{"vulnerability": "cve-2024-5790", "sightings": [{"uuid": "ef0bed7f-9750-4e35-bdb3-8f043f54eb84", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-57902", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lfrtzmhrqc2r", "content": "", "creation_timestamp": "2025-01-15T13:17:17.924660Z"}, {"uuid": "53c4ed49-fe6e-4e03-9b44-f78f34f9514c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-57900", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lfrtzhyivf2f", "content": "", "creation_timestamp": "2025-01-15T13:17:13.357359Z"}, {"uuid": "c562c0dc-9577-44e0-9f21-113e909086dd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-57901", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lfrtzkbblm2h", "content": "", "creation_timestamp": "2025-01-15T13:17:15.865271Z"}, {"uuid": "e0b6201f-574a-4131-98b1-48b452edef0b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-57903", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lfrtzorcdx2n", "content": "", "creation_timestamp": "2025-01-15T13:17:20.572032Z"}, {"uuid": "9ec0fee8-a842-4f33-881b-f196a62200f7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-57901", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lfrvq6scl42e", "content": "", "creation_timestamp": "2025-01-15T13:47:50.059063Z"}, {"uuid": "f8568eb8-be0a-440e-adf9-f1c549fc6f65", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-57900", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lfrvq6w3572u", "content": "", "creation_timestamp": "2025-01-15T13:47:50.673404Z"}, {"uuid": "56c47e04-a631-4625-b568-1c290b8a96ce", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-57903", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lfrvq74e6o2g", "content": "", "creation_timestamp": "2025-01-15T13:47:51.299488Z"}, {"uuid": "9406c3c2-ac14-41ba-9480-cb7eb2558c43", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-57904", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lg3sh3wtdy2b", "content": "", "creation_timestamp": "2025-01-19T12:15:40.447173Z"}, {"uuid": "7bd5a73c-b4b7-4b94-a196-7dfcf358aa7f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-57905", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lg3sh5xwiw2c", "content": "", "creation_timestamp": "2025-01-19T12:15:42.507728Z"}, {"uuid": "1cd7ebf4-017a-4b63-a891-bae09d709b26", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-57906", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lg3sha3z7d2h", "content": "", "creation_timestamp": "2025-01-19T12:15:44.887155Z"}, {"uuid": "906053df-f115-4ca0-870b-7180f09ef925", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-57907", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lg3shd2rjy2f", "content": "", "creation_timestamp": "2025-01-19T12:15:47.960753Z"}, {"uuid": "da833e2d-905d-4b47-88d7-d891395c2311", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-57908", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lg3shfault2h", "content": "", "creation_timestamp": "2025-01-19T12:15:50.119108Z"}, {"uuid": "f9da772b-0169-4959-ba57-4e7dc90c1b23", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-57909", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lg3shhlr3d2h", "content": "", "creation_timestamp": "2025-01-19T12:15:52.662731Z"}, {"uuid": "c47a8ac5-3489-4063-ae8b-fbbef587b562", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-57908", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/2344", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-57908\n\ud83d\udd39 Description: In the Linux kernel, the following vulnerability has been resolved:\n\niio: imu: kmx61: fix information leak in triggered buffer\n\nThe 'buffer' local array is used to push data to user space from a\ntriggered buffer, but it does not set values for inactive channels, as\nit only uses iio_for_each_active_channel() to assign new values.