{"vulnerability": "cve-2024-5029", "sightings": [{"uuid": "c044adcc-d950-4e28-8703-2509e5ccd353", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50291", "type": "seen", "source": "https://infosec.exchange/users/vuldb/statuses/113510811046461147", "content": "", "creation_timestamp": "2024-11-19T17:32:02.474367Z"}, {"uuid": "cb387013-3469-4c20-8dc6-3bb0fcc257fa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50295", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113507538134918582", "content": "", "creation_timestamp": "2024-11-19T03:39:42.040185Z"}, {"uuid": "c7ac601e-30f6-4728-abb6-290b657902a1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50291", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113507479093043642", "content": "", "creation_timestamp": "2024-11-19T03:24:41.810331Z"}, {"uuid": "69e17ede-c0ae-44be-8a84-bca4e9306f0a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-5029", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113519440534872706", "content": "", "creation_timestamp": "2024-11-21T06:06:39.152515Z"}, {"uuid": "73413459-e3eb-4d5b-ab30-6a5d4cb98be5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50296", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113507538148924735", "content": "", "creation_timestamp": "2024-11-19T03:39:42.474806Z"}, {"uuid": "882b8526-7bef-4f21-9ec4-c53b5e3c9271", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50293", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113507479122841724", "content": "", "creation_timestamp": "2024-11-19T03:24:42.581703Z"}, {"uuid": "0927a4fd-575b-4653-b338-e920840cda16", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50294", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113507479136113359", "content": "", "creation_timestamp": "2024-11-19T03:24:42.704238Z"}, {"uuid": "3b61a3a4-e8f9-420c-9496-efb637ec997f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50292", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113507479108369390", "content": "", "creation_timestamp": "2024-11-19T03:24:42.343477Z"}, {"uuid": "7a52532e-7e59-4b7b-944d-241e3ab1c98d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50298", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113507538177346077", "content": "", "creation_timestamp": "2024-11-19T03:39:42.741032Z"}, {"uuid": "7904dee0-aad7-41cf-835a-fde05724deb4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50297", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113507538163346882", "content": "", "creation_timestamp": "2024-11-19T03:39:42.788946Z"}, {"uuid": "557ca030-1ca6-4a23-9330-8590e98d2b36", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50299", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113507597179390061", "content": "", "creation_timestamp": "2024-11-19T03:54:42.889975Z"}, {"uuid": "e561567f-35e4-41c7-9e75-d881945d41c3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50290", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113507420094878449", "content": "", "creation_timestamp": "2024-11-19T03:09:40.850667Z"}, {"uuid": "66974328-fcaa-45ec-a745-3e0c96da0bc0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50299", "type": "seen", "source": "https://gist.github.com/Darkcrai86/57f9876ef067b4bbbbd8ac6adee0f23d", "content": "", "creation_timestamp": "2025-11-17T14:21:49.000000Z"}, {"uuid": "55603275-1794-42d1-bb3a-6854efba9803", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2024-50298", "type": "seen", "source": "https://www.hkcert.org/security-bulletin/debian-linux-kernel-multiple-vulnerabilities_20260506", "content": "", "creation_timestamp": "2026-05-05T20:00:00.000000Z"}, {"uuid": "5dc4aef3-f760-4202-8547-20f2fd0b7db9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50296", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-226-07", "content": "", "creation_timestamp": "2025-08-14T10:00:00.000000Z"}, {"uuid": "9b116505-504a-4b45-8027-034b84d6acbb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