| Article No° | Product Name | Affected Version(s) |
|---|---|---|
| TruControl installed on redpowerDirect | >=3.50.0 <= 4.00.0 B | |
| TruControl installed on TruDiode | >=3.50.0 <= 4.00.0 B | |
| TruControl installed on TruDisk | >=3.50.0 <= 4.00.0 B | |
| TruControl installed on TruFiber | >=3.50.0 <= 4.00.0 B | |
| TruControl installed on TruMicro 2000 | >=3.50.0 <= 4.00.0 B | |
| TruControl installed on TruMicro 5000 | >=3.50.0 <= 4.00.0 B | |
| TruControl installed on TruMicro 6000 | >=3.50.0 <= 4.00.0 B | |
| TruControl installed on TruMicro 7000 | >=3.50.0 <= 4.00.0 B | |
| TruControl installed on TruMicro 8000 | >=3.50.0 <= 4.00.0 B | |
| TruControl installed on TruMicro 9000 | >=3.50.0 <= 4.00.0 B | |
| TruControl installed on TruPulse | >=3.50.0 <= 4.00.0 B |
TruControl laser control software from versions 3.50.0 to 4.00.0.B use Linux kernel versions affected by CVE-2024-1086. The affected kernel vulnerability could lead to local privilege escalation.
A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. The nft_verdict_init() function allows positive values as drop error within the hook verdict, and hence the nf_hook_slow() function can cause a double free vulnerability when NF_DROP is issued with a drop error which resembles NF_ACCEPT. We recommend upgrading past commit f342de4e2f33e0e39165d8639387aa6c19dff660.
To be able to exploit this vulnerability the attacker first needs to gain any kind of user access to the system. When logged on to the system the privilege escalation vulnerability can be exploited with following possible impacts/damages to the system:
Safety is not affected since it is controlled by an independent electromechanical safety mechanism.
Remediation
CERT@VDE coordinated with TRUMPF SE