Most recent sightings.

Most recent sightings. https://vulnerability.circl.lu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Thu, 07 May 2026 07:13:03 +0000 9661d1d4-a253-4473-9da9-df3a6753510e https://vulnerability.circl.lu/sighting/9661d1d4-a253-4473-9da9-df3a6753510e/export {"uuid": "9661d1d4-a253-4473-9da9-df3a6753510e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-46796", "type": "seen", "source": "https://t.me/cvedetector/5928", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-46796 - Linux CIFS smb2_set_path_size Double Put Vulnerability\", \n \"Content\": \"CVE ID : CVE-2024-46796 \nPublished : Sept. 18, 2024, 8:15 a.m. | 35\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved: \n \nsmb: client: fix double put of @cfile in smb2_set_path_size() \n \nIf smb2_compound_op() is called with a valid @cfile and returned \n-EINVAL, we need to call cifs_get_writable_path() before retrying it \nas the reference of @cfile was already dropped by previous call. \n \nThis fixes the following KASAN splat when running fstests generic/013 \nagainst Windows Server 2022: \n \n CIFS: Attempting to mount //w22-fs0/scratch \n run fstests generic/013 at 2024-09-02 19:48:59 \n ================================================================== \n BUG: KASAN: slab-use-after-free in detach_if_pending+0xab/0x200 \n Write of size 8 at addr ffff88811f1a3730 by task kworker/3:2/176 \n \n CPU: 3 UID: 0 PID: 176 Comm: kworker/3:2 Not tainted 6.11.0-rc6 #2 \n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-2.fc40 \n 04/01/2014 \n Workqueue: cifsoplockd cifs_oplock_break [cifs] \n Call Trace: \n \n dump_stack_lvl+0x5d/0x80 \n ? detach_if_pending+0xab/0x200 \n print_report+0x156/0x4d9 \n ? detach_if_pending+0xab/0x200 \n ? __virt_addr_valid+0x145/0x300 \n ? __phys_addr+0x46/0x90 \n ? detach_if_pending+0xab/0x200 \n kasan_report+0xda/0x110 \n ? detach_if_pending+0xab/0x200 \n detach_if_pending+0xab/0x200 \n timer_delete+0x96/0xe0 \n ? __pfx_timer_delete+0x10/0x10 \n ? rcu_is_watching+0x20/0x50 \n try_to_grab_pending+0x46/0x3b0 \n __cancel_work+0x89/0x1b0 \n ? __pfx___cancel_work+0x10/0x10 \n ? kasan_save_track+0x14/0x30 \n cifs_close_deferred_file+0x110/0x2c0 [cifs] \n ? __pfx_cifs_close_deferred_file+0x10/0x10 [cifs] \n ? __pfx_down_read+0x10/0x10 \n cifs_oplock_break+0x4c1/0xa50 [cifs] \n ? __pfx_cifs_oplock_break+0x10/0x10 [cifs] \n ? lock_is_held_type+0x85/0xf0 \n ? mark_held_locks+0x1a/0x90 \n process_one_work+0x4c6/0x9f0 \n ? find_held_lock+0x8a/0xa0 \n ? __pfx_process_one_work+0x10/0x10 \n ? lock_acquired+0x220/0x550 \n ? __list_add_valid_or_report+0x37/0x100 \n worker_thread+0x2e4/0x570 \n ? __kthread_parkme+0xd1/0xf0 \n ? __pfx_worker_thread+0x10/0x10 \n kthread+0x17f/0x1c0 \n ? kthread+0xda/0x1c0 \n ? __pfx_kthread+0x10/0x10 \n ret_from_fork+0x31/0x60 \n ? __pfx_kthread+0x10/0x10 \n ret_from_fork_asm+0x1a/0x30 \n \n \n Allocated by task 1118: \n kasan_save_stack+0x30/0x50 \n kasan_save_track+0x14/0x30 \n __kasan_kmalloc+0xaa/0xb0 \n cifs_new_fileinfo+0xc8/0x9d0 [cifs] \n cifs_atomic_open+0x467/0x770 [cifs] \n lookup_open.isra.0+0x665/0x8b0 \n path_openat+0x4c3/0x1380 \n do_filp_open+0x167/0x270 \n do_sys_openat2+0x129/0x160 \n __x64_sys_creat+0xad/0xe0 \n do_syscall_64+0xbb/0x1d0 \n entry_SYSCALL_64_after_hwframe+0x77/0x7f \n \n Freed by task 83: \n kasan_save_stack+0x30/0x50 \n kasan_save_track+0x14/0x30 \n kasan_save_free_info+0x3b/0x70 \n poison_slab_object+0xe9/0x160 \n __kasan_slab_free+0x32/0x50 \n kfree+0xf2/0x300 \n process_one_work+0x4c6/0x9f0 \n worker_thread+0x2e4/0x570 \n kthread+0x17f/0x1c0 \n ret_from_fork+0x31/0x60 \n ret_from_fork_asm+0x1a/0x30 \n \n Last potentially related work creation: \n kasan_save_stack+0x30/0x50 \n __kasan_record_aux_stack+0xad/0xc0 \n insert_work+0x29/0xe0 \n __queue_work+0x5ea/0x760 \n queue_work_on+0x6d/0x90 \n _cifsFileInfo_put+0x3f6/0x770 [cifs] \n smb2_compound_op+0x911/0x3940 [cifs] \n smb2_set_path_size+0x228/0x270 [cifs] \n cifs_set_file_size+0x197/0x460 [cifs] \n cifs_setattr+0xd9c/0x14b0 [cifs] \n notify_change+0x4e3/0x740 \n do_truncate+0xfa/0x180 \n vfs_truncate+0x195/0x200 \n __x64_sys_truncate+0x109/0x150 \n do_syscall_64+0xbb/0x1d0 \n entry_SYSCALL_64_after_hwframe+0x77/0x7f \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details[...]", "creation_timestamp": "2024-09-18T10:52:25.000000Z"} {"uuid": "9661d1d4-a253-4473-9da9-df3a6753510e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-46796", "type": "seen", "source": "https://t.me/cvedetector/5928", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-46796 - Linux CIFS smb2_set_path_size Double Put Vulnerability\", \n \"Content\": \"CVE ID : CVE-2024-46796 \nPublished : Sept. 18, 2024, 8:15 a.m. | 35\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved: \n \nsmb: client: fix double put of @cfile in smb2_set_path_size() \n \nIf smb2_compound_op() is called with a valid @cfile and returned \n-EINVAL, we need to call cifs_get_writable_path() before retrying it \nas the reference of @cfile was already dropped by previous call. \n \nThis fixes the following KASAN splat when running fstests generic/013 \nagainst Windows Server 2022: \n \n CIFS: Attempting to mount //w22-fs0/scratch \n run fstests generic/013 at 2024-09-02 19:48:59 \n ================================================================== \n BUG: KASAN: slab-use-after-free in detach_if_pending+0xab/0x200 \n Write of size 8 at addr ffff88811f1a3730 by task kworker/3:2/176 \n \n CPU: 3 UID: 0 PID: 176 Comm: kworker/3:2 Not tainted 6.11.0-rc6 #2 \n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-2.fc40 \n 04/01/2014 \n Workqueue: cifsoplockd cifs_oplock_break [cifs] \n Call Trace: \n \n dump_stack_lvl+0x5d/0x80 \n ? detach_if_pending+0xab/0x200 \n print_report+0x156/0x4d9 \n ? detach_if_pending+0xab/0x200 \n ? __virt_addr_valid+0x145/0x300 \n ? __phys_addr+0x46/0x90 \n ? detach_if_pending+0xab/0x200 \n kasan_report+0xda/0x110 \n ? detach_if_pending+0xab/0x200 \n detach_if_pending+0xab/0x200 \n timer_delete+0x96/0xe0 \n ? __pfx_timer_delete+0x10/0x10 \n ? rcu_is_watching+0x20/0x50 \n try_to_grab_pending+0x46/0x3b0 \n __cancel_work+0x89/0x1b0 \n ? __pfx___cancel_work+0x10/0x10 \n ? kasan_save_track+0x14/0x30 \n cifs_close_deferred_file+0x110/0x2c0 [cifs] \n ? __pfx_cifs_close_deferred_file+0x10/0x10 [cifs] \n ? __pfx_down_read+0x10/0x10 \n cifs_oplock_break+0x4c1/0xa50 [cifs] \n ? __pfx_cifs_oplock_break+0x10/0x10 [cifs] \n ? lock_is_held_type+0x85/0xf0 \n ? mark_held_locks+0x1a/0x90 \n process_one_work+0x4c6/0x9f0 \n ? find_held_lock+0x8a/0xa0 \n ? __pfx_process_one_work+0x10/0x10 \n ? lock_acquired+0x220/0x550 \n ? __list_add_valid_or_report+0x37/0x100 \n worker_thread+0x2e4/0x570 \n ? __kthread_parkme+0xd1/0xf0 \n ? __pfx_worker_thread+0x10/0x10 \n kthread+0x17f/0x1c0 \n ? kthread+0xda/0x1c0 \n ? __pfx_kthread+0x10/0x10 \n ret_from_fork+0x31/0x60 \n ? __pfx_kthread+0x10/0x10 \n ret_from_fork_asm+0x1a/0x30 \n \n \n Allocated by task 1118: \n kasan_save_stack+0x30/0x50 \n kasan_save_track+0x14/0x30 \n __kasan_kmalloc+0xaa/0xb0 \n cifs_new_fileinfo+0xc8/0x9d0 [cifs] \n cifs_atomic_open+0x467/0x770 [cifs] \n lookup_open.isra.0+0x665/0x8b0 \n path_openat+0x4c3/0x1380 \n do_filp_open+0x167/0x270 \n do_sys_openat2+0x129/0x160 \n __x64_sys_creat+0xad/0xe0 \n do_syscall_64+0xbb/0x1d0 \n entry_SYSCALL_64_after_hwframe+0x77/0x7f \n \n Freed by task 83: \n kasan_save_stack+0x30/0x50 \n kasan_save_track+0x14/0x30 \n kasan_save_free_info+0x3b/0x70 \n poison_slab_object+0xe9/0x160 \n __kasan_slab_free+0x32/0x50 \n kfree+0xf2/0x300 \n process_one_work+0x4c6/0x9f0 \n worker_thread+0x2e4/0x570 \n kthread+0x17f/0x1c0 \n ret_from_fork+0x31/0x60 \n ret_from_fork_asm+0x1a/0x30 \n \n Last potentially related work creation: \n kasan_save_stack+0x30/0x50 \n __kasan_record_aux_stack+0xad/0xc0 \n insert_work+0x29/0xe0 \n __queue_work+0x5ea/0x760 \n queue_work_on+0x6d/0x90 \n _cifsFileInfo_put+0x3f6/0x770 [cifs] \n smb2_compound_op+0x911/0x3940 [cifs] \n smb2_set_path_size+0x228/0x270 [cifs] \n cifs_set_file_size+0x197/0x460 [cifs] \n cifs_setattr+0xd9c/0x14b0 [cifs] \n notify_change+0x4e3/0x740 \n do_truncate+0xfa/0x180 \n vfs_truncate+0x195/0x200 \n __x64_sys_truncate+0x109/0x150 \n do_syscall_64+0xbb/0x1d0 \n entry_SYSCALL_64_after_hwframe+0x77/0x7f \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details[...]", "creation_timestamp": "2024-09-18T10:52:25.000000Z"} https://vulnerability.circl.lu/sighting/9661d1d4-a253-4473-9da9-df3a6753510e/export Wed, 18 Sep 2024 10:52:25 +0000