Most recent sightings.

Most recent sightings. https://vulnerability.circl.lu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Fri, 08 May 2026 03:10:51 +0000 303522d1-5358-42b2-a468-01e101312dce https://vulnerability.circl.lu/sighting/303522d1-5358-42b2-a468-01e101312dce/export {"uuid": "303522d1-5358-42b2-a468-01e101312dce", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50072", "type": "seen", "source": "https://t.me/cvedetector/9237", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-50072 - Linux Kernel x86 VERW Use-After-Free Vulnerability\", \n \"Content\": \"CVE ID : CVE-2024-50072 \nPublished : Oct. 29, 2024, 1:15 a.m. | 38\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved: \n \nx86/bugs: Use code segment selector for VERW operand \n \nRobert Gill reported below #GP in 32-bit mode when dosemu software was \nexecuting vm86() system call: \n \n general protection fault: 0000 [#1] PREEMPT SMP \n CPU: 4 PID: 4610 Comm: dosemu.bin Not tainted 6.6.21-gentoo-x86 #1 \n Hardware name: Dell Inc. PowerEdge 1950/0H723K, BIOS 2.7.0 10/30/2010 \n EIP: restore_all_switch_stack+0xbe/0xcf \n EAX: 00000000 EBX: 00000000 ECX: 00000000 EDX: 00000000 \n ESI: 00000000 EDI: 00000000 EBP: 00000000 ESP: ff8affdc \n DS: 0000 ES: 0000 FS: 0000 GS: 0033 SS: 0068 EFLAGS: 00010046 \n CR0: 80050033 CR2: 00c2101c CR3: 04b6d000 CR4: 000406d0 \n Call Trace: \n show_regs+0x70/0x78 \n die_addr+0x29/0x70 \n exc_general_protection+0x13c/0x348 \n exc_bounds+0x98/0x98 \n handle_exception+0x14d/0x14d \n exc_bounds+0x98/0x98 \n restore_all_switch_stack+0xbe/0xcf \n exc_bounds+0x98/0x98 \n restore_all_switch_stack+0xbe/0xcf \n \nThis only happens in 32-bit mode when VERW based mitigations like MDS/RFDS \nare enabled. This is because segment registers with an arbitrary user value \ncan result in #GP when executing VERW. Intel SDM vol. 2C documents the \nfollowing behavior for VERW instruction: \n \n #GP(0) - If a memory operand effective address is outside the CS, DS, ES, \n FS, or GS segment limit. \n \nCLEAR_CPU_BUFFERS macro executes VERW instruction before returning to user \nspace. Use %cs selector to reference VERW operand. This ensures VERW will \nnot #GP for an arbitrary user %ds. \n \n[ mingo: Fixed the SOB chain. ] \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"29 Oct 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-29T03:03:14.000000Z"} {"uuid": "303522d1-5358-42b2-a468-01e101312dce", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50072", "type": "seen", "source": "https://t.me/cvedetector/9237", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-50072 - Linux Kernel x86 VERW Use-After-Free Vulnerability\", \n \"Content\": \"CVE ID : CVE-2024-50072 \nPublished : Oct. 29, 2024, 1:15 a.m. | 38\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved: \n \nx86/bugs: Use code segment selector for VERW operand \n \nRobert Gill reported below #GP in 32-bit mode when dosemu software was \nexecuting vm86() system call: \n \n general protection fault: 0000 [#1] PREEMPT SMP \n CPU: 4 PID: 4610 Comm: dosemu.bin Not tainted 6.6.21-gentoo-x86 #1 \n Hardware name: Dell Inc. PowerEdge 1950/0H723K, BIOS 2.7.0 10/30/2010 \n EIP: restore_all_switch_stack+0xbe/0xcf \n EAX: 00000000 EBX: 00000000 ECX: 00000000 EDX: 00000000 \n ESI: 00000000 EDI: 00000000 EBP: 00000000 ESP: ff8affdc \n DS: 0000 ES: 0000 FS: 0000 GS: 0033 SS: 0068 EFLAGS: 00010046 \n CR0: 80050033 CR2: 00c2101c CR3: 04b6d000 CR4: 000406d0 \n Call Trace: \n show_regs+0x70/0x78 \n die_addr+0x29/0x70 \n exc_general_protection+0x13c/0x348 \n exc_bounds+0x98/0x98 \n handle_exception+0x14d/0x14d \n exc_bounds+0x98/0x98 \n restore_all_switch_stack+0xbe/0xcf \n exc_bounds+0x98/0x98 \n restore_all_switch_stack+0xbe/0xcf \n \nThis only happens in 32-bit mode when VERW based mitigations like MDS/RFDS \nare enabled. This is because segment registers with an arbitrary user value \ncan result in #GP when executing VERW. Intel SDM vol. 2C documents the \nfollowing behavior for VERW instruction: \n \n #GP(0) - If a memory operand effective address is outside the CS, DS, ES, \n FS, or GS segment limit. \n \nCLEAR_CPU_BUFFERS macro executes VERW instruction before returning to user \nspace. Use %cs selector to reference VERW operand. This ensures VERW will \nnot #GP for an arbitrary user %ds. \n \n[ mingo: Fixed the SOB chain. ] \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"29 Oct 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-29T03:03:14.000000Z"} https://vulnerability.circl.lu/sighting/303522d1-5358-42b2-a468-01e101312dce/export Tue, 29 Oct 2024 03:03:14 +0000