https://vulnerability.circl.lu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Wed, 27 May 2026 11:46:32 +0000 https://vulnerability.circl.lu/sighting/8aee140f-69a6-4766-ab48-d558b00a61a5/export {"uuid": "8aee140f-69a6-4766-ab48-d558b00a61a5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-58009", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/14761", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-58009\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: L2CAP: handle NULL sock pointer in l2cap_sock_alloc\n\nA NULL sock pointer is passed into l2cap_sock_alloc() when it is called\nfrom l2cap_sock_new_connection_cb() and the error handling paths should\nalso be aware of it.\n\nSeemingly a more elegant solution would be to swap bt_sock_alloc() and\nl2cap_chan_create() calls since they are not interdependent to that moment\nbut then l2cap_chan_create() adds the soon to be deallocated and still\ndummy-initialized channel to the global list accessible by many L2CAP\npaths. The channel would be removed from the list in short period of time\nbut be a bit more straight-forward here and just check for NULL instead of\nchanging the order of function calls.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE static\nanalysis tool.\n\ud83d\udccf Published: 2025-02-27T02:12:04.637Z\n\ud83d\udccf Modified: 2025-05-04T10:08:19.816Z\n\ud83d\udd17 References:\n1. https://git.kernel.org/stable/c/a9a7672fc1a0fe18502493936ccb06413ab89ea6\n2. https://git.kernel.org/stable/c/8e605f580a97530e5a3583beea458a3fa4cbefbd\n3. https://git.kernel.org/stable/c/cf601a24120c674cd7c907ea695f92617af6abd0\n4. https://git.kernel.org/stable/c/297ce7f544aa675b0d136d788cad0710cdfb0785\n5. https://git.kernel.org/stable/c/245d48c1ba3e7a1779c2f4cbc6f581ddc8a78e22\n6. https://git.kernel.org/stable/c/691218a50c3139f7f57ffa79fb89d932eda9571e\n7. https://git.kernel.org/stable/c/49c0d55d59662430f1829ae85b969619573d0fa1\n8. https://git.kernel.org/stable/c/5f397409f8ee5bc82901eeaf799e1cbc4f8edcf1", "creation_timestamp": "2025-05-04T10:17:59.000000Z"} {"uuid": "8aee140f-69a6-4766-ab48-d558b00a61a5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-58009", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/14761", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-58009\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: L2CAP: handle NULL sock pointer in l2cap_sock_alloc\n\nA NULL sock pointer is passed into l2cap_sock_alloc() when it is called\nfrom l2cap_sock_new_connection_cb() and the error handling paths should\nalso be aware of it.\n\nSeemingly a more elegant solution would be to swap bt_sock_alloc() and\nl2cap_chan_create() calls since they are not interdependent to that moment\nbut then l2cap_chan_create() adds the soon to be deallocated and still\ndummy-initialized channel to the global list accessible by many L2CAP\npaths. The channel would be removed from the list in short period of time\nbut be a bit more straight-forward here and just check for NULL instead of\nchanging the order of function calls.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE static\nanalysis tool.\n\ud83d\udccf Published: 2025-02-27T02:12:04.637Z\n\ud83d\udccf Modified: 2025-05-04T10:08:19.816Z\n\ud83d\udd17 References:\n1. https://git.kernel.org/stable/c/a9a7672fc1a0fe18502493936ccb06413ab89ea6\n2. https://git.kernel.org/stable/c/8e605f580a97530e5a3583beea458a3fa4cbefbd\n3. https://git.kernel.org/stable/c/cf601a24120c674cd7c907ea695f92617af6abd0\n4. https://git.kernel.org/stable/c/297ce7f544aa675b0d136d788cad0710cdfb0785\n5. https://git.kernel.org/stable/c/245d48c1ba3e7a1779c2f4cbc6f581ddc8a78e22\n6. https://git.kernel.org/stable/c/691218a50c3139f7f57ffa79fb89d932eda9571e\n7. https://git.kernel.org/stable/c/49c0d55d59662430f1829ae85b969619573d0fa1\n8. https://git.kernel.org/stable/c/5f397409f8ee5bc82901eeaf799e1cbc4f8edcf1", "creation_timestamp": "2025-05-04T10:17:59.000000Z"} https://vulnerability.circl.lu/sighting/8aee140f-69a6-4766-ab48-d558b00a61a5/export Sun, 04 May 2025 10:17:59 +0000