{"vulnerability": "cve-2024-4101", "sightings": [{"uuid": "bfa7187d-8d6d-4fb3-b917-459e5940168a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2024-41013", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/", "content": "", "creation_timestamp": "2026-03-19T00:00:00.000000Z"}, {"uuid": "3c3b98e8-3542-44f3-970c-97fd098de7cc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4101", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lhult35rhy22", "content": "", "creation_timestamp": "2025-02-11T02:18:51.170520Z"}, {"uuid": "7a85905c-ee69-4cb2-9015-abca30013deb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41012", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-226-07", "content": "", "creation_timestamp": "2025-08-14T10:00:00.000000Z"}, {"uuid": "b0bd272a-3e4b-4551-93ee-bdac4bd34ec0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41015", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-226-07", "content": "", "creation_timestamp": "2025-08-14T10:00:00.000000Z"}, {"uuid": "ea9c7e8d-ae1c-40c2-ace0-1a50094dfa82", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41017", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-226-07", "content": "", "creation_timestamp": "2025-08-14T10:00:00.000000Z"}, {"uuid": "690a0553-8dd2-49ee-bd91-27371e0aea0d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2024-41014", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/", "content": "", "creation_timestamp": "2026-03-19T00:00:00.000000Z"}, {"uuid": "2f6a5d28-80d8-4232-acbc-477efc4f506f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41014", "type": "published-proof-of-concept", "source": "https://t.me/cvedetector/1825", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-41014 - Linux Kernel XFS Out-of-Bounds Read Vulnerability\", \n \"Content\": \"CVE ID : CVE-2024-41014 \nPublished : July 29, 2024, 7:15 a.m. | 17\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved: \n \nxfs: add bounds checking to xlog_recover_process_data \n \nThere is a lack of verification of the space occupied by fixed members \nof xlog_op_header in the xlog_recover_process_data. \n \nWe can create a crafted image to trigger an out of bounds read by \nfollowing these steps: \n 1) Mount an image of xfs, and do some file operations to leave records \n 2) Before umounting, copy the image for subsequent steps to simulate \n abnormal exit. Because umount will ensure that tail_blk and \n head_blk are the same, which will result in the inability to enter \n xlog_recover_process_data \n 3) Write a tool to parse and modify the copied image in step 2 \n 4) Make the end of the xlog_op_header entries only 1 byte away from \n xlog_rec_header->h_size \n 5) xlog_rec_header->h_num_logops++ \n 6) Modify xlog_rec_header->h_crc \n \nFix: \nAdd a check to make sure there is sufficient space to access fixed members \nof xlog_op_header. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"29 Jul 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-29T09:36:20.000000Z"}, {"uuid": "ee636613-4b1f-4513-b733-dade4d4ba89d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "c933734a-9be8-4142-889e-26e95c752803", "vulnerability": "CVE-2024-41014", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/816dcc8e-f25a-4895-9b59-1bbd9caeccb8", "content": "", "creation_timestamp": "2025-12-03T14:14:49.267740Z"}, {"uuid": "79f4d00d-9a78-4547-a1d3-308f36b72eb4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2024-41014", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0397/", "content": "", "creation_timestamp": "2026-04-02T17:00:00.000000Z"}, {"uuid": "5660618c-139c-4001-8b7e-5c74eb00a841", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41013", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/19692", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-41013\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: In the Linux kernel, the following vulnerability has been resolved:\n\nxfs: don't walk off the end of a directory data block\n\nThis adds sanity checks for xfs_dir2_data_unused and xfs_dir2_data_entry\nto make sure don't stray beyond valid memory region. Before patching, the\nloop simply checks that the start offset of the dup and dep is within the\nrange. So in a crafted image, if last entry is xfs_dir2_data_unused, we\ncan change dup->length to dup->length-1 and leave 1 byte of space. In the\nnext traversal, this space will be considered as dup or dep. We may\nencounter an out of bound read when accessing the fixed members.