{"vulnerability": "cve-2024-5666", "sightings": [{"uuid": "a5a11735-6d38-41be-bcc3-abc00ad0f9fe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56660", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lecc24t5mb25", "content": "", "creation_timestamp": "2024-12-27T15:20:31.309690Z"}, {"uuid": "3a93fcf0-6f4a-4527-ac13-2eaeb615d449", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56663", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lecc2d624322", "content": "", "creation_timestamp": "2024-12-27T15:20:38.729221Z"}, {"uuid": "5fdfca9b-d62c-464a-8597-de11a2dfaf1d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56666", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lecc2kkhim25", "content": "", "creation_timestamp": "2024-12-27T15:20:46.438596Z"}, {"uuid": "43e0a39f-bac5-4602-ac3e-21de2b59409b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56661", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lecc26zydn2f", "content": "", "creation_timestamp": "2024-12-27T15:20:33.748893Z"}, {"uuid": "d8c58937-af79-4b42-949c-31d3093ab7e3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56668", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lecc2pa2be25", "content": "", "creation_timestamp": "2024-12-27T15:20:51.351342Z"}, {"uuid": "21ce5123-c4d6-44d2-a750-95c42464024f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56662", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lecc2b3wj42c", "content": "", "creation_timestamp": "2024-12-27T15:20:36.094012Z"}, {"uuid": "54dab4c6-25f6-40fa-8bc0-84ccce5287d4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56664", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lecc2fww2j2m", "content": "", "creation_timestamp": "2024-12-27T15:20:41.694764Z"}, {"uuid": "f909171a-1dd8-4fcc-b925-48d33693bc7f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56665", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lecc2i74ze2c", "content": "", "creation_timestamp": "2024-12-27T15:20:44.029355Z"}, {"uuid": "03540798-5ad4-4ccd-9999-fc99f8528ebd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56667", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lecc2mrywc2i", "content": "", "creation_timestamp": "2024-12-27T15:20:48.874705Z"}, {"uuid": "1fa93093-0da4-44cb-91f3-d9ff4005623b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56669", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lecc2ruyjf2i", "content": "", "creation_timestamp": "2024-12-27T15:20:54.333271Z"}, {"uuid": "0188c390-0624-4905-a213-33d65ed2e962", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56662", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-226-07", "content": "", "creation_timestamp": "2025-08-14T10:00:00.000000Z"}, {"uuid": "2ef6aa02-d253-47f8-9346-a98d0e1ed581", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56664", "type": "seen", "source": "https://bsky.app/profile/ferramentaslinux.bsky.social/post/3lvlahnw5xk2i", "content": "", "creation_timestamp": "2025-08-04T12:54:24.228647Z"}, {"uuid": "8a641d0f-e3fb-481d-8a39-d51b75629856", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56661", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-226-07", "content": "", "creation_timestamp": "2025-08-14T10:00:00.000000Z"}, {"uuid": "a338bf75-5f25-473b-84e1-af9b2a7d1f42", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56664", "type": "seen", "source": "https://bsky.app/profile/gcpweekly.bsky.social/post/3lwhluqui2w2q", "content": "", "creation_timestamp": "2025-08-15T19:33:05.429593Z"}, {"uuid": "f5804159-d0d4-4304-b440-da5039d27443", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2024-56665", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/", "content": "", "creation_timestamp": "2026-03-19T00:00:00.000000Z"}, {"uuid": "ebc596ae-4a9e-464b-a806-e6805a41c8ab