{"vulnerability": "cve-2024-4099", "sightings": [{"uuid": "0848c4c5-3756-434e-9841-86531c2f3e29", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40990", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-226-07", "content": "", "creation_timestamp": "2025-08-14T10:00:00.000000Z"}, {"uuid": "d735f827-7a8c-46e8-9540-a29bca885a48", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40995", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-226-07", "content": "", "creation_timestamp": "2025-08-14T10:00:00.000000Z"}, {"uuid": "8d56b26b-9534-4181-9e38-ef2606200d96", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2024-40998", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/", "content": "", "creation_timestamp": "2026-03-19T00:00:00.000000Z"}, {"uuid": "ead0e872-f04b-46d6-9edc-bf6cf17d547c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2024-40999", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/", "content": "", "creation_timestamp": "2026-03-19T00:00:00.000000Z"}, {"uuid": "07b89cff-05c9-4e24-b391-9ceae4187f5b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "c933734a-9be8-4142-889e-26e95c752803", "vulnerability": "CVE-2024-40999", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/816dcc8e-f25a-4895-9b59-1bbd9caeccb8", "content": "", "creation_timestamp": "2025-12-03T14:14:49.267740Z"}, {"uuid": "d94175aa-1ed1-4fde-aeff-c8219351bf37", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "c933734a-9be8-4142-889e-26e95c752803", "vulnerability": "CVE-2024-40998", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/816dcc8e-f25a-4895-9b59-1bbd9caeccb8", "content": "", "creation_timestamp": "2025-12-03T14:14:49.267740Z"}, {"uuid": "aeeeaab0-1f15-4789-a467-4c415da0cb59", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "c933734a-9be8-4142-889e-26e95c752803", "vulnerability": "CVE-2024-40990", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/816dcc8e-f25a-4895-9b59-1bbd9caeccb8", "content": "", "creation_timestamp": "2025-12-03T14:14:49.267740Z"}, {"uuid": "db7cd2a5-ad31-42e4-b8b1-cceec68afecd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40998", "type": "seen", "source": "https://t.me/cvedetector/740", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-40998 - In the Linux kernel, the following vulnerability h\", \n \"Content\": \"CVE ID : CVE-2024-40998 \nPublished : July 12, 2024, 1:15 p.m. | 39\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved: \n \next4: fix uninitialized ratelimit_state->lock access in __ext4_fill_super() \n \nIn the following concurrency we will access the uninitialized rs->lock: \n \next4_fill_super \n ext4_register_sysfs \n // sysfs registered msg_ratelimit_interval_ms \n // Other processes modify rs->interval to \n // non-zero via msg_ratelimit_interval_ms \n ext4_orphan_cleanup \n ext4_msg(sb, KERN_INFO, \"Errors on filesystem, \" \n __ext4_msg \n ___ratelimit(&(EXT4_SB(sb)->s_msg_ratelimit_state) \n if (!rs->interval) // do nothing if interval is 0 \n return 1; \n raw_spin_trylock_irqsave(&rs->lock, flags) \n raw_spin_trylock(lock) \n _raw_spin_trylock \n __raw_spin_trylock \n spin_acquire(&lock->dep_map, 0, 1, _RET_IP_) \n lock_acquire \n __lock_acquire \n register_lock_class \n assign_lock_key \n dump_stack(); \n ratelimit_state_init(&sbi->s_msg_ratelimit_state, 5 * HZ, 10); \n raw_spin_lock_init(&rs->lock); \n // init rs->lock here \n \nand get the following dump_stack: \n \n========================================================= \nINFO: trying to register non-static key. \nThe code is fine but needs lockdep annotation, or maybe \nyou didn't initialize this object before use? \nturning off the locking correctness validator. \nCPU: 12 PID: 753 Comm: mount Tainted: G E 6.7.0-rc6-next-20231222 #504 \n[...] \nCall Trace: \n dump_stack_lvl+0xc5/0x170 \n dump_stack+0x18/0x30 \n register_lock_class+0x740/0x7c0 \n __lock_acquire+0x69/0x13a0 \n lock_acquire+0x120/0x450 \n _raw_spin_trylock+0x98/0xd0 \n ___ratelimit+0xf6/0x220 \n __ext4_msg+0x7f/0x160 [ext4] \n ext4_orphan_cleanup+0x665/0x740 [ext4] \n __ext4_fill_super+0x21ea/0x2b10 [ext4] \n ext4_fill_super+0x14d/0x360 [ext4] \n[...] \n========================================================= \n \nNormally interval is 0 until s_msg_ratelimit_state is initialized, so \n___ratelimit() does nothing. But registering sysfs precedes initializing \nrs->lock, so it is possible to change rs->interval to a non-zero value \nvia the msg_ratelimit_interval_ms interface of sysfs while rs->lock is \nuninitialized, and then a call to ext4_msg triggers the problem by \naccessing an uninitialized rs->lock. Therefore register sysfs after all \ninitializations are complete to avoid such problems. