https://vulnerability.circl.lu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Wed, 06 May 2026 01:37:25 +0000 https://vulnerability.circl.lu/sighting/4ed81eda-94ab-4b8c-bb1a-44e1c2ebd6ad/export {"uuid": "4ed81eda-94ab-4b8c-bb1a-44e1c2ebd6ad", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-49085", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/5748", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-49085\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: In the Linux kernel, the following vulnerability has been resolved:\n\ndrbd: Fix five use after free bugs in get_initial_state\n\nIn get_initial_state, it calls notify_initial_state_done(skb,..) if\ncb->args[5]==1. If genlmsg_put() failed in notify_initial_state_done(),\nthe skb will be freed by nlmsg_free(skb).\nThen get_initial_state will goto out and the freed skb will be used by\nreturn value skb->len, which is a uaf bug.\n\nWhat's worse, the same problem goes even further: skb can also be\nfreed in the notify_*_state_change -> notify_*_state calls below.\nThus 4 additional uaf bugs happened.\n\nMy patch lets the problem callee functions: notify_initial_state_done\nand notify_*_state_change return an error code if errors happen.\nSo that the error codes could be propagated and the uaf bugs can be avoid.\n\nv2 reports a compilation warning. This v3 fixed this warning and built\nsuccessfully in my local environment with no additional warnings.\nv2: https://lore.kernel.org/patchwork/patch/1435218/\n\ud83d\udccf Published: 2025-02-26T01:54:43.579Z\n\ud83d\udccf Modified: 2025-02-27T18:02:29.848Z\n\ud83d\udd17 References:\n1. https://git.kernel.org/stable/c/0489700bfeb1e53eb2039c2291c67e71b0b40103\n2. https://git.kernel.org/stable/c/dcf6be17b5c53b741898d2223b23e66d682de300\n3. https://git.kernel.org/stable/c/188fe6b26765edbad4055611c0f788b6870f4024\n4. https://git.kernel.org/stable/c/b6a4055036eed1f5e239ce3d8b0db1ce38bba447\n5. https://git.kernel.org/stable/c/594205b4936771a250f9d141e7e0fff21c3dd2d9\n6. https://git.kernel.org/stable/c/a972c768723359ec995579902473028fe3cd64b1\n7. https://git.kernel.org/stable/c/de63e74da2333b4068bb79983e632db730fea97e\n8. https://git.kernel.org/stable/c/226e993c39405292781bfcf4b039a8db56aab362\n9. https://git.kernel.org/stable/c/aadb22ba2f656581b2f733deb3a467c48cc618f6", "creation_timestamp": "2025-02-27T18:27:11.000000Z"} {"uuid": "4ed81eda-94ab-4b8c-bb1a-44e1c2ebd6ad", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-49085", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/5748", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-49085\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: In the Linux kernel, the following vulnerability has been resolved:\n\ndrbd: Fix five use after free bugs in get_initial_state\n\nIn get_initial_state, it calls notify_initial_state_done(skb,..) if\ncb->args[5]==1. If genlmsg_put() failed in notify_initial_state_done(),\nthe skb will be freed by nlmsg_free(skb).\nThen get_initial_state will goto out and the freed skb will be used by\nreturn value skb->len, which is a uaf bug.\n\nWhat's worse, the same problem goes even further: skb can also be\nfreed in the notify_*_state_change -> notify_*_state calls below.\nThus 4 additional uaf bugs happened.\n\nMy patch lets the problem callee functions: notify_initial_state_done\nand notify_*_state_change return an error code if errors happen.\nSo that the error codes could be propagated and the uaf bugs can be avoid.\n\nv2 reports a compilation warning. This v3 fixed this warning and built\nsuccessfully in my local environment with no additional warnings.\nv2: https://lore.kernel.org/patchwork/patch/1435218/\n\ud83d\udccf Published: 2025-02-26T01:54:43.579Z\n\ud83d\udccf Modified: 2025-02-27T18:02:29.848Z\n\ud83d\udd17 References:\n1. https://git.kernel.org/stable/c/0489700bfeb1e53eb2039c2291c67e71b0b40103\n2. https://git.kernel.org/stable/c/dcf6be17b5c53b741898d2223b23e66d682de300\n3. https://git.kernel.org/stable/c/188fe6b26765edbad4055611c0f788b6870f4024\n4. https://git.kernel.org/stable/c/b6a4055036eed1f5e239ce3d8b0db1ce38bba447\n5. https://git.kernel.org/stable/c/594205b4936771a250f9d141e7e0fff21c3dd2d9\n6. https://git.kernel.org/stable/c/a972c768723359ec995579902473028fe3cd64b1\n7. https://git.kernel.org/stable/c/de63e74da2333b4068bb79983e632db730fea97e\n8. https://git.kernel.org/stable/c/226e993c39405292781bfcf4b039a8db56aab362\n9. https://git.kernel.org/stable/c/aadb22ba2f656581b2f733deb3a467c48cc618f6", "creation_timestamp": "2025-02-27T18:27:11.000000Z"} https://vulnerability.circl.lu/sighting/4ed81eda-94ab-4b8c-bb1a-44e1c2ebd6ad/export Thu, 27 Feb 2025 18:27:11 +0000