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "c933734a-9be8-4142-889e-26e95c752803", "vulnerability": "CVE-2024-56664", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/816dcc8e-f25a-4895-9b59-1bbd9caeccb8", "content": "", "creation_timestamp": "2025-12-03T14:14:49.267740Z"}, {"uuid": "b426074a-96c5-4076-b955-025779856e74", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "c933734a-9be8-4142-889e-26e95c752803", "vulnerability": "CVE-2024-56662", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/816dcc8e-f25a-4895-9b59-1bbd9caeccb8", "content": "", "creation_timestamp": "2025-12-03T14:14:49.267740Z"}, {"uuid": "13428a98-fb48-4a95-8331-f552b709bc49", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2024-56660", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/", "content": "", "creation_timestamp": "2026-03-19T00:00:00.000000Z"}, {"uuid": "e7dbc499-dcc3-46eb-90a4-fe546478bf5d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56664", "type": "seen", "source": "https://t.me/cvedetector/13766", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-56664 - Linux kernel bpf sockmap race condition vulnerability.\", \n \"Content\": \"CVE ID : CVE-2024-56664 \nPublished : Dec. 27, 2024, 3:15 p.m. | 32\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved: \n \nbpf, sockmap: Fix race between element replace and close() \n \nElement replace (with a socket different from the one stored) may race \nwith socket's close() link popping & unlinking. __sock_map_delete() \nunconditionally unrefs the (wrong) element: \n \n// set map[0] = s0 \nmap_update_elem(map, 0, s0) \n \n// drop fd of s0 \nclose(s0) \n sock_map_close() \n lock_sock(sk) (s0!) \n sock_map_remove_links(sk) \n link = sk_psock_link_pop() \n sock_map_unlink(sk, link) \n sock_map_delete_from_link \n // replace map[0] with s1 \n map_update_elem(map, 0, s1) \n sock_map_update_elem \n (s1!) lock_sock(sk) \n sock_map_update_common \n psock = sk_psock(sk) \n spin_lock(&stab->lock) \n osk = stab->sks[idx] \n sock_map_add_link(..., &stab->sks[idx]) \n sock_map_unref(osk, &stab->sks[idx]) \n psock = sk_psock(osk) \n sk_psock_put(sk, psock) \n if (refcount_dec_and_test(&psock)) \n sk_psock_drop(sk, psock) \n spin_unlock(&stab->lock) \n unlock_sock(sk) \n __sock_map_delete \n spin_lock(&stab->lock) \n sk = *psk // s1 replaced s0; sk == s1 \n if (!sk_test || sk_test == sk) // sk_test (s0) != sk (s1); no branch \n sk = xchg(psk, NULL) \n if (sk) \n sock_map_unref(sk, psk) // unref s1; sks[idx] will dangle \n psock = sk_psock(sk) \n sk_psock_put(sk, psock) \n if (refcount_dec_and_test()) \n sk_psock_drop(sk, psock) \n spin_unlock(&stab->lock) \n release_sock(sk) \n \nThen close(map) enqueues bpf_map_free_deferred, which finally calls \nsock_map_free(). This results in some refcount_t warnings along with \na KASAN splat [1]. \n \nFix __sock_map_delete(), do not allow sock_map_unref() on elements that \nmay have been replaced. \n \n[1]: \nBUG: KASAN: slab-use-after-free in sock_map_free+0x10e/0x330 \nWrite of size 4 at addr ffff88811f5b9100 by task kworker/u64:12/1063 \n \nCPU: 14 UID: 0 PID: 1063 Comm: kworker/u64:12 Not tainted 6.12.0+ #125 \nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Arch Linux 1.16.3-1-1 04/01/2014 \nWorkqueue: events_unbound bpf_map_free_deferred \nCall Trace: \n \n dump_stack_lvl+0x68/0x90 \n print_report+0x174/0x4f6 \n kasan_report+0xb9/0x190 \n kasan_check_range+0x10f/0x1e0 \n sock_map_free+0x10e/0x330 \n bpf_map_free_deferred+0x173/0x320 \n process_one_work+0x846/0x1420 \n worker_thread+0x5b3/0xf80 \n kthread+0x29e/0x360 \n ret_from_fork+0x2d/0x70 \n ret_from_fork_asm+0x1a/0x30 \n \n \nAllocated by task 1202: \n kasan_save_stack+0x1e/0x40 \n kasan_save_track+0x10/0x30 \n __kasan_slab_alloc+0x85/0x90 \n kmem_cache_alloc_noprof+0x131/0x450 \n sk_prot_alloc+0x5b/0x220 \n