting the CPU. There is no indication that an attacker can use this method to escalate privilege, acquire unauthorized access to data, or gain control of protected resources. This issue is fixed in version 6.6.261.
Red Hat
kernel: media: xc2028: avoid use-after-free in load_firmware_cb()
vendor_redhat·2024-08-26·CVSS 7.8
CVE-2024-43900 [HIGH] CWE-416 kernel: media: xc2028: avoid use-after-free in load_firmware_cb()
kernel: media: xc2028: avoid use-after-free in load_firmware_cb()
In the Linux kernel, the following vulnerability has been resolved:
media: xc2028: avoid use-after-free in load_firmware_cb()
syzkaller reported use-after-free in load_firmware_cb() [1].
The reason is because the module allocated a struct tuner in tuner_probe(),
and then the module initialization failed, the struct tuner was released.
A worker which created during module initialization accesses this struct
tuner later, it caused use-after-free.
The process is as follows:
task-6504 worker_thread
tuner_probe ffff8000d7ca2300: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
^
ffff8000d7ca2380: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
ffff8000d7ca2400: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[2]
Actually, it is a
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2024-07-18
Published