{"vulnerability": "CVE-2024-50298", "sightings": [{"uuid": "7a52532e-7e59-4b7b-944d-241e3ab1c98d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50298", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113507538177346077", "content": "", "creation_timestamp": "2024-11-19T03:39:42.741032Z"}, {"uuid": "bb4fc5f2-ce1d-4c38-babf-5b411abb861e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50298", "type": "seen", "source": "https://t.me/cvedetector/11425", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-50298 - \"Enetc NULL Pointer Dereference Vulnerability\"\", \n  \"Content\": \"CVE ID : CVE-2024-50298 \nPublished : Nov. 19, 2024, 2:16 a.m. | 41\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved:  \n  \nnet: enetc: allocate vf_state during PF probes  \n  \nIn the previous implementation, vf_state is allocated memory only when VF  \nis enabled. However, net_device_ops::ndo_set_vf_mac() may be called before  \nVF is enabled to configure the MAC address of VF. If this is the case,  \nenetc_pf_set_vf_mac() will access vf_state, resulting in access to a null  \npointer. The simplified error log is as follows.  \n  \nroot@ls1028ardb:~# ip link set eno0 vf 1 mac 00:0c:e7:66:77:89  \n[  173.543315] Unable to handle kernel NULL pointer dereference at virtual address 0000000000000004  \n[  173.637254] pc : enetc_pf_set_vf_mac+0x3c/0x80 Message from sy  \n[  173.641973] lr : do_setlink+0x4a8/0xec8  \n[  173.732292] Call trace:  \n[  173.734740]  enetc_pf_set_vf_mac+0x3c/0x80  \n[  173.738847]  __rtnl_newlink+0x530/0x89c  \n[  173.742692]  rtnl_newlink+0x50/0x7c  \n[  173.746189]  rtnetlink_rcv_msg+0x128/0x390  \n[  173.750298]  netlink_rcv_skb+0x60/0x130  \n[  173.754145]  rtnetlink_rcv+0x18/0x24  \n[  173.757731]  netlink_unicast+0x318/0x380  \n[  173.761665]  netlink_sendmsg+0x17c/0x3c8 \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"19 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-19T04:16:05.000000Z"}, {"uuid": "6813061c-7bb5-466c-b02d-7a1189df73cd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "c933734a-9be8-4142-889e-26e95c752803", "vulnerability": "CVE-2024-50298", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/816dcc8e-f25a-4895-9b59-1bbd9caeccb8", "content": "", "creation_timestamp": "2025-12-03T14:14:49.267740Z"}, {"uuid": "ecf092d1-2d7d-40e7-9d02-293f571f61ee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2024-50298", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/", "content": "", "creation_timestamp": "2026-03-19T00:00:00.000000Z"}]}