\n\nIn the patch, we make sure that the remaining bytes large enough to hold\nan unused entry before accessing xfs_dir2_data_unused and\nxfs_dir2_data_unused is XFS_DIR2_DATA_ALIGN byte aligned. We also make\nsure that the remaining bytes large enough to hold a dirent with a\nsingle-byte name before accessing xfs_dir2_data_entry.\n\ud83d\udccf Published: 2024-07-29T06:36:59.930Z\n\ud83d\udccf Modified: 2025-06-27T10:21:10.897Z\n\ud83d\udd17 References:\n1. https://git.kernel.org/stable/c/b0932e4f9da85349d1c8f2a77d2a7a7163b8511d\n2. https://git.kernel.org/stable/c/ca96d83c93071f95cf962ce92406621a472df31b\n3. https://git.kernel.org/stable/c/0c7fcdb6d06cdf8b19b57c17605215b06afa864a", "creation_timestamp": "2025-06-27T10:49:57.000000Z"}, {"uuid": "de0ac019-0ad9-4f47-9a8a-78e02ddb9c96", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "c933734a-9be8-4142-889e-26e95c752803", "vulnerability": "CVE-2024-41013", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/816dcc8e-f25a-4895-9b59-1bbd9caeccb8", "content": "", "creation_timestamp": "2025-12-03T14:14:49.267740Z"}, {"uuid": "c6120d1a-1418-48b5-944a-e7ec5fb17332", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2024-41014", "type": "seen", "source": "https://www.hkcert.org/security-bulletin/ubuntu-linux-kernel-multiple-vulnerabilities_20260408", "content": "", "creation_timestamp": "2026-04-07T18:00:00.000000Z"}, {"uuid": "b90326d3-e5f1-4723-a7a6-21fb9f455d09", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41012", "type": "seen", "source": "https://t.me/cvedetector/1498", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-41012 - In the Linux kernel, the following vulnerability h\", \n \"Content\": \"CVE ID : CVE-2024-41012 \nPublished : July 23, 2024, 8:15 a.m. | 15\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved: \n \nfilelock: Remove locks reliably when fcntl/close race is detected \n \nWhen fcntl_setlk() races with close(), it removes the created lock with \ndo_lock_file_wait(). \nHowever, LSMs can allow the first do_lock_file_wait() that created the lock \nwhile denying the second do_lock_file_wait() that tries to remove the lock. \nSeparately, posix_lock_file() could also fail to \nremove a lock due to GFP_KERNEL allocation failure (when splitting a range \nin the middle). \n \nAfter the bug has been triggered, use-after-free reads will occur in \nlock_get_status() when userspace reads /proc/locks. This can likely be used \nto read arbitrary kernel memory, but can't corrupt kernel memory. \n \nFix it by calling locks_remove_posix() instead, which is designed to \nreliably get rid of POSIX locks associated with the given file and \nfiles_struct and is also used by filp_flush(). \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"23 Jul 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-23T10:32:59.000000Z"}, {"uuid": "460254ac-3ef0-4338-9c91-0787cad9f7f6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41016", "type": "seen", "source": "https://t.me/cvedetector/1823", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-41016 - \"Open Connectivity File System (OCFS2) Memory Corruption Vulnerability\"\", \n \"Content\": \"CVE ID : CVE-2024-41016 \nPublished : July 29, 2024, 7:15 a.m. | 17\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved: \n \nocfs2: strict bound check before memcmp in ocfs2_xattr_find_entry() \n \nxattr in ocfs2 maybe 'non-indexed', which saved with additional space \nrequested. It's better to check if the memory is out of bound before \nmemcmp, although this possibility mainly comes from crafted poisonous \nimages. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"29 Jul 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-29T09:36:16.000000Z"}, {"uuid": "1e484a73-a418-429f-87ec-9045bb109b43", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41011", "type": "seen", "source": "https://t.me/cvedetector/1142", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-41011 - AMD KFD GPU MMIO Information Leak\", \n \"Content\": \"CVE ID : CVE-2024-41011 \nPublished : July 18, 2024, 7:15 a.m. | 45\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved: \n \ndrm/amdkfd: don't allow mapping the MMIO HDP page with large pages \n \nWe don't get the right offset in that case. The GPU has \nan unused 4K area of the register BAR space into which you can \nremap registers. We remap the HDP flush registers into this \nspace to allow userspace (CPU or GPU) to flush the HDP when it \nupdates VRAM. However, on systems with >4K pages, we end up \nexposing PAGE_SIZE of MMIO space. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"18 Jul 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-18T10:06:36.000000Z"}, {"uuid": "be4c9c57-724c-4d77-ae04-a227792a9f3b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41013", "type": "seen", "source": "https://t.me/cvedetector/1824", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-41013 - XFS Out-of-Bounds Read Vulnerability\", \n \"Content\": \"CVE ID : CVE-2024-41013 \nPublished : July 29, 2024, 7:15 a.m. | 17\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved: \n \nxfs: don't walk off the end of a directory data block \n \nThis adds sanity checks for xfs_dir2_data_unused and xfs_dir2_data_entry \nto make sure don't stray beyond valid memory region. Before patching, the \nloop simply checks that the start offset of the dup and dep is within the \nrange. So in a crafted image, if last entry is xfs_dir2_data_unused, we \ncan change dup->length to dup->length-1 and leave 1 byte of space. In the \nnext traversal, this space will be considered as dup or dep. We may \nencounter an out of bound read when accessing the fixed members. \n \nIn the patch, we make sure that the remaining bytes large enough to hold \nan unused entry before accessing xfs_dir2_data_unused and \nxfs_dir2_data_unused is XFS_DIR2_DATA_ALIGN byte aligned. We also make \nsure that the remaining bytes large enough to hold a dirent with a \nsingle-byte name before accessing xfs_dir2_data_entry. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"29 Jul 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-29T09:36:16.000000Z"}, {"uuid": "d9082ee8-8ddd-4cc5-91ba-e7044c42049e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41018", "type": "seen", "source": "https://t.me/cvedetector/1822", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-41018 - \"Linux Kernel NTFS3 Attr Name Out-of-Bounds Access Vulnerability\"\", \n \"Content\": \"CVE ID : CVE-2024-41018 \nPublished : July 29, 2024, 7:15 a.m. | 17\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved: \n \nfs/ntfs3: Add a check for attr_names and oatbl \n \nAdded out-of-bound checking for *ane (ATTR_NAME_ENTRY). \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"29 Jul 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-29T09:36:15.000000Z"}, {"uuid": "ce634def-b4a6-4d1a-a02e-1b1e471985d4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41017", "type": "seen", "source": "https://t.me/cvedetector/1821", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-41017 - Linux Kernel JFS Ea List Corruption (Unexpected Pointer Reference)\", \n \"Content\": \"CVE ID : CVE-2024-41017 \nPublished : July 29, 2024, 7:15 a.m. | 17\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved: \n \njfs: don't walk off the end of ealist \n \nAdd a check before visiting the members of ea to \nmake sure each ea stays within the ealist. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"29 Jul 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-29T09:36:14.000000Z"}, {"uuid": "7217f361-908d-4286-b65f-655533e8b0c3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41010", "type": "seen", "source": "https://t.me/cvedetector/1058", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-41010 - \"BPF Linux Kernel tcx_entry Use-After-Free Vulnerability\"\", \n \"Content\": \"CVE ID : CVE-2024-41010 \nPublished : July 17, 2024, 7:15 a.m. | 29\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved: \n \nbpf: Fix too early release of tcx_entry \n \nPedro Pinto and later independently also Hyunwoo Kim and Wongi Lee reported \nan issue that the tcx_entry can be released too early leading to a use \nafter free (UAF) when an active old-style ingress or clsact qdisc with a \nshared tc block is later replaced by another ingress or clsact instance. \n \nEssentially, the sequence to trigger the UAF (one example) can be as follows: \n \n 1. A network