https://vulnerability.circl.lu/sightings/feedMost recent sightings.2026-05-27T21:52:17.151098+00:00Vulnerability-Lookupinfo@circl.lupython-feedgenContains only the most 10 recent sightings.https://vulnerability.circl.lu/sighting/e73ad30a-1771-468b-8104-b7e18c7d7834/exporte73ad30a-1771-468b-8104-b7e18c7d78342026-05-27T21:52:17.545421+00:00Automation userhttps://vulnerability.circl.lu/user/automation{"uuid": "e73ad30a-1771-468b-8104-b7e18c7d7834", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-57890", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lfrtyqeeic2r", "content": "", "creation_timestamp": "2025-01-15T13:16:48.529608Z"}2025-01-15T13:16:48.529608+00:00https://vulnerability.circl.lu/sighting/0ef9b03f-b59a-465c-91cf-38292c42bbbe/export0ef9b03f-b59a-465c-91cf-38292c42bbbe2026-05-27T21:52:17.545275+00:00Automation userhttps://vulnerability.circl.lu/user/automation{"uuid": "0ef9b03f-b59a-465c-91cf-38292c42bbbe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-57890", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/1756", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-57890\n\ud83d\udd39 Description: In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/uverbs: Prevent integer overflow issue\n\nIn the expression \"cmd.wqe_size * cmd.wr_count\", both variables are u32\nvalues that come from the user so the multiplication can lead to integer\nwrapping. Then we pass the result to uverbs_request_next_ptr() which also\ncould potentially wrap. The \"cmd.sge_count * sizeof(struct ib_uverbs_sge)\"\nmultiplication can also overflow on 32bit systems although it's fine on\n64bit systems.\n\nThis patch does two things. First, I've re-arranged the condition in\nuverbs_request_next_ptr() so that the use controlled variable \"len\" is on\none side of the comparison by itself without any math. Then I've modified\nall the callers to use size_mul() for the multiplications.\n\ud83d\udccf Published: 2025-01-15T13:05:42.690Z\n\ud83d\udccf Modified: 2025-01-15T13:05:42.690Z\n\ud83d\udd17 References:\n1. https://git.kernel.org/stable/c/c57721b24bd897338a81a0ca5fff41600f0f1ad1\n2. https://git.kernel.org/stable/c/42a6eb4ed7a9a41ba0b83eb0c7e0225b5fca5608\n3. https://git.kernel.org/stable/c/c2f961c46ea0e5274c5c320d007c2dd949cf627a\n4. https://git.kernel.org/stable/c/346db03e9926ab7117ed9bf19665699c037c773c\n5. https://git.kernel.org/stable/c/b92667f755749cf10d9ef1088865c555ae83ffb7\n6. https://git.kernel.org/stable/c/b3ef4ae713360501182695dd47d6b4f6e1a43eb8\n7. https://git.kernel.org/stable/c/d0257e089d1bbd35c69b6c97ff73e3690ab149a9", "creation_timestamp": "2025-01-15T14:26:39.000000Z"}2025-01-15T14:26:39+00:00https://vulnerability.circl.lu/sighting/09cfc369-f77a-453e-b2fc-a46863638bee/export09cfc369-f77a-453e-b2fc-a46863638bee2026-05-27T21:52:17.542771+00:00Automation userhttps://vulnerability.circl.lu/user/automation{"uuid": "09cfc369-f77a-453e-b2fc-a46863638bee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-57890", "type": "seen", "source": "https://t.me/cvedetector/15457", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-57890 - Linux Kernel RDMA/uverbs Integer Overflow Vulnerability\", \n \"Content\": \"CVE ID : CVE-2024-57890 \nPublished : Jan. 15, 2025, 1:15 p.m. | 36\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved: \n \nRDMA/uverbs: Prevent integer overflow issue \n \nIn the expression \"cmd.wqe_size * cmd.wr_count\", both variables are u32 \nvalues that come from the user so the multiplication can lead to integer \nwrapping. Then we pass the result to uverbs_request_next_ptr() which also \ncould potentially wrap. The \"cmd.sge_count * sizeof(struct ib_uverbs_sge)\" \nmultiplication can also overflow on 32bit systems although it's fine on \n64bit systems. \n \nThis patch does two things. First, I've re-arranged the condition in \nuverbs_request_next_ptr() so that the use controlled variable \"len\" is on \none side of the comparison by itself without any math. Then I've modified \nall the callers to use size_mul() for the multiplications. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"15 Jan 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-15T15:07:04.000000Z"}2025-01-15T15:07:04+00:00