50290", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-226-07", "content": "", "creation_timestamp": "2025-08-14T10:00:00.000000Z"}, {"uuid": "8c5c9fe4-4f18-424a-95f7-33d16369e881", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50295", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-226-07", "content": "", "creation_timestamp": "2025-08-14T10:00:00.000000Z"}, {"uuid": "e05ea087-4200-4ab5-a93f-a24361659c2d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50292", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-226-07", "content": "", "creation_timestamp": "2025-08-14T10:00:00.000000Z"}, {"uuid": "0fc9ea4e-fc2d-4a4b-a87d-3ede590c6783", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50299", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-226-07", "content": "", "creation_timestamp": "2025-08-14T10:00:00.000000Z"}, {"uuid": "6813061c-7bb5-466c-b02d-7a1189df73cd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "c933734a-9be8-4142-889e-26e95c752803", "vulnerability": "CVE-2024-50298", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/816dcc8e-f25a-4895-9b59-1bbd9caeccb8", "content": "", "creation_timestamp": "2025-12-03T14:14:49.267740Z"}, {"uuid": "ecf092d1-2d7d-40e7-9d02-293f571f61ee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2024-50298", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/", "content": "", "creation_timestamp": "2026-03-19T00:00:00.000000Z"}, {"uuid": "a553a9bc-47de-464a-b403-847636e63b96", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50290", "type": "seen", "source": "https://t.me/cvedetector/11427", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-50290 - \"Cirrus Logic cx24116 Underflow Vulnerability\"\", \n \"Content\": \"CVE ID : CVE-2024-50290 \nPublished : Nov. 19, 2024, 2:16 a.m. | 41\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved: \n \nmedia: cx24116: prevent overflows on SNR calculus \n \nas reported by Coverity, if reading SNR registers fail, a negative \nnumber will be returned, causing an underflow when reading SNR \nregisters. \n \nPrevent that. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"19 Nov 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-19T04:16:06.000000Z"}, {"uuid": "ed1cccb3-5017-456f-a7ea-65466b883eab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50293", "type": "seen", "source": "https://t.me/cvedetector/11420", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-50293 - Oracle Linux Linux Kernel SMC Dangling Sk Pointer Vulnerability\", \n \"Content\": \"CVE ID : CVE-2024-50293 \nPublished : Nov. 19, 2024, 2:16 a.m. | 41\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved: \n \nnet/smc: do not leave a dangling sk pointer in __smc_create() \n \nThanks to commit 4bbd360a5084 (\"socket: Print pf->create() when \nit does not clear sock->sk on failure.\"), syzbot found an issue with AF_SMC: \n \nsmc_create must clear sock->sk on failure, family: 43, type: 1, protocol: 0 \n WARNING: CPU: 0 PID: 5827 at net/socket.c:1565 __sock_create+0x96f/0xa30 net/socket.c:1563 \nModules linked in: \nCPU: 0 UID: 0 PID: 5827 Comm: syz-executor259 Not tainted 6.12.0-rc6-next-20241106-syzkaller #0 \nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 \n RIP: 0010:__sock_create+0x96f/0xa30 net/socket.c:1563 \nCode: 03 00 74 08 4c 89 e7 e8 4f 3b 85 f8 49 8b 34 24 48 c7 c7 40 89 0c 8d 8b 54 24 04 8b 4c 24 0c 44 8b 44 24 08 e8 32 78 db f7 90 <0f0b 90 90 e9 d3 fd ff ff 89 e9 80 e1 07 fe c1 38 c1 0f 8c ee f7 \nRSP: 0018:ffffc90003e4fda0 EFLAGS: 00010246 \nRAX: 099c6f938c7f4700 RBX: 1ffffffff1a595fd RCX: ffff888034823c00 \nRDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 \nRBP: 00000000ffffffe9 R08: ffffffff81567052 R09: 1ffff920007c9f50 \nR10: dffffc0000000000 R11: fffff520007c9f51 R12: ffffffff8d2cafe8 \nR13: 1ffffffff1a595fe R14: ffffffff9a789c40 R15: ffff8880764298c0 \nFS: 000055557b518380(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000 \nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 \nCR2: 00007fa62ff43225 CR3: 0000000031628000 CR4: 00000000003526f0 \nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 \nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 \nCall Trace: \n \n sock_create net/socket.c:1616 [inline] \n __sys_socket_create net/socket.c:1653 [inline] \n __sys_socket+0x150/0x3c0 net/socket.c:1700 \n __do_sys_socket net/socket.c:1714 [inline] \n __se_sys_socket net/socket.c:1712 [inline] \n \nFor reference, see commit 2d859aff775d (\"Merge branch \n'do-not-leave-dangling-sk-pointers-in-pf-create-functions'\") \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"19 Nov 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-19T04:15:58.000000Z"}, {"uuid": "6ae8953f-f8a6-4d89-b8b2-8b08457f59ad", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50292", "type": "seen", "source": "https://t.me/cvedetector/11419", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-50292 - \"STM32 ASoC DMA Channel Release Null Pointer Dereference Vulnerability\"\", \n \"Content\": \"CVE ID : CVE-2024-50292 \nPublished : Nov. 19, 2024, 2:16 a.m. | 41\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved: \n \nASoC: stm32: spdifrx: fix dma channel release in stm32_spdifrx_remove \n \nIn case of error when requesting ctrl_chan DMA channel, ctrl_chan is not \nnull. So the release of the dma channel leads to the following issue: \n[ 4.879000] st,stm32-spdifrx 500d0000.audio-controller: \ndma_request_slave_channel error -19 \n[ 4.888975] Unable to handle kernel NULL pointer dereference \nat virtual address 000000000000003d \n[...] \n[ 5.096577] Call trace: \n[ 5.099099] dma_release_channel+0x24/0x100 \n[ 5.103235] stm32_spdifrx_remove+0x24/0x60 [snd_soc_stm32_spdifrx] \n[ 5.109494] stm32_spdifrx_probe+0x320/0x4c4 [snd_soc_stm32_spdifrx] \n \nTo avoid this issue, release channel only if the pointer is valid. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"19 Nov 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-19T04:15:58.000000Z"}, {"uuid": "c2c3c027-9eb6-4bba-b5d4-0133d8ed6284", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50291", "type": "seen", "source": "https://t.me/cvedetector/11418", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-50291 - \"Linux kernel DVB Buffer Index Check\"\", \n \"Content\": \"CVE ID : CVE-2024-50291 \nPublished : Nov. 19, 2024, 2:16 a.m. | 41\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved: \n \nmedia: dvb-core: add missing buffer index check \n \ndvb_vb2_expbuf() didn't check if the given buffer index was \nfor a valid buffer. Add this check. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"19 Nov 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-19T04:15:57.000000Z"}, {"uuid": "bb4fc5f2-ce1d-4c38-babf-5b411abb861e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50298", "type": "seen", "source": "https://t.me/cvedetector/11425", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-50298 - \"Enetc NULL Pointer Dereference Vulnerability\"\", \n \"Content\": \"CVE ID : CVE-2024-50298 \nPublished : Nov. 19, 2024, 2:16 a.m. | 41\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved: \n \nnet: enetc: allocate vf_state during PF probes \n \nIn the previous implementation, vf_state is allocated memory only when VF \nis enabled. However, net_device_ops::ndo_set_vf_mac() may be called before \nVF is enabled to configure the MAC address of VF. If this is the case, \nenetc_pf_set_vf_mac() will access vf_state, resulting in access to a null \npointer. The simplified error log is as follows. \n \nroot@ls1028ardb:~# ip link set eno0 vf 1 mac 00:0c:e7:66:77:89 \n[ 173.543315] Unable to handle kernel NULL pointer dereference at virtual address 0000000000000004 \n[ 173.637254] pc : enetc_pf_set_vf_mac+0x3c/0x80 Message from sy \n[ 173.641973] lr : do_setlink+0x4a8/0xec8 \n[ 173.732292] Call trace: \n[ 173.734740] enetc_pf_set_vf_mac+0x3c/0x80 \n[ 173.738847] __rtnl_newlink+0x530/0x89c \n[ 173.742692] rtnl_newlink+0x50/0x7c \n[ 173.746189] rtnetlink_rcv_msg+0x128/0x390 \n[ 173.750298] netlink_rcv_skb+0x60/0x130 \n[ 173.754145] rtnetlink_rcv+0x18/0x24 \n[ 173.757731] netlink_unicast+0x318/0x380 \n[ 173.761665] netlink_sendmsg+0x17c/0x3c8 \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"19 Nov 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-19T04:16:05.000000Z"}, {"uuid": "01af0f05-18ae-4a55-a989-5fd6bba34db0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50297", "type": "seen", "source": "https://t.me/cvedetector/11424", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-50297 - Xilinx AXIENet DMAEngine Queue DQL Enqueue Crash Vulnerability\", \n \"Content\": \"CVE ID : CVE-2024-50297 \nPublished : Nov. 19, 2024, 2:16 a.m. | 41\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved: \n \nnet: xilinx: axienet: Enqueue Tx packets in dql before dmaengine starts \n \nEnqueue packets in dql after dma engine starts causes race condition. \nTx transfer starts once dma engine is started and may execute dql dequeue \nin completion before it gets queued. It results in following kernel crash \nwhile running iperf stress test: \n \nkernel BUG at lib/dynamic_queue_limits.c:99! \n \nInternal error: Oops - BUG: 00000000f2000800 [#1] SMP \npc : dql_completed+0x238/0x248 \nlr : dql_completed+0x3c/0x248 \n \nCall trace: \n dql_completed+0x238/0x248 \n axienet_dma_tx_cb+0xa0/0x170 \n xilinx_dma_do_tasklet+0xdc/0x290 \n tasklet_action_common+0xf8/0x11c \n tasklet_action+0x30/0x3c \n handle_softirqs+0xf8/0x230 \n \n \nStart dmaengine after enqueue in dql fixes the crash. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"19 Nov 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-19T04:16:04.000000Z"}, {"uuid": "8ed59f54-f379-4903-800d-d6f9eb9bc4d6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50296", "type": "seen", "source": "https://t.me/cvedetector/11423", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-50296 - HuaWei Net-Series: Kernel Crash Due to Simultaneous Driver Uninstallation and VF Disabling\", \n \"Content\": \"CVE ID : CVE-2024-50296 \nPublished : Nov. 19, 2024, 2:16 a.m. | 41\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved: \n \nnet: hns3: fix kernel crash when uninstalling driver \n \nWhen the driver is uninstalled and the VF is disabled concurrently, a \nkernel crash occurs. The reason is that the two actions call function \npci_disable_sriov(). The num_VFs is checked to determine whether to \nrelease the corresponding resources. During the second calling, num_VFs \nis not 0 and the resource release function is called. However, the \ncorresponding resource has been released during the first invoking. \nTherefore, the problem occurs: \n \n[15277.839633][T50670] Unable to handle kernel NULL pointer dereference at virtual address 0000000000000020 \n... \n[15278.131557][T50670] Call trace: \n[15278.134686][T50670] klist_put+0x28/0x12c \n[15278.138682][T50670] klist_del+0x14/0x20 \n[15278.142592][T50670] device_del+0xbc/0x3c0 \n[15278.146676][T50670] pci_remove_bus_device+0x84/0x120 \n[15278.151714][T50670] pci_stop_and_remove_bus_device+0x6c/0x80 \n[15278.157447][T50670] pci_iov_remove_virtfn+0xb4/0x12c \n[15278.162485][T50670] sriov_disable+0x50/0x11c \n[15278.166829][T50670] pci_disable_sriov+0x24/0x30 \n[15278.171433][T50670] hnae3_unregister_ae_algo_prepare+0x60/0x90 [hnae3] \n[15278.178039][T50670] hclge_exit+0x28/0xd0 [hclge] \n[15278.182730][T50670] __se_sys_delete_module.isra.0+0x164/0x230 \n[15278.188550][T50670] __arm64_sys_delete_module+0x1c/0x30 \n[15278.193848][T50670] invoke_syscall+0x50/0x11c \n[15278.198278][T50670] el0_svc_common.constprop.0+0x158/0x164 \n[15278.203837][T50670] do_el0_svc+0x34/0xcc \n[15278.207834][T50670] el0_svc+0x20/0x30 \n \nFor details, see the following figure. \n \n rmmod hclge disable VFs \n---------------------------------------------------- \nhclge_exit() sriov_numvfs_store() \n ... device_lock() \n pci_disable_sriov() hns3_pci_sriov_configure() \n