{"vulnerability": "CVE-2024-53066", "sightings": [{"uuid": "433e08f9-75d4-48dc-8cf1-4c8072691925", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-53066", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-226-07", "content": "", "creation_timestamp": "2025-08-14T10:00:00.000000Z"}, {"uuid": "28edd734-672f-4de6-be7c-a02a8c15ab3f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-53066", "type": "seen", "source": "https://t.me/cvedetector/11493", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-53066 - Linux NFS decode_getfattr_attrs Uninitialized Memory Disclosure\", \n  \"Content\": \"CVE ID : CVE-2024-53066 \nPublished : Nov. 19, 2024, 6:15 p.m. | 37\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved:  \n  \nnfs: Fix KMSAN warning in decode_getfattr_attrs()  \n  \nFix the following KMSAN warning:  \n  \nCPU: 1 UID: 0 PID: 7651 Comm: cp Tainted: G    B  \nTainted: [B]=BAD_PAGE  \nHardware name: QEMU Standard PC (Q35 + ICH9, 2009)  \n=====================================================  \n=====================================================  \nBUG: KMSAN: uninit-value in decode_getfattr_attrs+0x2d6d/0x2f90  \n decode_getfattr_attrs+0x2d6d/0x2f90  \n decode_getfattr_generic+0x806/0xb00  \n nfs4_xdr_dec_getattr+0x1de/0x240  \n rpcauth_unwrap_resp_decode+0xab/0x100  \n rpcauth_unwrap_resp+0x95/0xc0  \n call_decode+0x4ff/0xb50  \n __rpc_execute+0x57b/0x19d0  \n rpc_execute+0x368/0x5e0  \n rpc_run_task+0xcfe/0xee0  \n nfs4_proc_getattr+0x5b5/0x990  \n __nfs_revalidate_inode+0x477/0xd00  \n nfs_access_get_cached+0x1021/0x1cc0  \n nfs_do_access+0x9f/0xae0  \n nfs_permission+0x1e4/0x8c0  \n inode_permission+0x356/0x6c0  \n link_path_walk+0x958/0x1330  \n path_lookupat+0xce/0x6b0  \n filename_lookup+0x23e/0x770  \n vfs_statx+0xe7/0x970  \n vfs_fstatat+0x1f2/0x2c0  \n __se_sys_newfstatat+0x67/0x880  \n __x64_sys_newfstatat+0xbd/0x120  \n x64_sys_call+0x1826/0x3cf0  \n do_syscall_64+0xd0/0x1b0  \n entry_SYSCALL_64_after_hwframe+0x77/0x7f  \n  \nThe KMSAN warning is triggered in decode_getfattr_attrs(), when calling  \ndecode_attr_mdsthreshold(). It appears that fattr->mdsthreshold is not  \ninitialized.  \n  \nFix the issue by initializing fattr->mdsthreshold to NULL in  \nnfs_fattr_init(). \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"19 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-19T20:09:55.000000Z"}]}