https://vulnerability.circl.lu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Thu, 04 Jun 2026 07:33:55 +0000 https://vulnerability.circl.lu/sighting/fb86c93b-b864-4ae0-9a13-c579339f53c2/export {"uuid": "fb86c93b-b864-4ae0-9a13-c579339f53c2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50132", "type": "seen", "source": "https://t.me/cvedetector/9926", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-50132 - Linux Kernel Tracing Probe Array Overflow Null Pointer Dereference Vulnerability\", \n \"Content\": \"CVE ID : CVE-2024-50132 \nPublished : Nov. 5, 2024, 6:15 p.m. | 22\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved: \n \ntracing/probes: Fix MAX_TRACE_ARGS limit handling \n \nWhen creating a trace_probe we would set nr_args prior to truncating the \narguments to MAX_TRACE_ARGS. However, we would only initialize arguments \nup to the limit. \n \nThis caused invalid memory access when attempting to set up probes with \nmore than 128 fetchargs. \n \n BUG: kernel NULL pointer dereference, address: 0000000000000020 \n #PF: supervisor read access in kernel mode \n #PF: error_code(0x0000) - not-present page \n PGD 0 P4D 0 \n Oops: Oops: 0000 [#1] PREEMPT SMP PTI \n CPU: 0 UID: 0 PID: 1769 Comm: cat Not tainted 6.11.0-rc7+ #8 \n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-1.fc39 04/01/2014 \n RIP: 0010:__set_print_fmt+0x134/0x330 \n \nResolve the issue by applying the MAX_TRACE_ARGS limit earlier. Return \nan error when there are too many arguments instead of silently \ntruncating. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"05 Nov 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-05T19:44:29.000000Z"} {"uuid": "fb86c93b-b864-4ae0-9a13-c579339f53c2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50132", "type": "seen", "source": "https://t.me/cvedetector/9926", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-50132 - Linux Kernel Tracing Probe Array Overflow Null Pointer Dereference Vulnerability\", \n \"Content\": \"CVE ID : CVE-2024-50132 \nPublished : Nov. 5, 2024, 6:15 p.m. | 22\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved: \n \ntracing/probes: Fix MAX_TRACE_ARGS limit handling \n \nWhen creating a trace_probe we would set nr_args prior to truncating the \narguments to MAX_TRACE_ARGS. However, we would only initialize arguments \nup to the limit. \n \nThis caused invalid memory access when attempting to set up probes with \nmore than 128 fetchargs. \n \n BUG: kernel NULL pointer dereference, address: 0000000000000020 \n #PF: supervisor read access in kernel mode \n #PF: error_code(0x0000) - not-present page \n PGD 0 P4D 0 \n Oops: Oops: 0000 [#1] PREEMPT SMP PTI \n CPU: 0 UID: 0 PID: 1769 Comm: cat Not tainted 6.11.0-rc7+ #8 \n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-1.fc39 04/01/2014 \n RIP: 0010:__set_print_fmt+0x134/0x330 \n \nResolve the issue by applying the MAX_TRACE_ARGS limit earlier. Return \nan error when there are too many arguments instead of silently \ntruncating. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"05 Nov 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-05T19:44:29.000000Z"} https://vulnerability.circl.lu/sighting/fb86c93b-b864-4ae0-9a13-c579339f53c2/export Tue, 05 Nov 2024 19:44:29 +0000 https://vulnerability.circl.lu/sighting/c0b98874-bdcd-4d86-905a-a2f7d2218bf2/export {"uuid": "c0b98874-bdcd-4d86-905a-a2f7d2218bf2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50131", "type": "seen", "source": "https://t.me/cvedetector/9929", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-50131 - \"Linux Kernel Tracing Buffer Overflow Vulnerability\"\", \n \"Content\": \"CVE ID : CVE-2024-50131 \nPublished : Nov. 5, 2024, 6:15 p.m. | 22\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved: \n \ntracing: Consider the NULL character when validating the event length \n \nstrlen() returns a string length excluding the null byte. If the string \nlength equals to the maximum buffer length, the buffer will have no \nspace for the NULL terminating character. \n \nThis commit checks this condition and returns failure for it. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"05 Nov 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-05T19:44:35.000000Z"} {"uuid": "c0b98874-bdcd-4d86-905a-a2f7d2218bf2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50131", "type": "seen", "source": "https://t.me/cvedetector/9929", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-50131 - \"Linux Kernel Tracing Buffer Overflow Vulnerability\"\", \n \"Content\": \"CVE ID : CVE-2024-50131 \nPublished : Nov. 5, 2024, 6:15 p.m. | 22\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved: \n \ntracing: Consider the NULL character when validating the event length \n \nstrlen() returns a string length excluding the null byte. If the string \nlength equals to the maximum buffer length, the buffer will have no \nspace for the NULL terminating character. \n \nThis commit checks this condition and returns failure for it. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"05 Nov 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-05T19:44:35.000000Z"} https://vulnerability.circl.lu/sighting/c0b98874-bdcd-4d86-905a-a2f7d2218bf2/export Tue, 05 Nov 2024 19:44:35 +0000 https://vulnerability.circl.lu/sighting/85bc6fc9-0555-433d-b8e5-41bc0bb0f2ef/export {"uuid": "85bc6fc9-0555-433d-b8e5-41bc0bb0f2ef", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50130", "type": "seen", "source": "https://t.me/cvedetector/9931", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-50130 - Linux Netfilter BPF NetNamespace Reference Leak Vulnerability\", \n \"Content\": \"CVE ID : CVE-2024-50130 \nPublished : Nov. 5, 2024, 6:15 p.m. | 22\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved: \n \nnetfilter: bpf: must hold reference on net namespace \n \nBUG: KASAN: slab-use-after-free in __nf_unregister_net_hook+0x640/0x6b0 \nRead of size 8 at addr ffff8880106fe400 by task repro/72= \nbpf_nf_link_release+0xda/0x1e0 \nbpf_link_free+0x139/0x2d0 \nbpf_link_release+0x68/0x80 \n__fput+0x414/0xb60 \n \nEric says: \n It seems that bpf was able to defer the __nf_unregister_net_hook() \n after exit()/close() time. \n Perhaps a netns reference is missing, because the netns has been \n dismantled/freed already. \n bpf_nf_link_attach() does : \n link->net = net; \n But I do not see a reference being taken on net. \n \nAdd such a reference and release it after hook unreg. \nNote that I was unable to get syzbot reproducer to work, so I \ndo not know if this resolves this splat. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"05 Nov 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-05T19:44:36.000000Z"} {"uuid": "85bc6fc9-0555-433d-b8e5-41bc0bb0f2ef", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50130", "type": "seen", "source": "https://t.me/cvedetector/9931", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-50130 - Linux Netfilter BPF NetNamespace Reference Leak Vulnerability\", \n \"Content\": \"CVE ID : CVE-2024-50130 \nPublished : Nov. 5, 2024, 6:15 p.m. | 22\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved: \n \nnetfilter: bpf: must hold reference on net namespace \n \nBUG: KASAN: slab-use-after-free in __nf_unregister_net_hook+0x640/0x6b0 \nRead of size 8 at addr ffff8880106fe400 by task repro/72= \nbpf_nf_link_release+0xda/0x1e0 \nbpf_link_free+0x139/0x2d0 \nbpf_link_release+0x68/0x80 \n__fput+0x414/0xb60 \n \nEric says: \n It seems that bpf was able to defer the __nf_unregister_net_hook() \n after exit()/close() time. \n Perhaps a netns reference is missing, because the netns has been \n dismantled/freed already. \n bpf_nf_link_attach() does : \n link->net = net; \n But I do not see a reference being taken on net. \n \nAdd such a reference and release it after hook unreg. \nNote that I was unable to get syzbot reproducer to work, so I \ndo not know if this resolves this splat. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"05 Nov 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-05T19:44:36.000000Z"} https://vulnerability.circl.lu/sighting/85bc6fc9-0555-433d-b8e5-41bc0bb0f2ef/export Tue, 05 Nov 2024 19:44:36 +0000 https://vulnerability.circl.lu/sighting/4101d1a0-1c5a-4027-88df-158c2f5b03b5/export {"uuid": "4101d1a0-1c5a-4027-88df-158c2f5b03b5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50139", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113440984913066438", "content": "", "creation_timestamp": "2024-11-07T09:34:20.341916Z"} {"uuid": "4101d1a0-1c5a-4027-88df-158c2f5b03b5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50139", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113440984913066438", "content": "", "creation_timestamp": "2024-11-07T09:34:20.341916Z"} https://vulnerability.circl.lu/sighting/4101d1a0-1c5a-4027-88df-158c2f5b03b5/export Thu, 07 Nov 2024 09:34:20 +0000 https://vulnerability.circl.lu/sighting/84343efd-c0fb-4d1f-a868-639f819dccaa/export {"uuid": "84343efd-c0fb-4d1f-a868-639f819dccaa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50139", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113440996205884449", "content": "", "creation_timestamp": "2024-11-07T09:37:12.597733Z"} {"uuid": "84343efd-c0fb-4d1f-a868-639f819dccaa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50139", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113440996205884449", "content": "", "creation_timestamp": "2024-11-07T09:37:12.597733Z"} https://vulnerability.circl.lu/sighting/84343efd-c0fb-4d1f-a868-639f819dccaa/export Thu, 07 Nov 2024 09:37:12 +0000 https://vulnerability.circl.lu/sighting/b3f2e3a1-d6d5-445d-b4b9-13751e380683/export {"uuid": "b3f2e3a1-d6d5-445d-b4b9-13751e380683", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50130", "type": "seen", "source": "Telegram/z9UMiF2wbzIvuPNfjokOH3MfMP4l-JzMiQXGUG-ema-mlExO", "content": "", "creation_timestamp": "2025-03-08T04:34:10.000000Z"} {"uuid": "b3f2e3a1-d6d5-445d-b4b9-13751e380683", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50130", "type": "seen", "source": "Telegram/z9UMiF2wbzIvuPNfjokOH3MfMP4l-JzMiQXGUG-ema-mlExO", "content": "", "creation_timestamp": "2025-03-08T04:34:10.000000Z"} https://vulnerability.circl.lu/sighting/b3f2e3a1-d6d5-445d-b4b9-13751e380683/export Sat, 08 Mar 2025 04:34:10 +0000 https://vulnerability.circl.lu/sighting/dd05c67a-b401-44de-b1b6-785251edd145/export {"uuid": "dd05c67a-b401-44de-b1b6-785251edd145", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50137", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/10683", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-50137\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: In the Linux kernel, the following vulnerability has been resolved:\n\nreset: starfive: jh71x0: Fix accessing the empty member on JH7110 SoC\n\ndata->asserted will be NULL on JH7110 SoC since commit 82327b127d41\n(\"reset: starfive: Add StarFive JH7110 reset driver\") was added. Add\nthe judgment condition to avoid errors when calling reset_control_status\non JH7110 SoC.\n\ud83d\udccf Published: 2024-11-05T17:11:00.861Z\n\ud83d\udccf Modified: 2025-04-07T08:36:55.150Z\n\ud83d\udd17 References:\n1. https://git.kernel.org/stable/c/3918b2016d28c9b2bddd5ab194ab366a4e2310f5\n2. https://git.kernel.org/stable/c/c923f1fb8ae8627322d167b73bb4f978404a05de\n3. https://git.kernel.org/stable/c/2cf59663660799ce16f4dfbed97cdceac7a7fa11", "creation_timestamp": "2025-04-07T08:44:50.000000Z"} {"uuid": "dd05c67a-b401-44de-b1b6-785251edd145", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50137", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/10683", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-50137\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: In the Linux kernel, the following vulnerability has been resolved:\n\nreset: starfive: jh71x0: Fix accessing the empty member on JH7110 SoC\n\ndata->asserted will be NULL on JH7110 SoC since commit 82327b127d41\n(\"reset: starfive: Add StarFive JH7110 reset driver\") was added. Add\nthe judgment condition to avoid errors when calling reset_control_status\non JH7110 SoC.\n\ud83d\udccf Published: 2024-11-05T17:11:00.861Z\n\ud83d\udccf Modified: 2025-04-07T08:36:55.150Z\n\ud83d\udd17 References:\n1. https://git.kernel.org/stable/c/3918b2016d28c9b2bddd5ab194ab366a4e2310f5\n2. https://git.kernel.org/stable/c/c923f1fb8ae8627322d167b73bb4f978404a05de\n3. https://git.kernel.org/stable/c/2cf59663660799ce16f4dfbed97cdceac7a7fa11", "creation_timestamp": "2025-04-07T08:44:50.000000Z"} https://vulnerability.circl.lu/sighting/dd05c67a-b401-44de-b1b6-785251edd145/export Mon, 07 Apr 2025 08:44:50 +0000 https://vulnerability.circl.lu/sighting/6c5a859e-b373-448a-b739-731dfb1935f5/export {"uuid": "6c5a859e-b373-448a-b739-731dfb1935f5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "c933734a-9be8-4142-889e-26e95c752803", "vulnerability": "CVE-2024-50135", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/816dcc8e-f25a-4895-9b59-1bbd9caeccb8", "content": "", "creation_timestamp": "2025-12-03T14:14:49.267740Z"} {"uuid": "6c5a859e-b373-448a-b739-731dfb1935f5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "c933734a-9be8-4142-889e-26e95c752803", "vulnerability": "CVE-2024-50135", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/816dcc8e-f25a-4895-9b59-1bbd9caeccb8", "content": "", "creation_timestamp": "2025-12-03T14:14:49.267740Z"} https://vulnerability.circl.lu/sighting/6c5a859e-b373-448a-b739-731dfb1935f5/export Wed, 03 Dec 2025 14:14:49 +0000 https://vulnerability.circl.lu/sighting/0ad8a557-84b4-468e-b495-eaeb62ea9556/export {"uuid": "0ad8a557-84b4-468e-b495-eaeb62ea9556", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2024-50135", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/", "content": "", "creation_timestamp": "2026-03-19T00:00:00.000000Z"} {"uuid": "0ad8a557-84b4-468e-b495-eaeb62ea9556", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2024-50135", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/", "content": "", "creation_timestamp": "2026-03-19T00:00:00.000000Z"} https://vulnerability.circl.lu/sighting/0ad8a557-84b4-468e-b495-eaeb62ea9556/export Thu, 19 Mar 2026 00:00:00 +0000 https://vulnerability.circl.lu/sighting/2e244b0f-5c37-46df-91e7-a20bcafa5d84/export {"uuid": "2e244b0f-5c37-46df-91e7-a20bcafa5d84", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2024-50138", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/", "content": "", "creation_timestamp": "2026-03-19T00:00:00.000000Z"} {"uuid": "2e244b0f-5c37-46df-91e7-a20bcafa5d84", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2024-50138", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/", "content": "", "creation_timestamp": "2026-03-19T00:00:00.000000Z"} https://vulnerability.circl.lu/sighting/2e244b0f-5c37-46df-91e7-a20bcafa5d84/export Thu, 19 Mar 2026 00:00:00 +0000