sk_alloc+0x2c/0x870 \n unix_create1+0x88/0x8a0 \n unix_create+0xc5/0x180 \n __sock_create+0x241/0x650 \n __sys_socketpair+0x1ce/0x420 \n __x64_sys_socketpair+0x92/0x100 \n do_syscall_64+0x93/0x180 \n entry_SYSCALL_64_after_hwframe+0x76/0x7e \n \nFreed by task 46: \n kasan_save_s[...]", "creation_timestamp": "2024-12-27T16:50:57.000000Z"}, {"uuid": "61fdfd24-b2ea-4625-b30c-0b26fe7033f8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56663", "type": "seen", "source": "https://t.me/cvedetector/13776", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-56663 - \"WiFi: Linux Kernel NL80211 Attr Validation Off-By-One Buffer Overflow\"\", \n \"Content\": \"CVE ID : CVE-2024-56663 \nPublished : Dec. 27, 2024, 3:15 p.m. | 32\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved: \n \nwifi: nl80211: fix NL80211_ATTR_MLO_LINK_ID off-by-one \n \nSince the netlink attribute range validation provides inclusive \nchecking, the *max* of attribute NL80211_ATTR_MLO_LINK_ID should be \nIEEE80211_MLD_MAX_NUM_LINKS - 1 otherwise causing an off-by-one. \n \nOne crash stack for demonstration: \n================================================================== \nBUG: KASAN: wild-memory-access in ieee80211_tx_control_port+0x3b6/0xca0 net/mac80211/tx.c:5939 \nRead of size 6 at addr 001102080000000c by task fuzzer.386/9508 \n \nCPU: 1 PID: 9508 Comm: syz.1.386 Not tainted 6.1.70 #2 \nCall Trace: \n \n __dump_stack lib/dump_stack.c:88 [inline] \n dump_stack_lvl+0x177/0x231 lib/dump_stack.c:106 \n print_report+0xe0/0x750 mm/kasan/report.c:398 \n kasan_report+0x139/0x170 mm/kasan/report.c:495 \n kasan_check_range+0x287/0x290 mm/kasan/generic.c:189 \n memcpy+0x25/0x60 mm/kasan/shadow.c:65 \n ieee80211_tx_control_port+0x3b6/0xca0 net/mac80211/tx.c:5939 \n rdev_tx_control_port net/wireless/rdev-ops.h:761 [inline] \n nl80211_tx_control_port+0x7b3/0xc40 net/wireless/nl80211.c:15453 \n genl_family_rcv_msg_doit+0x22e/0x320 net/netlink/genetlink.c:756 \n genl_family_rcv_msg net/netlink/genetlink.c:833 [inline] \n genl_rcv_msg+0x539/0x740 net/netlink/genetlink.c:850 \n netlink_rcv_skb+0x1de/0x420 net/netlink/af_netlink.c:2508 \n genl_rcv+0x24/0x40 net/netlink/genetlink.c:861 \n netlink_unicast_kernel net/netlink/af_netlink.c:1326 [inline] \n netlink_unicast+0x74b/0x8c0 net/netlink/af_netlink.c:1352 \n netlink_sendmsg+0x882/0xb90 net/netlink/af_netlink.c:1874 \n sock_sendmsg_nosec net/socket.c:716 [inline] \n __sock_sendmsg net/socket.c:728 [inline] \n ____sys_sendmsg+0x5cc/0x8f0 net/socket.c:2499 \n ___sys_sendmsg+0x21c/0x290 net/socket.c:2553 \n __sys_sendmsg net/socket.c:2582 [inline] \n __do_sys_sendmsg net/socket.c:2591 [inline] \n __se_sys_sendmsg+0x19e/0x270 net/socket.c:2589 \n do_syscall_x64 arch/x86/entry/common.c:51 [inline] \n do_syscall_64+0x45/0x90 arch/x86/entry/common.c:81 \n entry_SYSCALL_64_after_hwframe+0x63/0xcd \n \nUpdate the policy to ensure correct validation. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"27 Dec 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-27T16:51:11.000000Z"}, {"uuid": "a1379243-9838-48e0-a072-f46d68df0d13", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56662", "type": "seen", "source": "https://t.me/cvedetector/13775", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-56662 - Linux ACPI Nfit Out-of-Bounds Read Vulnerability\", \n \"Content\": \"CVE ID : CVE-2024-56662 \nPublished : Dec. 27, 2024, 3:15 p.m. | 32\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved: \n \nacpi: nfit: vmalloc-out-of-bounds Read in acpi_nfit_ctl \n \nFix an issue detected by syzbot with KASAN: \n \nBUG: KASAN: vmalloc-out-of-bounds in cmd_to_func drivers/acpi/nfit/ \ncore.c:416 [inline] \nBUG: KASAN: vmalloc-out-of-bounds in acpi_nfit_ctl+0x20e8/0x24a0 \ndrivers/acpi/nfit/core.c:459 \n \nThe issue occurs in cmd_to_func when the call_pkg->nd_reserved2 \narray is accessed without verifying that call_pkg points to a buffer \nthat is appropriately sized as a struct nd_cmd_pkg. This can lead \nto out-of-bounds access and undefined behavior if the buffer does not \nhave sufficient space. \n \nTo address this, a check was added in acpi_nfit_ctl() to ensure that \nbuf is not NULL and that buf_len is less than sizeof(*call_pkg) \nbefore accessing it. This ensures safe access to the members of \ncall_pkg, including the nd_reserved2 array. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"27 Dec 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-27T16:51:07.000000Z"}, {"uuid": "4bb8e004-f214-4632-8491-5307bc55ad18", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56668", "type": "seen", "source": "https://t.me/cvedetector/13771", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-56668 - Intel IOMMU vt-d IOMMU NULL Pointer Dereference Vulnerability\", \n \"Content\": \"CVE ID : CVE-2024-56668 \nPublished : Dec. 27, 2024, 3:15 p.m. | 32\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved: \n \niommu/vt-d: Fix qi_batch NULL pointer with nested parent domain \n \nThe qi_batch is allocated when assigning cache tag for a domain. While \nfor nested parent domain, it is missed. Hence, when trying to map pages \nto the nested parent, NULL dereference occurred. Also, there is potential \nmemleak since there is no lock around domain->qi_batch allocation. \n \nTo solve it, add a helper for qi_batch allocation, and call it in both \nthe __cache_tag_assign_domain() and __cache_tag_assign_parent_domain(). \n \n BUG: kernel NULL pointer dereference, address: 0000000000000200 \n #PF: supervisor read access in kernel mode \n #PF: error_code(0x0000) - not-present page \n PGD 8104795067 P4D 0 \n Oops: Oops: 0000 [#1] PREEMPT SMP NOPTI \n CPU: 223 UID: 0 PID: 4357 Comm: qemu-system-x86 Not tainted 6.13.0-rc1-00028-g4b50c3c3b998-dirty #2632 \n Call Trace: \n ? __die+0x24/0x70 \n ? page_fault_oops+0x80/0x150 \n ? do_user_addr_fault+0x63/0x7b0 \n ? exc_page_fault+0x7c/0x220 \n ? asm_exc_page_fault+0x26/0x30 \n ? cache_tag_flush_range_np+0x13c/0x260 \n intel_iommu_iotlb_sync_map+0x1a/0x30 \n iommu_map+0x61/0xf0 \n batch_to_domain+0x188/0x250 \n iopt_area_fill_domains+0x125/0x320 \n ? rcu_is_watching+0x11/0x50 \n iopt_map_pages+0x63/0x100 \n iopt_map_common.isra.0+0xa7/0x190 \n iopt_map_user_pages+0x6a/0x80 \n iommufd_ioas_map+0xcd/0x1d0 \n iommufd_fops_ioctl+0x118/0x1c0 \n __x64_sys_ioctl+0x93/0xc0 \n do_syscall_64+0x71/0x140 \n entry_SYSCALL_64_after_hwframe+0x76/0x7e \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"27 Dec 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-27T16:51:04.000000Z"}, {"uuid": "50c2885c-4b8c-42e7-9503-b89fddcf492a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56667", "type": "seen", "source": "https://t.me/cvedetector/13770", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-56667 - Intel Linux Kernel NULL Pointer Dereference Vulnerability\", \n \"Content\": \"CVE ID : CVE-2024-56667 \nPublished : Dec. 27, 2024, 3:15 p.m. | 32\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved: \n \ndrm/i915: Fix NULL pointer dereference in capture_engine \n \nWhen the intel_context structure contains NULL, \nit raises a NULL pointer dereference error in drm_info(). \n \n(cherry picked from commit 754302a5bc1bd8fd3b7d85c168b0a1af6d4bba4d) \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"27 Dec 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-27T16:51:00.000000Z"}, {"uuid": "397d25bc-723e-42df-8e5f-067043623408", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56666", "type": "seen", "source": "https://t.me/cvedetector/13769", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-56666 - AMD Linux Kernel Null Pointer Vulnerability (Dereference)\", \n \"Content\": \"CVE ID : CVE-2024-56666 \nPublished : Dec. 27, 2024, 3:15 p.m. | 32\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved: \n \ndrm/amdkfd: Dereference null return value \n \nIn the function pqm_uninit there is a call-assignment of \"pdd = \nkfd_get_process_device_data\" which could be null, and this value was \nlater dereferenced without checking. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"27 Dec 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-27T16:50:59.000000Z"}, {"uuid": "bf66a2c0-84cd-471a-80e4-5d2565068bf8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56665", "type": "seen", "source": "https://t.me/cvedetector/13768", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-56665 - Linux Kernel BPF/Perf Unauthorized Program Array Access\", \n \"Content\": \"CVE ID : CVE-2024-56665 \nPublished : Dec. 27, 2024, 3:15 p.m. | 32\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved: \n \nbpf,perf: Fix invalid prog_array access in perf_event_detach_bpf_prog \n \nSyzbot reported [1] crash that happens for following tracing scenario: \n \n - create tracepoint perf event with attr.inherit=1, attach it to the \n process and set bpf program to it \n - attached process forks -> chid creates inherited event \n \n the new child event shares the parent's bpf program and tp_event \n (hence prog_array) which is global for tracepoint \n \n - exit both process and its child -> release both events \n - first perf_event_detach_bpf_prog call will release tp_event->prog_array \n and second perf_event_detach_bpf_prog will crash, because \n tp_event->prog_array is NULL \n \nThe fix makes sure the perf_event_detach_bpf_prog checks prog_array \nis valid before it tries to remove the bpf program from it. \n \n[1] \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"27 Dec 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-27T16:50:59.000000Z"}, {"uuid": "bbc907d2-8a02-41a3-bf37-add8907e34d9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56669", "type": "seen", "source": "https://t.me/cvedetector/13772", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-56669 - \"Intel IOMMU Use-After-Free\"\", \n \"Content\": \"CVE ID : CVE-2024-56669 \nPublished : Dec. 27, 2024, 3:15 p.m. | 32\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved: \n \niommu/vt-d: Remove cache tags before disabling ATS \n \nThe current implementation removes cache tags after disabling ATS, \nleading to potential memory leaks and kernel crashes. Specifically, \nCACHE_TAG_DEVTLB type cache tags may still remain in the list even \nafter the domain is freed, causing a use-after-free condition. \n \nThis issue really shows up when multiple VFs from different PFs \npassed through to a single user-space process via vfio-pci. In such \ncases, the kernel may crash with kernel messages like: \n \n BUG: kernel NULL pointer dereference, address: 0000000000000014 \n PGD 19036a067 P4D 1940a3067 PUD 136c9b067 PMD 0 \n Oops: Oops: 0000 [#1] PREEMPT SMP NOPTI \n CPU: 74 UID: 0 PID: 3183 Comm: testCli Not tainted 6.11.9 #2 \n RIP: 0010:cache_tag_flush_range+0x9b/0x250 \n Call Trace: \n \n ? __die+0x1f/0x60 \n ? page_fault_oops+0x163/0x590 \n ? exc_page_fault+0x72/0x190 \n ? asm_exc_page_fault+0x22/0x30 \n ? cache_tag_flush_range+0x9b/0x250 \n ? cache_tag_flush_range+0x5d/0x250 \n intel_iommu_tlb_sync+0x29/0x40 \n intel_iommu_unmap_pages+0xfe/0x160 \n __iommu_unmap+0xd8/0x1a0 \n vfio_unmap_unpin+0x182/0x340 [vfio_iommu_type1] \n vfio_remove_dma+0x2a/0xb0 [vfio_iommu_type1] \n vfio_iommu_type1_ioctl+0xafa/0x18e0 [vfio_iommu_type1] \n \nMove cache_tag_unassign_domain() before iommu_disable_pci_caps() to fix \nit. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"27 Dec 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-27T16:51:05.000000Z"}]}