{"vulnerability": "cve-2024-5671", "sightings": [{"uuid": "83148b34-1e78-4aeb-9028-d087b6d30cad", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56710", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113735259396110295", "content": "", "creation_timestamp": "2024-12-29T08:52:12.612789Z"}, {"uuid": "c62fe25b-b605-4118-b78b-1a5ea8c75456", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56711", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113735259410494399", "content": "", "creation_timestamp": "2024-12-29T08:52:13.123620Z"}, {"uuid": "cdd45538-5e55-43c9-b43b-38fb28871ce0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56712", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113735259425553816", "content": "", "creation_timestamp": "2024-12-29T08:52:13.178839Z"}, {"uuid": "bf34ae08-58f0-4450-a1b3-8aa431cafeb2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56713", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113735259439485555", "content": "", "creation_timestamp": "2024-12-29T08:52:13.484121Z"}, {"uuid": "db917129-37f4-457b-a3dd-3bd50fb5fec1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56714", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113735318439730031", "content": "", "creation_timestamp": "2024-12-29T09:07:13.563280Z"}, {"uuid": "9f98b4d0-f787-4fae-8b90-7ddf8922eeb1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56715", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113735318455435917", "content": "", "creation_timestamp": "2024-12-29T09:07:13.848372Z"}, {"uuid": "c51a0e2c-58fc-47d9-8feb-c3fc5ca9985d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56716", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113735318470109070", "content": "", "creation_timestamp": "2024-12-29T09:07:14.227532Z"}, {"uuid": "214a56c8-0ac6-4b53-b050-b84759d7a047", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56717", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113735318485953258", "content": "", "creation_timestamp": "2024-12-29T09:07:14.370448Z"}, {"uuid": "87ea3adf-a6a6-4509-80f2-82c8847b1b4b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56710", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3legolldjs52a", "content": "", "creation_timestamp": "2024-12-29T09:15:29.687592Z"}, {"uuid": "b8aca1f9-b97b-4988-bf32-622a188e8497", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56711", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3legolnuiyx2k", "content": "", "creation_timestamp": "2024-12-29T09:15:32.536432Z"}, {"uuid": "b2bfbf1f-4204-432a-a765-3a1816bba799", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56712", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3legolqkupw2i", "content": "", "creation_timestamp": "2024-12-29T09:15:35.077137Z"}, {"uuid": "3ea62fba-926a-4531-b616-b9996b1a1e8f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56713", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3legolsri2f2a", "content": "", "creation_timestamp": "2024-12-29T09:15:37.632865Z"}, {"uuid": "bc68b760-d406-4f95-95a5-cf227547131d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56714", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3legoluvq3g2i", "content": "", "creation_timestamp": "2024-12-29T09:15:39.663806Z"}, {"uuid": "c952361d-3955-4867-bcdc-b5a80888d603", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56715", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3legolxrvqi2f", "content": "", "creation_timestamp": "2024-12-29T09:15:42.772423Z"}, {"uuid": "7d92661d-56d0-4881-b8e0-7a0f0885e556", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56716", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3legom27yra2f", "content": "", "creation_timestamp": "2024-12-29T09:15:45.340755Z"}, {"uuid": "7de6af2c-2361-455b-808d-6701dbd12f5c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56717", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3legom4ilkp2o", "content": "", "creation_timestamp": "2024-12-29T09:15:47.589326Z"}, {"uuid": "8ab52a37-becd-4e75-abeb-474f83953f40", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