pci_disable_sriov() \n sriov_disable() \n sriov_disable() if !num_VFs : \n if !num_VFs : return; \n return; sriov_del_vfs() \n sriov_del_vfs() ... \n ... klist_put() \n klist_put() ... \n ... num_VFs = 0; \n num_VFs = 0; device_unlock(); \n \nIn this patch, when driver is removing, we get the device_lock() \nto protect num_VFs, just like sriov_numvfs_store(). \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"19 Nov 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-19T04:16:04.000000Z"}, {"uuid": "91c0f9a9-1a55-47de-9c0d-c98a82cd883a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50295", "type": "seen", "source": "https://t.me/cvedetector/11422", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-50295 - Linux Kernel Arc Driver DMA Corruption Vulnerability\", \n \"Content\": \"CVE ID : CVE-2024-50295 \nPublished : Nov. 19, 2024, 2:16 a.m. | 41\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved: \n \nnet: arc: fix the device for dma_map_single/dma_unmap_single \n \nThe ndev->dev and pdev->dev aren't the same device, use ndev->dev.parent \nwhich has dma_mask, ndev->dev.parent is just pdev->dev. \nOr it would cause the following issue: \n \n[ 39.933526] ------------[ cut here ]------------ \n[ 39.938414] WARNING: CPU: 1 PID: 501 at kernel/dma/mapping.c:149 dma_map_page_attrs+0x90/0x1f8 \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"19 Nov 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-19T04:16:00.000000Z"}, {"uuid": "523646cd-21b9-4182-9baa-3fc6184e6c66", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50294", "type": "seen", "source": "https://t.me/cvedetector/11421", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-50294 - \"Apache rxrpc Missing Locking Hang Issue\"\", \n \"Content\": \"CVE ID : CVE-2024-50294 \nPublished : Nov. 19, 2024, 2:16 a.m. | 41\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved: \n \nrxrpc: Fix missing locking causing hanging calls \n \nIf a call gets aborted (e.g. because kafs saw a signal) between it being \nqueued for connection and the I/O thread picking up the call, the abort \nwill be prioritised over the connection and it will be removed from \nlocal->new_client_calls by rxrpc_disconnect_client_call() without a lock \nbeing held. This may cause other calls on the list to disappear if a race \noccurs. \n \nFix this by taking the client_call_lock when removing a call from whatever \nlist its ->wait_link happens to be on. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"19 Nov 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-19T04:15:59.000000Z"}, {"uuid": "9de43fbc-2a97-4f5b-ab93-e3ae8cc2036c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50299", "type": "seen", "source": "https://t.me/cvedetector/11413", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-50299 - Vulnerability Title: Linux SCTP unchecked chunk size vulnerability\", \n \"Content\": \"CVE ID : CVE-2024-50299 \nPublished : Nov. 19, 2024, 2:16 a.m. | 41\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved: \n \nsctp: properly validate chunk size in sctp_sf_ootb() \n \nA size validation fix similar to that in Commit 50619dbf8db7 (\"sctp: add \nsize validation when walking chunks\") is also required in sctp_sf_ootb() \nto address a crash reported by syzbot: \n \n BUG: KMSAN: uninit-value in sctp_sf_ootb+0x7f5/0xce0 net/sctp/sm_statefuns.c:3712 \n sctp_sf_ootb+0x7f5/0xce0 net/sctp/sm_statefuns.c:3712 \n sctp_do_sm+0x181/0x93d0 net/sctp/sm_sideeffect.c:1166 \n sctp_endpoint_bh_rcv+0xc38/0xf90 net/sctp/endpointola.c:407 \n sctp_inq_push+0x2ef/0x380 net/sctp/inqueue.c:88 \n sctp_rcv+0x3831/0x3b20 net/sctp/input.c:243 \n sctp4_rcv+0x42/0x50 net/sctp/protocol.c:1159 \n ip_protocol_deliver_rcu+0xb51/0x13d0 net/ipv4/ip_input.c:205 \n ip_local_deliver_finish+0x336/0x500 net/ipv4/ip_input.c:233 \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"19 Nov 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-19T04:15:51.000000Z"}]}