Most recent sightings.

Most recent sightings. https://vulnerability.circl.lu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Fri, 05 Jun 2026 21:38:59 +0000 12c84ba8-5366-4ef2-af1d-c5eddf18f3fc https://vulnerability.circl.lu/sighting/12c84ba8-5366-4ef2-af1d-c5eddf18f3fc/export {"uuid": "12c84ba8-5366-4ef2-af1d-c5eddf18f3fc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-57929", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lg3siwm4kr2s", "content": "", "creation_timestamp": "2025-01-19T12:16:42.193514Z"} {"uuid": "12c84ba8-5366-4ef2-af1d-c5eddf18f3fc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-57929", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lg3siwm4kr2s", "content": "", "creation_timestamp": "2025-01-19T12:16:42.193514Z"} https://vulnerability.circl.lu/sighting/12c84ba8-5366-4ef2-af1d-c5eddf18f3fc/export Sun, 19 Jan 2025 12:16:42 +0000 0aa2c6ad-feaf-43b6-b142-85de34064dff https://vulnerability.circl.lu/sighting/0aa2c6ad-feaf-43b6-b142-85de34064dff/export {"uuid": "0aa2c6ad-feaf-43b6-b142-85de34064dff", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-57929", "type": "published-proof-of-concept", "source": "https://t.me/cvedetector/15844", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-57929 - Linux Device-Mapper Array Buffer\u00edo Buffer Overwrite\", \n \"Content\": \"CVE ID : CVE-2024-57929 \nPublished : Jan. 19, 2025, 12:15 p.m. | 36\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved: \n \ndm array: fix releasing a faulty array block twice in dm_array_cursor_end \n \nWhen dm_bm_read_lock() fails due to locking or checksum errors, it \nreleases the faulty block implicitly while leaving an invalid output \npointer behind. The caller of dm_bm_read_lock() should not operate on \nthis invalid dm_block pointer, or it will lead to undefined result. \nFor example, the dm_array_cursor incorrectly caches the invalid pointer \non reading a faulty array block, causing a double release in \ndm_array_cursor_end(), then hitting the BUG_ON in dm-bufio cache_put(). \n \nReproduce steps: \n \n1. initialize a cache device \n \ndmsetup create cmeta --table \"0 8192 linear /dev/sdc 0\" \ndmsetup create cdata --table \"0 65536 linear /dev/sdc 8192\" \ndmsetup create corig --table \"0 524288 linear /dev/sdc $262144\" \ndd if=/dev/zero of=/dev/mapper/cmeta bs=4k count=1 \ndmsetup create cache --table \"0 524288 cache /dev/mapper/cmeta \\ \n/dev/mapper/cdata /dev/mapper/corig 128 2 metadata2 writethrough smq 0\" \n \n2. wipe the second array block offline \n \ndmsteup remove cache cmeta cdata corig \nmapping_root=$(dd if=/dev/sdc bs=1c count=8 skip=192 \\ \n2>/dev/null | hexdump -e '1/8 \"%u\\n\"') \nablock=$(dd if=/dev/sdc bs=1c count=8 skip=$((4096*mapping_root+2056)) \\ \n2>/dev/null | hexdump -e '1/8 \"%u\\n\"') \ndd if=/dev/zero of=/dev/sdc bs=4k count=1 seek=$ablock \n \n3. try reopen the cache device \n \ndmsetup create cmeta --table \"0 8192 linear /dev/sdc 0\" \ndmsetup create cdata --table \"0 65536 linear /dev/sdc 8192\" \ndmsetup create corig --table \"0 524288 linear /dev/sdc $262144\" \ndmsetup create cache --table \"0 524288 cache /dev/mapper/cmeta \\ \n/dev/mapper/cdata /dev/mapper/corig 128 2 metadata2 writethrough smq 0\" \n \nKernel logs: \n \n(snip) \ndevice-mapper: array: array_block_check failed: blocknr 0 != wanted 10 \ndevice-mapper: block manager: array validator check failed for block 10 \ndevice-mapper: array: get_ablock failed \ndevice-mapper: cache metadata: dm_array_cursor_next for mapping failed \n------------[ cut here ]------------ \nkernel BUG at drivers/md/dm-bufio.c:638! \n \nFix by setting the cached block pointer to NULL on errors. \n \nIn addition to the reproducer described above, this fix can be \nverified using the \"array_cursor/damaged\" test in dm-unit: \n dm-unit run /pdata/array_cursor/damaged --kernel-dir \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"19 Jan 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-19T13:58:16.000000Z"} {"uuid": "0aa2c6ad-feaf-43b6-b142-85de34064dff", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-57929", "type": "published-proof-of-concept", "source": "https://t.me/cvedetector/15844", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-57929 - Linux Device-Mapper Array Buffer\u00edo Buffer Overwrite\", \n \"Content\": \"CVE ID : CVE-2024-57929 \nPublished : Jan. 19, 2025, 12:15 p.m. | 36\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved: \n \ndm array: fix releasing a faulty array block twice in dm_array_cursor_end \n \nWhen dm_bm_read_lock() fails due to locking or checksum errors, it \nreleases the faulty block implicitly while leaving an invalid output \npointer behind. The caller of dm_bm_read_lock() should not operate on \nthis invalid dm_block pointer, or it will lead to undefined result. \nFor example, the dm_array_cursor incorrectly caches the invalid pointer \non reading a faulty array block, causing a double release in \ndm_array_cursor_end(), then hitting the BUG_ON in dm-bufio cache_put(). \n \nReproduce steps: \n \n1. initialize a cache device \n \ndmsetup create cmeta --table \"0 8192 linear /dev/sdc 0\" \ndmsetup create cdata --table \"0 65536 linear /dev/sdc 8192\" \ndmsetup create corig --table \"0 524288 linear /dev/sdc $262144\" \ndd if=/dev/zero of=/dev/mapper/cmeta bs=4k count=1 \ndmsetup create cache --table \"0 524288 cache /dev/mapper/cmeta \\ \n/dev/mapper/cdata /dev/mapper/corig 128 2 metadata2 writethrough smq 0\" \n \n2. wipe the second array block offline \n \ndmsteup remove cache cmeta cdata corig \nmapping_root=$(dd if=/dev/sdc bs=1c count=8 skip=192 \\ \n2>/dev/null | hexdump -e '1/8 \"%u\\n\"') \nablock=$(dd if=/dev/sdc bs=1c count=8 skip=$((4096*mapping_root+2056)) \\ \n2>/dev/null | hexdump -e '1/8 \"%u\\n\"') \ndd if=/dev/zero of=/dev/sdc bs=4k count=1 seek=$ablock \n \n3. try reopen the cache device \n \ndmsetup create cmeta --table \"0 8192 linear /dev/sdc 0\" \ndmsetup create cdata --table \"0 65536 linear /dev/sdc 8192\" \ndmsetup create corig --table \"0 524288 linear /dev/sdc $262144\" \ndmsetup create cache --table \"0 524288 cache /dev/mapper/cmeta \\ \n/dev/mapper/cdata /dev/mapper/corig 128 2 metadata2 writethrough smq 0\" \n \nKernel logs: \n \n(snip) \ndevice-mapper: array: array_block_check failed: blocknr 0 != wanted 10 \ndevice-mapper: block manager: array validator check failed for block 10 \ndevice-mapper: array: get_ablock failed \ndevice-mapper: cache metadata: dm_array_cursor_next for mapping failed \n------------[ cut here ]------------ \nkernel BUG at drivers/md/dm-bufio.c:638! \n \nFix by setting the cached block pointer to NULL on errors. \n \nIn addition to the reproducer described above, this fix can be \nverified using the \"array_cursor/damaged\" test in dm-unit: \n dm-unit run /pdata/array_cursor/damaged --kernel-dir \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"19 Jan 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-19T13:58:16.000000Z"} https://vulnerability.circl.lu/sighting/0aa2c6ad-feaf-43b6-b142-85de34064dff/export Sun, 19 Jan 2025 13:58:16 +0000