namespace is created \n 2. An ingress qdisc is created. This allocates a tcx_entry, and \n &tcx_entry->miniq is stored in the qdisc's miniqp->p_miniq. At the \n same time, a tcf block with index 1 is created. \n 3. chain0 is attached to the tcf block. chain0 must be connected to \n the block linked to the ingress qdisc to later reach the function \n tcf_chain0_head_change_cb_del() which triggers the UAF. \n 4. Create and graft a clsact qdisc. This causes the ingress qdisc \n created in step 1 to be removed, thus freeing the previously linked \n tcx_entry: \n \n rtnetlink_rcv_msg() \n => tc_modify_qdisc() \n => qdisc_create() \n => clsact_init() [a] \n => qdisc_graft() \n => qdisc_destroy() \n => __qdisc_destroy() \n => ingress_destroy() [b] \n => tcx_entry_free() \n => kfree_rcu() // tcx_entry freed \n \n 5. Finally, the network namespace is closed. This registers the \n cleanup_net worker, and during the process of releasing the \n remaining clsact qdisc, it accesses the tcx_entry that was \n already freed in step 4, causing the UAF to occur: \n \n cleanup_net() \n => ops_exit_list() \n => default_device_exit_batch() \n => unregister_netdevice_many() \n => unregister_netdevice_many_notify() \n => dev_shutdown() \n => qdisc_put() \n => clsact_destroy() [c] \n => tcf_block_put_ext() \n => tcf_chain0_head_change_cb_del() \n => tcf_chain_head_change_item() \n => clsact_chain_head_change() \n => mini_qdisc_pair_swap() // UAF \n \nThere are also other variants, the gist is to add an ingress (or clsact) \nqdisc with a specific shared block, then to replace that qdisc, waiting \nfor the tcx_entry kfree_rcu() to be executed and subsequently accessing \nthe current active qdisc's miniq one way or another. \n \nThe correct fix is to turn the miniq_active boolean into a counter. What \ncan be observed, at step 2 above, the counter transitions from 0->1, at \nstep [a] from 1->2 (in order for the miniq object to remain active during \nthe replacement), then in [b] from 2->1 and finally [c] 1->0 with the \neventual release. The reference counter in general ranges from [0,2] and \nit does not need to be atomic since all access to the counter is protected \nby the rtnl mutex. With this in place, there is no longer a UAF happening \nand the tcx_entry is freed at the correct time. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"17 Jul 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-17T09:51:32.000000Z"}, {"uuid": "f591bd0c-ce45-4a32-80a6-4581dc76b84a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41015", "type": "seen", "source": "https://t.me/cvedetector/1820", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-41015 - SUSE Linux ocfs2 Out-of-Bounds Write Vulnerability\", \n \"Content\": \"CVE ID : CVE-2024-41015 \nPublished : July 29, 2024, 7:15 a.m. | 17\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved: \n \nocfs2: add bounds checking to ocfs2_check_dir_entry() \n \nThis adds sanity checks for ocfs2_dir_entry to make sure all members of \nocfs2_dir_entry don't stray beyond valid memory region. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"29 Jul 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-29T09:36:13.000000Z"}, {"uuid": "34db5cb3-a5f6-47a2-b1b8-3fb75f49e69b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41019", "type": "seen", "source": "https://t.me/cvedetector/1819", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-41019 - Linux kernel NTFS3 Out-of-Bounds Read Vulnerability\", \n \"Content\": \"CVE ID : CVE-2024-41019 \nPublished : July 29, 2024, 7:15 a.m. | 17\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved: \n \nfs/ntfs3: Validate ff offset \n \nThis adds sanity checks for ff offset. There is a check \non rt->first_free at first, but walking through by ff \nwithout any check. If the second ff is a large offset. \nWe may encounter an out-of-bound read. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"29 Jul 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-29T09:36:09.000000Z"}, {"uuid": "5acd2b00-c2d0-49c5-871a-ddc25edfb83c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2024-41014", "type": "seen", "source": "https://www.hkcert.org/security-bulletin/ubuntu-linux-kernel-multiple-vulnerabilities_20260511", "content": "", "creation_timestamp": "2026-05-10T18:00:00.000000Z"}]}