{"vulnerability": "cve-2024-4496", "sightings": [{"uuid": "ee1bb83d-3067-4762-a571-9d30e372c0cd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-44960", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-226-07", "content": "", "creation_timestamp": "2025-08-14T10:00:00.000000Z"}, {"uuid": "26cf8daf-74fa-45a9-a89e-dcb880e93f61", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-44965", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-226-07", "content": "", "creation_timestamp": "2025-08-14T10:00:00.000000Z"}, {"uuid": "62d0f691-9fb0-4fa8-af78-6be45b6a4c7f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-44969", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-226-07", "content": "", "creation_timestamp": "2025-08-14T10:00:00.000000Z"}, {"uuid": "097ae0a5-382e-41b5-aaba-5d2ce8adb75b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2024-44963", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/", "content": "", "creation_timestamp": "2026-03-19T00:00:00.000000Z"}, {"uuid": "4bd04dac-dac6-4e0a-bc58-62fd55925d35", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2024-44962", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/", "content": "", "creation_timestamp": "2026-03-19T00:00:00.000000Z"}, {"uuid": "b77b25e2-35cd-421c-a475-dc66cd07e81c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2024-44961", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/", "content": "", "creation_timestamp": "2026-03-19T00:00:00.000000Z"}, {"uuid": "38c97144-a1fb-4089-bf51-4b078dc677a7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-44969", "type": "seen", "source": "https://t.me/cvedetector/4830", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-44969 - IBM s390 Linux Kernel Buffer Leak Vulnerability\", \n \"Content\": \"CVE ID : CVE-2024-44969 \nPublished : Sept. 4, 2024, 7:15 p.m. | 36\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved: \n \ns390/sclp: Prevent release of buffer in I/O \n \nWhen a task waiting for completion of a Store Data operation is \ninterrupted, an attempt is made to halt this operation. If this attempt \nfails due to a hardware or firmware problem, there is a chance that the \nSCLP facility might store data into buffers referenced by the original \noperation at a later time. \n \nHandle this situation by not releasing the referenced data buffers if \nthe halt attempt fails. For current use cases, this might result in a \nleak of few pages of memory in case of a rare hardware/firmware \nmalfunction. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"04 Sep 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-04T21:56:05.000000Z"}, {"uuid": "650f9da1-40a2-429c-9a5b-03a2de6df926", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "c933734a-9be8-4142-889e-26e95c752803", "vulnerability": "CVE-2024-44963", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/816dcc8e-f25a-4895-9b59-1bbd9caeccb8", "content": "", "creation_timestamp": "2025-12-03T14:14:49.267740Z"}, {"uuid": "88210a62-9b6e-4a63-a3ae-d519af553572", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-44962", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/16985", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-44962\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: btnxpuart: Shutdown timer and prevent rearming when driver unloading\n\nWhen unload the btnxpuart driver, its associated timer will be deleted.\nIf the timer happens to be modified at this moment, it leads to the\nkernel call this timer even after the driver unloaded, resulting in\nkernel panic.\nUse timer_shutdown_sync() instead of del_timer_sync() to prevent rearming.\n\npanic log:\n Internal error: Oops: 0000000086000007 [#1] PREEMPT SMP\n Modules linked in: algif_hash algif_skcipher af_alg moal(O) mlan(O) crct10dif_ce polyval_ce polyval_generic snd_soc_imx_card snd_soc_fsl_asoc_card snd_soc_imx_audmux mxc_jpeg_encdec v4l2_jpeg snd_soc_wm8962 snd_soc_fsl_micfil snd_soc_fsl_sai flexcan snd_soc_fsl_utils ap130x rpmsg_ctrl imx_pcm_dma can_dev rpmsg_char pwm_fan fuse [last unloaded: btnxpuart]\n CPU: 5 PID: 723 Comm: memtester Tainted: G O 6.6.23-lts-next-06207-g4aef2658ac28 #1\n Hardware name: NXP i.MX95 19X19 board (DT)\n pstate: 20400009 (nzCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n pc : 0xffff80007a2cf464\n lr : call_timer_fn.isra.0+0x24/0x80\n...\n Call trace:\n 0xffff80007a2cf464\n __run_timers+0x234/0x280\n run_timer_softirq+0x20/0x40\n __do_softirq+0x100/0x26c\n ____do_softirq+0x10/0x1c\n call_on_irq_stack+0x24/0x4c\n do_softirq_own_stack+0x1c/0x2c\n irq_exit_rcu+0xc0/0xdc\n el0_interrupt+0x54/0xd8\n __el0_irq_handler_common+0x18/0x24\n el0t_64_irq_handler+0x10/0x1c\n el0t_64_irq+0x190/0x194\n Code: ???????? ???????? ???????? ???????? (????????)