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"12 Jul 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-12T16:05:55.000000Z"}, {"uuid": "4bb10ef6-ccc4-4f3d-8cca-41ff5c05e013", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40992", "type": "seen", "source": "https://t.me/cvedetector/737", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-40992 - In the Linux kernel, the following vulnerability h\", \n \"Content\": \"CVE ID : CVE-2024-40992 \nPublished : July 12, 2024, 1:15 p.m. | 39\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved: \n \nRDMA/rxe: Fix responder length checking for UD request packets \n \nAccording to the IBA specification: \nIf a UD request packet is detected with an invalid length, the request \nshall be an invalid request and it shall be silently dropped by \nthe responder. The responder then waits for a new request packet. \n \ncommit 689c5421bfe0 (\"RDMA/rxe: Fix incorrect responder length checking\") \ndefers responder length check for UD QPs in function `copy_data`. \nBut it introduces a regression issue for UD QPs. \n \nWhen the packet size is too large to fit in the receive buffer. \n`copy_data` will return error code -EINVAL. Then `send_data_in` \nwill return RESPST_ERR_MALFORMED_WQE. UD QP will transfer into \nERROR state. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"12 Jul 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-12T16:05:14.000000Z"}, {"uuid": "4c9a2c8f-5f25-4232-b441-673ebe5a6007", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40990", "type": "seen", "source": "https://t.me/cvedetector/739", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-40990 - In the Linux kernel, the following vulnerability h\", \n \"Content\": \"CVE ID : CVE-2024-40990 \nPublished : July 12, 2024, 1:15 p.m. | 39\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved: \n \nRDMA/mlx5: Add check for srq max_sge attribute \n \nmax_sge attribute is passed by the user, and is inserted and used \nunchecked, so verify that the value doesn't exceed maximum allowed value \nbefore using it. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"12 Jul 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-12T16:05:54.000000Z"}, {"uuid": "c078f66d-543f-49d7-adba-cc893517e1bb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40999", "type": "seen", "source": "https://t.me/cvedetector/738", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-40999 - In the Linux kernel, the following vulnerability h\", \n \"Content\": \"CVE ID : CVE-2024-40999 \nPublished : July 12, 2024, 1:15 p.m. | 39\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved: \n \nnet: ena: Add validation for completion descriptors consistency \n \nValidate that `first` flag is set only for the first \ndescriptor in multi-buffer packets. \nIn case of an invalid descriptor, a reset will occur. \nA new reset reason for RX data corruption has been added. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"12 Jul 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-12T16:05:15.000000Z"}, {"uuid": "ffa65ed3-e599-4fe4-8ba3-eba17f1ef0f9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40994", "type": "seen", "source": "https://t.me/cvedetector/735", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-40994 - In the Linux kernel, the following vulnerability h\", \n \"Content\": \"CVE ID : CVE-2024-40994 \nPublished : July 12, 2024, 1:15 p.m. | 39\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved: \n \nptp: fix integer overflow in max_vclocks_store \n \nOn 32bit systems, the \"4 * max\" multiply can overflow. Use kcalloc() \nto do the allocation to prevent this. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"12 Jul 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-12T16:05:12.000000Z"}, {"uuid": "7e351769-8319-487a-a446-96e5c5a4fa5c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4099", "type": "seen", "source": "https://t.me/cvedetector/6471", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-4099 - \"GitLab EE AI Feature Unsanitized Content Vulnerability (Prompt Injection)\"\", \n \"Content\": \"CVE ID : CVE-2024-4099 \nPublished : Sept. 26, 2024, 11:15 p.m. | 40\u00a0minutes ago \nDescription : An issue has been discovered in GitLab EE affecting all versions starting from 16.0 prior to 17.2.8, from 17.3 prior to 17.3.4, and from 17.4 prior to 17.4.1. An AI feature was found to read unsanitized content in a way that could have allowed an attacker to hide prompt injection. \nSeverity: 3.1 | LOW \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"27 Sep 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-27T02:22:25.000000Z"}, {"uuid": "119c6fc3-79f7-465f-aaae-f296a7c2c9d4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40991", "type": "seen", "source": "https://t.me/cvedetector/730", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-40991 - In the Linux kernel, the following vulnerability h\", \n \"Content\": \"CVE ID : CVE-2024-40991 \nPublished : July 12, 2024, 1:15 p.m. | 39\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved: \n \ndmaengine: ti: k3-udma-glue: Fix of_k3_udma_glue_parse_chn_by_id() \n \nThe of_k3_udma_glue_parse_chn_by_id() helper function erroneously \ninvokes \"of_node_put()\" on the \"udmax_np\" device-node passed to it, \nwithout having incremented its reference count at any point. Fix it. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"12 Jul 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-12T16:05:04.000000Z"}, {"uuid": "d88f20dd-284f-4724-b7e4-6926a4692e32", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40993", "type": "seen", "source": "https://t.me/cvedetector/729", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-40993 - In the Linux kernel, the following vulnerability h\", \n \"Content\": \"CVE ID : CVE-2024-40993 \nPublished : July 12, 2024, 1:15 p.m. | 39\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved: \n \nnetfilter: ipset: Fix suspicious rcu_dereference_protected() \n \nWhen destroying all sets, we are either in pernet exit phase or \nare executing a \"destroy all sets command\" from userspace. The latter \nwas taken into account in ip_set_dereference() (nfnetlink mutex is held), \nbut the former was not. The patch adds the required check to \nrcu_dereference_protected() in ip_set_dereference(). \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"12 Jul 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-12T16:05:03.000000Z"}, {"uuid": "366387a1-e7b4-4bc9-9bd2-688d0c2df483", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40995", "type": "published-proof-of-concept", "source": "https://t.me/cvedetector/731", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-40995 - In the Linux kernel, the following vulnerability h\", \n \"Content\": \"CVE ID : CVE-2024-40995 \nPublished : July 12, 2024, 1:15 p.m. | 39\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved: \n \nnet/sched: act_api: fix possible infinite loop in tcf_idr_check_alloc() \n \nsyzbot found hanging tasks waiting on rtnl_lock [1] \n \nA reproducer is available in the syzbot bug. \n \nWhen a request to add multiple actions with the same index is sent, the \nsecond request will block forever on the first request. This holds \nrtnl_lock, and causes tasks to hang. \n \nReturn -EAGAIN to prevent infinite looping, while keeping documented \nbehavior. \n \n[1] \n \nINFO: task kworker/1:0:5088 blocked for more than 143 seconds. \nNot tainted 6.9.0-rc4-syzkaller-00173-g3cdb45594619 #0 \n\"echo 0 > /proc/sys/kernel/hung_task_timeout_secs\" disables this message. \ntask:kworker/1:0 state:D stack:23744 pid:5088 tgid:5088 ppid:2 flags:0x00004000 \nWorkqueue: events_power_efficient reg_check_chans_work \nCall Trace: \n \ncontext_switch kernel/sched/core.c:5409 [inline] \n__schedule+0xf15/0x5d00 kernel/sched/core.c:6746 \n__schedule_loop kernel/sched/core.c:6823 [inline] \nschedule+0xe7/0x350 kernel/sched/core.c:6838 \nschedule_preempt_disabled+0x13/0x30 kernel/sched/core.c:6895 \n__mutex_lock_common kernel/locking/mutex.c:684 [inline] \n__mutex_lock+0x5b8/0x9c0 kernel/locking/mutex.c:752 \nwiphy_lock include/net/cfg80211.h:5953 [inline] \nreg_leave_invalid_chans net/wireless/reg.c:2466 [inline] \nreg_check_chans_work+0x10a/0x10e0 net/wireless/reg.c:2481 \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"12 Jul 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-12T16:05:05.000000Z"}]}