{"vulnerability": "cve-2024-5028", "sightings": [{"uuid": "a1f4301f-f2c6-4b56-8686-5d7c1b2dfb92", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50287", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113507420054479466", "content": "", "creation_timestamp": "2024-11-19T03:09:40.194614Z"}, {"uuid": "0cf6f6ea-e8f3-46a9-b594-de4a122b774e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50289", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113507420081493811", "content": "", "creation_timestamp": "2024-11-19T03:09:41.525488Z"}, {"uuid": "c1b13807-fe14-477c-ad29-4eb321e892a3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50280", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113507301983406124", "content": "", "creation_timestamp": "2024-11-19T02:39:38.575704Z"}, {"uuid": "ff024b39-8cba-40a7-8018-125af1855fc9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50283", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113507361015021447", "content": "", "creation_timestamp": "2024-11-19T02:54:39.208515Z"}, {"uuid": "85567105-97c5-4f35-a3b2-57af99b1a52d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50284", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113507361028590322", "content": "", "creation_timestamp": "2024-11-19T02:54:39.474592Z"}, {"uuid": "7cd5a666-83ba-4965-aa05-c66eb7cb7796", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50285", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113507361042608863", "content": "", "creation_timestamp": "2024-11-19T02:54:40.003450Z"}, {"uuid": "dbe38145-22c2-40bf-911e-853bb4a51272", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50281", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113507301997744542", "content": "", "creation_timestamp": "2024-11-19T02:39:39.073131Z"}, {"uuid": "afb1e4fd-fec7-4329-982e-d3eb411ae5a7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50282", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113507302011867803", "content": "", "creation_timestamp": "2024-11-19T02:39:39.369566Z"}, {"uuid": "c3c8d10a-1219-41eb-b963-acd824a8ce27", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50288", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113507420067795408", "content": "", "creation_timestamp": "2024-11-19T03:09:40.526373Z"}, {"uuid": "e5911124-6b34-4ea0-9bae-069db7720ac4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50286", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113507361056435522", "content": "", "creation_timestamp": "2024-11-19T02:54:39.959529Z"}, {"uuid": "a6528e59-481d-45cd-9157-d86f93ba4db7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50285", "type": "seen", "source": "http://www.zerodayinitiative.com/advisories/ZDI-24-1726/", "content": "", "creation_timestamp": "2024-12-20T05:00:00.000000Z"}, {"uuid": "369464e9-e02c-4260-9c6c-eea0d1bb8475", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50282", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-226-07", "content": "", "creation_timestamp": "2025-08-14T10:00:00.000000Z"}, {"uuid": "088bb149-f8b0-4f70-929e-f03c3aa01f26", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50285", "type": "seen", "source": "https://gist.github.com/Darkcrai86/45d158611b4db1aace5cbd8bd2963b4d", "content": "", "creation_timestamp": "2025-09-02T09:21:42.000000Z"}, {"uuid": "2d659d8e-5be4-4273-9a65-e72f7ae476ce", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50287", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-226-07", "content": "", "creation_timestamp": "2025-08-14T10:00:00.000000Z"}, {"uuid": "0c419c63-f3cd-4632-86bf-db7dbe3a4dc9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "c933734a-9be8-4142-889e-26e95c752803", "vulnerability": "CVE-2024-50289", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/816dcc8e-f25a-4895-9b59-1bbd9caeccb8", "content": "", "creation_timestamp": "2025-12-03T14:14:49.267740Z"}, {"uuid": "4306ea8a-c8b8-4791-afd0-3f7baf4f627e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "c933734a-9be8-4142-889e-26e95c752803", "vulnerability": "CVE-2024-50280", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/816dcc8e-f25a-4895-9b59-1bbd9caeccb8", "content": "", "creation_timestamp": "2025-12-03T14:14:49.267740Z"}, {"uuid": "a25936f4-5127-44b5-b6f5-0a6dcb1ea46d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "c933734a-9be8-4142-889e-26e95c752803", "vulnerability": "CVE-2024-50282", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/816dcc8e-f25a-4895-9b59-1bbd9caeccb8", "content": "", "creation_timestamp": "2025-12-03T14:14:49.267740Z"}, {"uuid": "66ae4232-4c77-4178-93d1-9542b84fbf09", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50281", "type": "seen", "source": "https://t.me/cvedetector/11432", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-50281 - \"Linux kernel KEYS Trusted NULL Pointer Dereference Vulnerability\"\", \n  \"Content\": \"CVE ID : CVE-2024-50281 \nPublished : Nov. 19, 2024, 2:16 a.m. | 41\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved:  \n  \nKEYS: trusted: dcp: fix NULL dereference in AEAD crypto operation  \n  \nWhen sealing or unsealing a key blob we currently do not wait for  \nthe AEAD cipher operation to finish and simply return after submitting  \nthe request. If there is some load on the system we can exit before  \nthe cipher operation is done and the buffer we read from/write to  \nis already removed from the stack. This will e.g. result in NULL  \npointer dereference errors in the DCP driver during blob creation.  \n  \nFix this by waiting for the AEAD cipher operation to finish before  \nresuming the seal and unseal calls. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"19 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-19T04:16:13.000000Z"}, {"uuid": "6e896508-8629-4ea7-90c3-4da309e2b4b8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50289", "type": "seen", "source": "https://t.me/cvedetector/11417", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-50289 - Av7110 Spectre Vuln\", \n  \"Content\": \"CVE ID : CVE-2024-50289 \nPublished : Nov. 19, 2024, 2:16 a.m. | 41\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved:  \n  \nmedia: av7110: fix a spectre vulnerability  \n  \nAs warned by smatch:  \n drivers/staging/media/av7110/av7110_ca.c:270 dvb_ca_ioctl() warn: potential spectre issue 'av7110->ci_slot' [w] (local cap)  \n  \nThere is a spectre-related vulnerability at the code. Fix it. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"19 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-19T04:15:53.000000Z"}, {"uuid": "8cc97850-6983-479c-961d-4016fcca678b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2024-50284", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/", "content": "", "creation_timestamp": "2026-03-19T00:00:00.000000Z"}, {"uuid": "da5d3ef7-7576-4172-bc27-f1283341111c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2024-50285", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/", "content": "", "creation_timestamp": "2026-03-19T00:00:00.000000Z"}, {"uuid": "7ee42929-4640-4f93-b87d-0a7ccfaff419", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2024-50286", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/", "content": "", "creation_timestamp": "2026-03-19T00:00:00.000000Z"}, {"uuid": "0da390df-f724-40d6-bf6b-67e1beab7cb0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2024-50289", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/", "content": "", "creation_timestamp": "2026-03-19T00:00:00.000000Z"}, {"uuid": "1465a85c-a6d7-4536-8213-6d2b9b8de87c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50283", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/11678", "content": "#Kernel_Security\n1. Ksmbd vulnerability research\n(CVE-2024-50283, CVE-2024-50285, CVE-2024-50286)\nhttps://blog.doyensec.com/2025/01/07/ksmbd-1.html\n2. Memory-related CVEs Exploited in kernelCTF (CVE-2023-3269, CVE-2024-50066)\nhttps://u1f383.github.io/linux/2025/01/12/memory-related-cves-exploited-in-kernelctf.html", "creation_timestamp": "2025-01-14T16:21:53.000000Z"}, {"uuid": "e881b2d9-da68-45a5-984d-459e04b74e36", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50288", "type": "seen", "source": "https://t.me/cvedetector/11426", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-50288 - Linux Kernel Media Vivid Buffer Overwrite Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-50288 \nPublished : Nov. 19, 2024, 2:16 a.m. | 41\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved:  \n  \nmedia: vivid: fix buffer overwrite when using > 32 buffers  \n  \nThe maximum number of buffers that can be requested was increased to  \n64 for the video capture queue. But video capture used a must_blank  \narray that was still sized for 32 (VIDEO_MAX_FRAME). This caused an  \nout-of-bounds write when using buffer indices >= 32.  \n  \nCreate a new define MAX_VID_CAP_BUFFERS that is used to access the  \nmust_blank array and set max_num_buffers for the video capture queue.  \n  \nThis solves a crash reported by:  \n  \n  \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"19 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-19T04:16:06.000000Z"}, {"uuid": "bd9db1e1-c3d0-4076-9f24-cc090b3841c3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50282", "type": "seen", "source": "https://t.me/cvedetector/11431", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-50282 - \"AMD GPU Buffer Overflow\"\", \n  \"Content\": \"CVE ID : CVE-2024-50282 \nPublished : Nov. 19, 2024, 2:16 a.m. | 41\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved:  \n  \ndrm/amdgpu: add missing size check in amdgpu_debugfs_gprwave_read()  \n  \nAvoid a possible buffer overflow if size is larger than 4K.  \n  \n(cherry picked from commit f5d873f5825b40d886d03bd2aede91d4cf002434) \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"19 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-19T04:16:12.000000Z"}, {"uuid": "f4adaabd-49fc-441d-87ce-ad03faa4e328", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50280", "type": "published-proof-of-concept", "source": "https://t.me/cvedetector/11429", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-50280 - Linux dm Cache Delayed Work Cancelling Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-50280 \nPublished : Nov. 19, 2024, 2:16 a.m. | 41\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved:  \n  \ndm cache: fix flushing uninitialized delayed_work on cache_ctr error  \n  \nAn unexpected WARN_ON from flush_work() may occur when cache creation  \nfails, caused by destroying the uninitialized delayed_work waker in the  \nerror path of cache_create(). For example, the warning appears on the  \nsuperblock checksum error.  \n  \nReproduce steps:  \n  \ndmsetup create cmeta --table \"0 8192 linear /dev/sdc 0\"  \ndmsetup create cdata --table \"0 65536 linear /dev/sdc 8192\"  \ndmsetup create corig --table \"0 524288 linear /dev/sdc 262144\"  \ndd if=/dev/urandom of=/dev/mapper/cmeta bs=4k count=1 oflag=direct  \ndmsetup create cache --table \"0 524288 cache /dev/mapper/cmeta \\  \n/dev/mapper/cdata /dev/mapper/corig 128 2 metadata2 writethrough smq 0\"  \n  \nKernel logs:  \n  \n(snip)  \nWARNING: CPU: 0 PID: 84 at kernel/workqueue.c:4178 __flush_work+0x5d4/0x890  \n  \nFix by pulling out the cancel_delayed_work_sync() from the constructor's  \nerror path. This patch doesn't affect the use-after-free fix for  \nconcurrent dm_resume and dm_destroy (commit 6a459d8edbdb (\"dm cache: Fix  \nUAF in destroy()\")) as cache_dtr is not changed. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"19 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-19T04:16:11.000000Z"}, {"uuid": "8dadf001-2af9-48b5-9544-cb0680a3cf3d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50285", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/11678", "content": "#Kernel_Security\n1. Ksmbd vulnerability research\n(CVE-2024-50283, CVE-2024-50285, CVE-2024-50286)\nhttps://blog.doyensec.com/2025/01/07/ksmbd-1.html\n2. Memory-related CVEs Exploited in kernelCTF (CVE-2023-3269, CVE-2024-50066)\nhttps://u1f383.github.io/linux/2025/01/12/memory-related-cves-exploited-in-kernelctf.html", "creation_timestamp": "2025-01-14T16:21:53.000000Z"}, {"uuid": "312b1000-3d0c-454d-a319-0de4176a2bb3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50286", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/11678", "content": "#Kernel_Security\n1. Ksmbd vulnerability research\n(CVE-2024-50283, CVE-2024-50285, CVE-2024-50286)\nhttps://blog.doyensec.com/2025/01/07/ksmbd-1.html\n2. Memory-related CVEs Exploited in kernelCTF (CVE-2023-3269, CVE-2024-50066)\nhttps://u1f383.github.io/linux/2025/01/12/memory-related-cves-exploited-in-kernelctf.html", "creation_timestamp": "2025-01-14T16:21:53.000000Z"}]}