\n ---[ end trace 0000000000000000 ]---\n Kernel panic - not syncing: Oops: Fatal exception in interrupt\n SMP: stopping secondary CPUs\n Kernel Offset: disabled\n CPU features: 0x0,c0000000,40028143,1000721b\n Memory Limit: none\n ---[ end Kernel panic - not syncing: Oops: Fatal exception in interrupt ]---\n\ud83d\udccf Published: 2024-09-04T18:35:59.990Z\n\ud83d\udccf Modified: 2025-05-20T14:27:38.644Z\n\ud83d\udd17 References:\n1. https://git.kernel.org/stable/c/4d9adcb94d55e9be8a3e464d9f2ff7d27e2ed016\n2. https://git.kernel.org/stable/c/28bbb5011a9723700006da67bdb57ab6a914452b\n3. https://git.kernel.org/stable/c/0d0df1e750bac0fdaa77940e711c1625cff08d33", "creation_timestamp": "2025-05-20T14:40:45.000000Z"}, {"uuid": "8217826c-87f1-4b50-8ffd-3d2b2e97a649", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-44965", "type": "seen", "source": "https://t.me/cvedetector/4846", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-44965 - \"Linux x86 PMD Alignment Assumption Vulnerability\"\", \n \"Content\": \"CVE ID : CVE-2024-44965 \nPublished : Sept. 4, 2024, 7:15 p.m. | 36\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved: \n \nx86/mm: Fix pti_clone_pgtable() alignment assumption \n \nGuenter reported dodgy crashes on an i386-nosmp build using GCC-11 \nthat had the form of endless traps until entry stack exhaust and then \n#DF from the stack guard. \n \nIt turned out that pti_clone_pgtable() had alignment assumptions on \nthe start address, notably it hard assumes start is PMD aligned. This \nis true on x86_64, but very much not true on i386. \n \nThese assumptions can cause the end condition to malfunction, leading \nto a 'short' clone. Guess what happens when the user mapping has a \nshort copy of the entry text? \n \nUse the correct increment form for addr to avoid alignment \nassumptions. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"04 Sep 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-04T21:56:26.000000Z"}, {"uuid": "3076f6b0-f753-42a8-964f-d7be87c29eb3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-44960", "type": "seen", "source": "https://t.me/cvedetector/4840", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-44960 - Linux Kernel USB Gadget Descriptor Vulnerability\", \n \"Content\": \"CVE ID : CVE-2024-44960 \nPublished : Sept. 4, 2024, 7:15 p.m. | 36\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved: \n \nusb: gadget: core: Check for unset descriptor \n \nMake sure the descriptor has been set before looking at maxpacket. \nThis fixes a null pointer panic in this case. \n \nThis may happen if the gadget doesn't properly set up the endpoint \nfor the current speed, or the gadget descriptors are malformed and \nthe descriptor for the speed/endpoint are not found. \n \nNo current gadget driver is known to have this problem, but this \nmay cause a hard-to-find bug during development of new gadgets. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"04 Sep 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-04T21:56:18.000000Z"}, {"uuid": "89556c4a-85bf-4f89-a5a5-bf3d219b9ff2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-44963", "type": "seen", "source": "https://t.me/cvedetector/4850", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-44963 - \"Btrfs Memory Leak BUG Abuse Vulnerability\"\", \n \"Content\": \"CVE ID : CVE-2024-44963 \nPublished : Sept. 4, 2024, 7:15 p.m. | 36\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved: \n \nbtrfs: do not BUG_ON() when freeing tree block after error \n \nWhen freeing a tree block, at btrfs_free_tree_block(), if we fail to \ncreate a delayed reference we don't deal with the error and just do a \nBUG_ON(). The error most likely to happen is -ENOMEM, and we have a \ncomment mentioning that only -ENOMEM can happen, but that is not true, \nbecause in case qgroups are enabled any error returned from \nbtrfs_qgroup_trace_extent_post() (can be -EUCLEAN or anything returned \nfrom btrfs_search_slot() for example) can be propagated back to \nbtrfs_free_tree_block(). \n \nSo stop doing a BUG_ON() and return the error to the callers and make \nthem abort the transaction to prevent leaking space. Syzbot was \ntriggering this, likely due to memory allocation failure injection. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"04 Sep 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-04T21:57:06.000000Z"}, {"uuid": "4a6da508-965e-44ef-a0a0-3593e1c416a6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-44964", "type": "seen", "source": "https://t.me/cvedetector/4848", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-44964 - Linux idpf Buffer Overflow\", \n \"Content\": \"CVE ID : CVE-2024-44964 \nPublished : Sept. 4, 2024, 7:15 p.m. | 36\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved: \n \nidpf: fix memory leaks and crashes while performing a soft reset \n \nThe second tagged commit introduced a UAF, as it removed restoring \nq_vector->vport pointers after reinitializating the structures. \nThis is due to that all queue allocation functions are