https://vulnerability.circl.lu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Wed, 27 May 2026 18:44:09 +0000 https://vulnerability.circl.lu/sighting/c8884148-c039-47a9-8306-211b55a34ea7/export {"uuid": "c8884148-c039-47a9-8306-211b55a34ea7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-47506", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/16494", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2021-47506\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: In the Linux kernel, the following vulnerability has been resolved:\n\nnfsd: fix use-after-free due to delegation race\n\nA delegation break could arrive as soon as we've called vfs_setlease. A\ndelegation break runs a callback which immediately (in\nnfsd4_cb_recall_prepare) adds the delegation to del_recall_lru. If we\nthen exit nfs4_set_delegation without hashing the delegation, it will be\nfreed as soon as the callback is done with it, without ever being\nremoved from del_recall_lru.\n\nSymptoms show up later as use-after-free or list corruption warnings,\nusually in the laundromat thread.\n\nI suspect aba2072f4523 \"nfsd: grant read delegations to clients holding\nwrites\" made this bug easier to hit, but I looked as far back as v3.0\nand it looks to me it already had the same problem. So I'm not sure\nwhere the bug was introduced; it may have been there from the beginning.\n\ud83d\udccf Published: 2024-05-24T15:01:52.746Z\n\ud83d\udccf Modified: 2025-05-15T12:32:37.708Z\n\ud83d\udd17 References:\n1. https://git.kernel.org/stable/c/04a8d07f3d58308b92630045560799a3faa3ebce\n2. https://git.kernel.org/stable/c/348714018139c39533c55661a0c7c990671396b4\n3. https://git.kernel.org/stable/c/33645d3e22720cac1e4548f8fef57bf0649536ee\n4. https://git.kernel.org/stable/c/2becaa990b93cbd2928292c0b669d3abb6cf06d4\n5. https://git.kernel.org/stable/c/e0759696de6851d7536efddfdd2dfed4c4df1f09\n6. https://git.kernel.org/stable/c/eeb0711801f5e19ef654371b627682aed3b11373\n7. https://git.kernel.org/stable/c/148c816f10fd11df27ca6a9b3238cdd42fa72cd3\n8. https://git.kernel.org/stable/c/548ec0805c399c65ed66c6641be467f717833ab5", "creation_timestamp": "2025-05-15T13:33:41.000000Z"} {"uuid": "c8884148-c039-47a9-8306-211b55a34ea7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-47506", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/16494", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2021-47506\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: In the Linux kernel, the following vulnerability has been resolved:\n\nnfsd: fix use-after-free due to delegation race\n\nA delegation break could arrive as soon as we've called vfs_setlease. A\ndelegation break runs a callback which immediately (in\nnfsd4_cb_recall_prepare) adds the delegation to del_recall_lru. If we\nthen exit nfs4_set_delegation without hashing the delegation, it will be\nfreed as soon as the callback is done with it, without ever being\nremoved from del_recall_lru.\n\nSymptoms show up later as use-after-free or list corruption warnings,\nusually in the laundromat thread.\n\nI suspect aba2072f4523 \"nfsd: grant read delegations to clients holding\nwrites\" made this bug easier to hit, but I looked as far back as v3.0\nand it looks to me it already had the same problem. So I'm not sure\nwhere the bug was introduced; it may have been there from the beginning.\n\ud83d\udccf Published: 2024-05-24T15:01:52.746Z\n\ud83d\udccf Modified: 2025-05-15T12:32:37.708Z\n\ud83d\udd17 References:\n1. https://git.kernel.org/stable/c/04a8d07f3d58308b92630045560799a3faa3ebce\n2. https://git.kernel.org/stable/c/348714018139c39533c55661a0c7c990671396b4\n3. https://git.kernel.org/stable/c/33645d3e22720cac1e4548f8fef57bf0649536ee\n4. https://git.kernel.org/stable/c/2becaa990b93cbd2928292c0b669d3abb6cf06d4\n5. https://git.kernel.org/stable/c/e0759696de6851d7536efddfdd2dfed4c4df1f09\n6. https://git.kernel.org/stable/c/eeb0711801f5e19ef654371b627682aed3b11373\n7. https://git.kernel.org/stable/c/148c816f10fd11df27ca6a9b3238cdd42fa72cd3\n8. https://git.kernel.org/stable/c/548ec0805c399c65ed66c6641be467f717833ab5", "creation_timestamp": "2025-05-15T13:33:41.000000Z"} https://vulnerability.circl.lu/sighting/c8884148-c039-47a9-8306-211b55a34ea7/export Thu, 15 May 2025 13:33:41 +0000