56718", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3legomaenco2m", "content": "", "creation_timestamp": "2024-12-29T09:15:52.050807Z"}, {"uuid": "436e8c34-cbca-4080-8538-0191208d1de4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56719", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3legomd3okf25", "content": "", "creation_timestamp": "2024-12-29T09:15:54.450090Z"}, {"uuid": "2929192e-c6dd-48d0-889d-b54202d92687", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56718", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113735377486338881", "content": "", "creation_timestamp": "2024-12-29T09:22:14.629463Z"}, {"uuid": "8c487cd7-aeb0-4ec2-a880-7fe2b826071d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56719", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113735377501320028", "content": "", "creation_timestamp": "2024-12-29T09:22:15.005204Z"}, {"uuid": "012926f5-ad5f-4cec-9089-feff829589e8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56718", "type": "seen", "source": "https://infosec.exchange/users/vuldb/statuses/113736078642861422", "content": "", "creation_timestamp": "2024-12-29T12:20:33.601239Z"}, {"uuid": "91776a31-7716-403a-bc5d-f54b50f680d7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2024-56719", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/", "content": "", "creation_timestamp": "2026-03-19T00:00:00.000000Z"}, {"uuid": "a71b17ab-5a92-4948-8533-501ee53c8923", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2024-56718", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/", "content": "", "creation_timestamp": "2026-03-19T00:00:00.000000Z"}, {"uuid": "8dc33e75-a521-4bbc-8abc-5da2f833dd02", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "c933734a-9be8-4142-889e-26e95c752803", "vulnerability": "CVE-2024-56712", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/816dcc8e-f25a-4895-9b59-1bbd9caeccb8", "content": "", "creation_timestamp": "2025-12-03T14:14:49.267740Z"}, {"uuid": "110e6705-2131-4288-bd47-b34fe96fe2e5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2024-56717", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/", "content": "", "creation_timestamp": "2026-03-19T00:00:00.000000Z"}, {"uuid": "7a6d85aa-328b-494c-b071-89f91113160f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2024-56712", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/", "content": "", "creation_timestamp": "2026-03-19T00:00:00.000000Z"}, {"uuid": "2ace1f50-92e5-4579-92dc-f48d45c1e68c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56712", "type": "seen", "source": "https://t.me/cvedetector/13864", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-56712 - Linux udmabuf Memory Leak Vulnerability\", \n \"Content\": \"CVE ID : CVE-2024-56712 \nPublished : Dec. 29, 2024, 9:15 a.m. | 24\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved: \n \nudmabuf: fix memory leak on last export_udmabuf() error path \n \nIn export_udmabuf(), if dma_buf_fd() fails because the FD table is full, a \ndma_buf owning the udmabuf has already been created; but the error handling \nin udmabuf_create() will tear down the udmabuf without doing anything about \nthe containing dma_buf. \n \nThis leaves a dma_buf in memory that contains a dangling pointer; though \nthat doesn't seem to lead to anything bad except a memory leak. \n \nFix it by moving the dma_buf_fd() call out of export_udmabuf() so that we \ncan give it different error handling. \n \nNote that the shape of this code changed a lot in commit 5e72b2b41a21 \n(\"udmabuf: convert udmabuf driver to use folios\"); but the memory leak \nseems to have existed since the introduction of udmabuf. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"29 Dec 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-29T10:41:11.000000Z"}, {"uuid": "01b62a45-ec3e-4ff3-a795-1a42c1a904ce", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56711", "type": "seen", "source": "https://t.me/cvedetector/13863", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-56711 - Linux Kernel DUI NULL Pointer Dereference (Valid existence of drm_mode_duplicate)\", \n \"Content\": \"CVE ID : CVE-2024-56711 \nPublished : Dec. 29, 2024, 9:15 a.m. | 24\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved: \n \ndrm/panel: himax-hx83102: Add a check to prevent NULL pointer dereference \n \ndrm_mode_duplicate() could return NULL due to lack of memory, \nwhich will then call NULL pointer dereference. Add a check to \nprevent it. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"29 Dec 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-29T10:41:11.000000Z"}, {"uuid": "5b3009fd-a2b5-4866-88a0-8d39a3370411", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56719", "type": "seen", "source": "https://t.me/cvedetector/13862", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-56719 - \"DWC-eth-dwmac DMA Cookie Corruption Vulnerability\"\", \n \"Content\": \"CVE ID : CVE-2024-56719 \nPublished : Dec. 29, 2024, 9:15 a.m. | 24\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved: \n \nnet: stmmac: fix TSO DMA API usage causing oops \n \nCommit 66600fac7a98 (\"net: stmmac: TSO: Fix unbalanced DMA map/unmap \nfor non-paged SKB data\") moved the assignment of tx_skbuff_dma[]'s \nmembers to be later in stmmac_tso_xmit(). \n \nThe buf (dma cookie) and len stored in this structure are passed to \ndma_unmap_single() by stmmac_tx_clean(). The DMA API requires that \nthe dma cookie passed to dma_unmap_single() is the same as the value \nreturned from dma_map_single(). However, by moving the assignment \nlater, this is not the case when priv->dma_cap.addr64 > 32 as \"des\" \nis offset by proto_hdr_len. \n \nThis causes problems such as: \n \n dwc-eth-dwmac 2490000.ethernet eth0: Tx DMA map failed \n \nand with DMA_API_DEBUG enabled: \n \n DMA-API: dwc-eth-dwmac 2490000.ethernet: device driver tries to +free DMA memory it has not allocated [device address=0x000000ffffcf65c0] [size=66 bytes] \n \nFix this by maintaining \"des\" as the original DMA cookie, and use \ntso_des to pass the offset DMA cookie to stmmac_tso_allocator(). \n \nFull details of the crashes can be found at: \n \n \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"29 Dec 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-29T10:41:10.000000Z"}, {"uuid": "084249b6-6717-4345-976f-25226c72ad3d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56717", "type": "seen", "source": "https://t.me/cvedetector/13869", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-56717 - \"DNX: Linux Kernel Net: Incorrect SRC_PORT Field In Ocelot Ifh Set Basic\"\", \n \"Content\": \"CVE ID : CVE-2024-56717 \nPublished : Dec. 29, 2024, 9:15 a.m. | 24\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved: \n \nnet: mscc: ocelot: fix incorrect IFH SRC_PORT field in ocelot_ifh_set_basic() \n \nPackets injected by the CPU should have a SRC_PORT field equal to the \nCPU port module index in the Analyzer block (ocelot->num_phys_ports). \n \nThe blamed commit copied the ocelot_ifh_set_basic() call incorrectly \nfrom ocelot_xmit_common() in net/dsa/tag_ocelot.c. Instead of calling \nwith \"x\", it calls with BIT_ULL(x), but the field is not a port mask, \nbut rather a single port index. \n \n[ side note: this is the technical debt of code duplication :( ] \n \nThe error used to be silent and doesn't appear to have other \nuser-visible manifestations, but with new changes in the packing \nlibrary, it now fails loudly as follows: \n \n------------[ cut here ]------------ \nCannot store 0x40 inside bits 46-43 - will truncate \nsja1105 spi2.0: xmit timed out \nWARNING: CPU: 1 PID: 102 at lib/packing.c:98 __pack+0x90/0x198 \nsja1105 spi2.0: timed out polling for tstamp \nCPU: 1 UID: 0 PID: 102 Comm: felix_xmit \nTainted: G W N 6.13.0-rc1-00372-gf706b85d972d-dirty #2605 \nCall trace: \n __pack+0x90/0x198 (P) \n __pack+0x90/0x198 (L) \n packing+0x78/0x98 \n ocelot_ifh_set_basic+0x260/0x368 \n ocelot_port_inject_frame+0xa8/0x250 \n felix_port_deferred_xmit+0x14c/0x258 \n kthread_worker_fn+0x134/0x350 \n kthread+0x114/0x138 \n \nThe code path pertains to the ocelot switchdev driver and to the felix \nsecondary DSA tag protocol, ocelot-8021q. Here seen with ocelot-8021q. \n \nThe messenger (packing) is not really to blame, so fix the original \ncommit instead. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"29 Dec 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-29T10:41:18.000000Z"}, {"uuid": "ece09607-504c-4bac-a81e-df946c5c4357", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56716", "type": "seen", "source": "https://t.me/cvedetector/13868", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-56716 - Netdevsim Kernel Information Disclosure and Crash Vulnerability\", \n \"Content\": \"CVE ID : CVE-2024-56716 \nPublished : Dec. 29, 2024, 9:15 a.m. | 24\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved: \n \nnetdevsim: prevent bad user input in nsim_dev_health_break_write() \n \nIf either a zero count or a large one is provided, kernel can crash. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"29 Dec 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-29T10:41:17.000000Z"}, {"uuid": "aa2c6a34-67ab-433f-a7a4-e39edd9b98fc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56715", "type": "seen", "source": "https://t.me/cvedetector/13867", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-56715 - Apache Linux Kernel Memory Leak\", \n \"Content\": \"CVE ID : CVE-2024-56715 \nPublished : Dec. 29, 2024, 9:15 a.m. | 24\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved: \n \nionic: Fix netdev notifier unregister on failure \n \nIf register_netdev() fails, then the driver leaks the netdev notifier. \nFix this by calling ionic_lif_unregister() on register_netdev() \nfailure. This will also call ionic_lif_unregister_phc() if it has \nalready been registered. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"29 Dec 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-29T10:41:16.000000Z"}, {"uuid": "150db0ae-97a7-40da-82be-b6ebc6c8569a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56718", "type": "seen", "source": "https://t.me/cvedetector/13861", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-56718 - Linux Kernel SMC Net Link Down Work Permission Vulnerability\", \n \"Content\": \"CVE ID : CVE-2024-56718 \nPublished : Dec. 29, 2024, 9:15 a.m. | 24\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved: \n \nnet/smc: protect link down work from execute after lgr freed \n \nlink down work may be scheduled before lgr freed but execute \nafter lgr freed, which may result in crash. So it is need to \nhold a reference before shedule link down work, and put the \nreference after work executed or canceled. \n \nThe relevant crash call stack as follows: \n list_del corruption. prev->next should be ffffb638c9c0fe20, \n but was 0000000000000000 \n ------------[ cut here ]------------ \n kernel BUG at lib/list_debug.c:51! \n invalid opcode: 0000 [#1] SMP NOPTI \n CPU: 6 PID: 978112 Comm: kworker/6:119 Kdump: loaded Tainted: G #1 \n Hardware name: Alibaba Cloud Alibaba Cloud ECS, BIOS 2221b89 04/01/2014 \n Workqueue: events smc_link_down_work [smc] \n RIP: 0010:__list_del_entry_valid.cold+0x31/0x47 \n RSP: 0018:ffffb638c9c0fdd8 EFLAGS: 00010086 \n RAX: 0000000000000054 RBX: ffff942fb75e5128 RCX: 0000000000000000 \n RDX: ffff943520930aa0 RSI: ffff94352091fc80 RDI: ffff94352091fc80 \n RBP: 0000000000000000 R08: 0000000000000000 R09: ffffb638c9c0fc38 \n R10: ffffb638c9c0fc30 R11: ffffffffa015eb28 R12: 0000000000000002 \n R13: ffffb638c9c0fe20 R14: 0000000000000001 R15: ffff942f9cd051c0 \n FS: 0000000000000000(0000) GS:ffff943520900000(0000) knlGS:0000000000000000 \n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 \n CR2: 00007f4f25214000 CR3: 000000025fbae004 CR4: 00000000007706e0 \n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 \n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 \n PKRU: 55555554 \n Call Trace: \n rwsem_down_write_slowpath+0x17e/0x470 \n smc_link_down_work+0x3c/0x60 [smc] \n process_one_work+0x1ac/0x350 \n worker_thread+0x49/0x2f0 \n ? rescuer_thread+0x360/0x360 \n kthread+0x118/0x140 \n ? __kthread_bind_mask+0x60/0x60 \n ret_from_fork+0x1f/0x30 \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"29 Dec 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-29T10:41:09.000000Z"}, {"uuid": "ab2f2d1e-71fe-4662-8233-8a6d77c8df68", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56713", "type": "seen", "source": "https://t.me/cvedetector/13865", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-56713 - Linux Kernel Rtnl Held and Error Propagation Issue\", \n \"Content\": \"CVE ID : CVE-2024-56713 \nPublished : Dec. 29, 2024, 9:15 a.m. | 24\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved: \n \nnet: netdevsim: fix nsim_pp_hold_write() \n \nnsim_pp_hold_write() has two problems: \n \n1) It may return with rtnl held, as found by syzbot. \n \n2) Its return value does not propagate an error if any. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"29 Dec 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-29T10:41:12.000000Z"}, {"uuid": "fb15a5f4-bd14-4c91-9d07-ac260b1824e7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56710", "type": "seen", "source": "https://t.me/cvedetector/13872", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-56710 - Ceph Linux Kernel Memory Leak Vulnerability\", \n \"Content\": \"CVE ID : CVE-2024-56710 \nPublished : Dec. 29, 2024, 9:15 a.m. | 24\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved: \n \nceph: fix memory leak in ceph_direct_read_write() \n \nThe bvecs array which is allocated in iter_get_bvecs_alloc() is leaked \nand pages remain pinned if ceph_alloc_sparse_ext_map() fails. \n \nThere is no need to delay the allocation of sparse_ext map until after \nthe bvecs array is set up, so fix this by moving sparse_ext allocation \na bit earlier. Also, make a similar adjustment in __ceph_sync_read() \nfor consistency (a leak of the same kind in __ceph_sync_read() has been \naddressed differently). \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"29 Dec 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-29T10:41:24.000000Z"}, {"uuid": "800d4500-659f-4ab7-8951-c20040ad8215", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56714", "type": "seen", "source": "https://t.me/cvedetector/13866", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-56714 - Ionic Double Destroy Workqueue Race Condition\", \n \"Content\": \"CVE ID : CVE-2024-56714 \nPublished : Dec. 29, 2024, 9:15 a.m. | 24\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved: \n \nionic: no double destroy workqueue \n \nThere are some FW error handling paths that can cause us to \ntry to destroy the workqueue more than once, so let's be sure \nwe're checking for that. \n \nThe case where this popped up was in an AER event where the \nhandlers got called in such a way that ionic_reset_prepare() \nand thus ionic_dev_teardown() got called twice in a row. \nThe second time through the workqueue was already destroyed, \nand destroy_workqueue() choked on the bad wq pointer. \n \nWe didn't hit this in AER handler testing before because at \nthat time we weren't using a private workqueue. Later we \nreplaced the use of the system workqueue with our own private \nworkqueue but hadn't rerun the AER handler testing since then. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"29 Dec 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-29T10:41:16.000000Z"}, {"uuid": "bc0e4101-962a-4c71-aa23-899fe5994019", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-5671", "type": "seen", "source": "https://t.me/HackingInsights/2976", "content": "\u200aCVE-2024-5671 (CVSS 9.8) Exposes Trellix Intrusion Prevention System to Remote Attacks\n\nhttps://securityonline.info/cve-2024-5671-cvss-9-8-exposes-trellix-intrusion-prevention-system-to-remote-attacks/", "creation_timestamp": "2024-06-19T16:55:36.000000Z"}, {"uuid": "21c2c1fa-7979-4874-91e1-93b4ea6c1a6a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2024-56719", "type": "seen", "source": "https://www.hkcert.org/security-bulletin/debian-linux-kernel-multiple-vulnerabilities_20260506", "content": "", "creation_timestamp": "2026-05-05T20:00:00.000000Z"}]}