performed here \nwith the new temporary vport structure and those functions rewrite \nthe backpointers to the vport. Then, this new struct is freed and \nthe pointers start leading to nowhere. \n \nBut generally speaking, the current logic is very fragile. It claims \nto be more reliable when the system is low on memory, but in fact, it \nconsumes two times more memory as at the moment of running this \nfunction, there are two vports allocated with their queues and vectors. \nMoreover, it claims to prevent the driver from running into \"bad state\", \nbut in fact, any error during the rebuild leaves the old vport in the \npartially allocated state. \nFinally, if the interface is down when the function is called, it always \nallocates a new queue set, but when the user decides to enable the \ninterface later on, vport_open() allocates them once again, IOW there's \na clear memory leak here. \n \nJust don't allocate a new queue set when performing a reset, that solves \ncrashes and memory leaks. Readd the old queue number and reopen the \ninterface on rollback - that solves limbo states when the device is left \ndisabled and/or without HW queues enabled. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"04 Sep 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-04T21:56:28.000000Z"}, {"uuid": "312b522d-638d-4e2e-97eb-dc1611cc3607", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-44966", "type": "seen", "source": "https://t.me/cvedetector/4836", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-44966 - Linux kernel RISC-V Flat Binder Data Corruption Vulnerability\", \n \"Content\": \"CVE ID : CVE-2024-44966 \nPublished : Sept. 4, 2024, 7:15 p.m. | 36\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved: \n \nbinfmt_flat: Fix corruption when not offsetting data start \n \nCommit 04d82a6d0881 (\"binfmt_flat: allow not offsetting data start\") \nintroduced a RISC-V specific variant of the FLAT format which does \nnot allocate any space for the (obsolete) array of shared library \npointers. However, it did not disable the code which initializes the \narray, resulting in the corruption of sizeof(long) bytes before the DATA \nsegment, generally the end of the TEXT segment. \n \nIntroduce MAX_SHARED_LIBS_UPDATE which depends on the state of \nCONFIG_BINFMT_FLAT_NO_DATA_START_OFFSET to guard the initialization of \nthe shared library pointer region so that it will only be initialized \nif space is reserved for it. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"04 Sep 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-04T21:56:11.000000Z"}, {"uuid": "165a442f-881e-4d9f-8834-6aaef0f86c3f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-44968", "type": "seen", "source": "https://t.me/cvedetector/4835", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-44968 - Linux Kernel CPU Pointer Access Vulnerability\", \n \"Content\": \"CVE ID : CVE-2024-44968 \nPublished : Sept. 4, 2024, 7:15 p.m. | 36\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved: \n \ntick/broadcast: Move per CPU pointer access into the atomic section \n \nThe recent fix for making the take over of the broadcast timer more \nreliable retrieves a per CPU pointer in preemptible context. \n \nThis went unnoticed as compilers hoist the access into the non-preemptible \nregion where the pointer is actually used. But of course it's valid that \nthe compiler keeps it at the place where the code puts it which rightfully \ntriggers: \n \n BUG: using smp_processor_id() in preemptible [00000000] code: \n caller is hotplug_cpu__broadcast_tick_pull+0x1c/0xc0 \n \nMove it to the actual usage site which is in a non-preemptible region. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"04 Sep 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-04T21:56:10.000000Z"}, {"uuid": "ddd8a540-4afc-472b-8f25-e352f8767bb8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-44967", "type": "seen", "source": "https://t.me/cvedetector/4829", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-44967 - MGA G200 DRM Improper Resource Deallocation\", \n \"Content\": \"CVE ID : CVE-2024-44967 \nPublished : Sept. 4, 2024, 7:15 p.m. | 36\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved: \n \ndrm/mgag200: Bind I2C lifetime to DRM device \n \nManaged cleanup with devm_add_action_or_reset() will release the I2C \nadapter when the underlying Linux device goes away. But the connector \nstill refers to it, so this cleanup leaves behind a stale pointer \nin struct drm_connector.ddc. \n \nBind the lifetime of the I2C adapter to the connector's lifetime by \nusing DRM's managed release. When the DRM device goes away (after \nthe Linux device) DRM will first clean up the connector and then \nclean up the I2C adapter. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"04 Sep 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-04T21:56:04.000000Z"}]}