\n\nInitialize the array to zero before using it to avoid pushing\nuninitialized information to userspace.\n\ud83d\udccf Published: 2025-01-19T11:52:31.714Z\n\ud83d\udccf Modified: 2025-01-19T11:52:31.714Z\n\ud83d\udd17 References:\n1. https://git.kernel.org/stable/c/6985ba4467e4b15b809043fa7740d1fb23a1897b\n2. https://git.kernel.org/stable/c/cde312e257b59ecaa0fad3af9ec7e2370bb24639\n3. https://git.kernel.org/stable/c/565814cbbaa674d2901428796801de49a611e59d\n4. https://git.kernel.org/stable/c/6ae053113f6a226a2303caa4936a4c37f3bfff7b", "creation_timestamp": "2025-01-19T11:58:41.000000Z"}, {"uuid": "4733c789-5547-4a06-8d89-5c2cef14d317", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "c933734a-9be8-4142-889e-26e95c752803", "vulnerability": "CVE-2024-57903", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/816dcc8e-f25a-4895-9b59-1bbd9caeccb8", "content": "", "creation_timestamp": "2025-12-03T14:14:49.267740Z"}, {"uuid": "d57256e6-21ee-43b2-872e-15db4791627f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-57909", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/2343", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-57909\n\ud83d\udd39 Description: In the Linux kernel, the following vulnerability has been resolved:\n\niio: light: bh1745: fix information leak in triggered buffer\n\nThe 'scan' local struct is used to push data to user space from a\ntriggered buffer, but it does not set values for inactive channels, as\nit only uses iio_for_each_active_channel() to assign new values.\n\nInitialize the struct to zero before using it to avoid pushing\nuninitialized information to userspace.\n\ud83d\udccf Published: 2025-01-19T11:52:32.408Z\n\ud83d\udccf Modified: 2025-01-19T11:52:32.408Z\n\ud83d\udd17 References:\n1. https://git.kernel.org/stable/c/1cca2a666e099aa018e5ab385f0a6e01a3053629\n2. https://git.kernel.org/stable/c/b62fbe3b8eedd3cf3c9ad0b7cb9f72c3f40815f0", "creation_timestamp": "2025-01-19T11:58:40.000000Z"}, {"uuid": "731386d8-7df4-4f51-8436-17846d64af8d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-57904", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/2348", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-57904\n\ud83d\udd39 Description: In the Linux kernel, the following vulnerability has been resolved:\n\niio: adc: at91: call input_free_device() on allocated iio_dev\n\nCurrent implementation of at91_ts_register() calls input_free_deivce()\non st->ts_input, however, the err label can be reached before the\nallocated iio_dev is stored to st->ts_input. Thus call\ninput_free_device() on input instead of st->ts_input.\n\ud83d\udccf Published: 2025-01-19T11:52:28.982Z\n\ud83d\udccf Modified: 2025-01-19T11:52:28.982Z\n\ud83d\udd17 References:\n1. https://git.kernel.org/stable/c/25ef52f1c15db67d890b80203a911b9a57b0bf71\n2. https://git.kernel.org/stable/c/09e067e3c83e0695d338e8a26916e3c2bc44be02\n3. https://git.kernel.org/stable/c/d115b7f3ddc03b38bb7e8754601556fe9b4fc034\n4. https://git.kernel.org/stable/c/de6a73bad1743e9e81ea5a24c178c67429ff510b", "creation_timestamp": "2025-01-19T11:58:47.000000Z"}, {"uuid": "3edbe57b-44a2-428d-b129-afcc9ab80d24", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-57908", "type": "seen", "source": "Telegram/sQnoIxlmD_xBYaXriAIKW-itu_pQEMAjqMTTeke5H__1gf6r", "content": "", "creation_timestamp": "2025-02-18T21:11:31.000000Z"}, {"uuid": "72344e05-a479-48de-86ff-03e647b0f7e0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-57901", "type": "seen", "source": "https://t.me/cvedetector/15448", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-57901 - Linux Kernel af_packet VLAN Protocol Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-57901 \nPublished : Jan. 15, 2025, 1:15 p.m. | 36\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved:  \n  \naf_packet: fix vlan_get_protocol_dgram() vs MSG_PEEK  \n  \nBlamed commit forgot MSG_PEEK case, allowing a crash [1] as found  \nby syzbot.  \n  \nRework vlan_get_protocol_dgram() to not touch skb at all,  \nso that it can be used from many cpus on the same skb.  \n  \nAdd a const qualifier to skb argument.  \n  \n[1]  \nskbuff: skb_under_panic: text:ffffffff8a8ccd05 len:29 put:14 head:ffff88807fc8e400 data:ffff88807fc8e3f4 tail:0x11 end:0x140 dev:  \n------------[ cut here ]------------  \n kernel BUG at net/core/skbuff.c:206 !  \nOops: invalid opcode: 0000 [#1] PREEMPT SMP KASAN PTI  \nCPU: 1 UID: 0 PID: 5892 Comm: syz-executor883 Not tainted 6.13.0-rc4-syzkaller-00054-gd6ef8b40d075 #0  \nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024  \n RIP: 0010:skb_panic net/core/skbuff.c:206 [inline]  \n RIP: 0010:skb_under_panic+0x14b/0x150 net/core/skbuff.c:216  \nCode: 0b 8d 48 c7 c6 86 d5 25 8e 48 8b 54 24 08 8b 0c 24 44 8b 44 24 04 4d 89 e9 50 41 54 41 57 41 56 e8 5a 69 79 f7 48 83 c4 20 90 <0f0b 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3  \nRSP: 0018:ffffc900038d7638 EFLAGS: 00010282  \nRAX: 0000000000000087 RBX: dffffc0000000000 RCX: 609ffd18ea660600  \nRDX: 0000000000000000 RSI: 0000000080000000 RDI: 0000000000000000  \nRBP: ffff88802483c8d0 R08: ffffffff817f0a8c R09: 1ffff9200071ae60  \nR10: dffffc0000000000 R11: fffff5200071ae61 R12: 0000000000000140  \nR13: ffff88807fc8e400 R14: ffff88807fc8e3f4 R15: 0000000000000011  \nFS:  00007fbac5e006c0(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000  \nCS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033  \nCR2: 00007fbac5e00d58 CR3: 000000001238e000 CR4: 00000000003526f0  \nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000  \nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400  \nCall Trace:  \n   \n  skb_push+0xe5/0x100 net/core/skbuff.c:2636  \n  vlan_get_protocol_dgram+0x165/0x290 net/packet/af_packet.c:585  \n  packet_recvmsg+0x948/0x1ef0 net/packet/af_packet.c:3552  \n  sock_recvmsg_nosec net/socket.c:1033 [inline]  \n  sock_recvmsg+0x22f/0x280 net/socket.c:1055  \n  ____sys_recvmsg+0x1c6/0x480 net/socket.c:2803  \n  ___sys_recvmsg net/socket.c:2845 [inline]  \n  do_recvmmsg+0x426/0xab0 net/socket.c:2940  \n  __sys_recvmmsg net/socket.c:3014 [inline]  \n  __do_sys_recvmmsg net/socket.c:3037 [inline]  \n  __se_sys_recvmmsg net/socket.c:3030 [inline]  \n  __x64_sys_recvmmsg+0x199/0x250 net/socket.c:3030  \n  do_syscall_x64 arch/x86/entry/common.c:52 [inline]  \n  do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83  \n entry_SYSCALL_64_after_hwframe+0x77/0x7f \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"15 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-15T15:06:49.000000Z"}, {"uuid": "1ba249b6-4174-4fdf-82d2-3bf3e7b522e0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-57903", "type": "seen", "source": "https://t.me/cvedetector/15450", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-57903 - Linux kernel SO_REUSEPORT Inet Socket Restriction Comic Book Bug\", \n  \"Content\": \"CVE ID : CVE-2024-57903 \nPublished : Jan. 15, 2025, 1:15 p.m. | 36\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved:  \n  \nnet: restrict SO_REUSEPORT to inet sockets  \n  \nAfter blamed commit, crypto sockets could accidentally be destroyed  \nfrom RCU call back, as spotted by zyzbot [1].  \n  \nTrying to acquire a mutex in RCU callback is not allowed.  \n  \nRestrict SO_REUSEPORT socket option to inet sockets.  \n  \nv1 of this patch supported TCP, UDP and SCTP sockets,  \nbut fcnal-test.sh test needed RAW and ICMP support.  \n  \n[1]  \nBUG: sleeping function called from invalid context at kernel/locking/mutex.c:562  \nin_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 24, name: ksoftirqd/1  \npreempt_count: 100, expected: 0  \nRCU nest depth: 0, expected: 0  \n1 lock held by ksoftirqd/1/24:  \n  #0: ffffffff8e937ba0 (rcu_callback){....}-{0:0}, at: rcu_lock_acquire include/linux/rcupdate.h:337 [inline]  \n  #0: ffffffff8e937ba0 (rcu_callback){....}-{0:0}, at: rcu_do_batch kernel/rcu/tree.c:2561 [inline]  \n  #0: ffffffff8e937ba0 (rcu_callback){....}-{0:0}, at: rcu_core+0xa37/0x17a0 kernel/rcu/tree.c:2823  \nPreemption disabled at:  \n [] softirq_handle_begin kernel/softirq.c:402 [inline]  \n [] handle_softirqs+0x128/0x9b0 kernel/softirq.c:537  \nCPU: 1 UID: 0 PID: 24 Comm: ksoftirqd/1 Not tainted 6.13.0-rc3-syzkaller-00174-ga024e377efed #0  \nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024  \nCall Trace:  \n   \n  __dump_stack lib/dump_stack.c:94 [inline]  \n  dump_stack_lvl+0x241/0x360 lib/dump_stack.c:120  \n  __might_resched+0x5d4/0x780 kernel/sched/core.c:8758  \n  __mutex_lock_common kernel/locking/mutex.c:562 [inline]  \n  __mutex_lock+0x131/0xee0 kernel/locking/mutex.c:735  \n  crypto_put_default_null_skcipher+0x18/0x70 crypto/crypto_null.c:179  \n  aead_release+0x3d/0x50 crypto/algif_aead.c:489  \n  alg_do_release crypto/af_alg.c:118 [inline]  \n  alg_sock_destruct+0x86/0xc0 crypto/af_alg.c:502  \n  __sk_destruct+0x58/0x5f0 net/core/sock.c:2260  \n  rcu_do_batch kernel/rcu/tree.c:2567 [inline]  \n  rcu_core+0xaaa/0x17a0 kernel/rcu/tree.c:2823  \n  handle_softirqs+0x2d4/0x9b0 kernel/softirq.c:561  \n  run_ksoftirqd+0xca/0x130 kernel/softirq.c:950  \n  smpboot_thread_fn+0x544/0xa30 kernel/smpboot.c:164  \n  kthread+0x2f0/0x390 kernel/kthread.c:389  \n  ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:147  \n  ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244 \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"15 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-15T15:06:54.000000Z"}, {"uuid": "3369b5de-bc45-4b39-aad4-f970feea860c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-57902", "type": "seen", "source": "https://t.me/cvedetector/15449", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-57902 - Linux Kernel af_packet: VLAN Get TCI Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-57902 \nPublished : Jan. 15, 2025, 1:15 p.m. | 36\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved:  \n  \naf_packet: fix vlan_get_tci() vs MSG_PEEK  \n  \nBlamed commit forgot MSG_PEEK case, allowing a crash [1] as found  \nby syzbot.  \n  \nRework vlan_get_tci() to not touch skb at all,  \nso that it can be used from many cpus on the same skb.  \n  \nAdd a const qualifier to skb argument.  \n  \n[1]  \nskbuff: skb_under_panic: text:ffffffff8a8da482 len:32 put:14 head:ffff88807a1d5800 data:ffff88807a1d5810 tail:0x14 end:0x140 dev:  \n------------[ cut here ]------------  \n kernel BUG at net/core/skbuff.c:206 !  \nOops: invalid opcode: 0000 [#1] PREEMPT SMP KASAN PTI  \nCPU: 0 UID: 0 PID: 5880 Comm: syz-executor172 Not tainted 6.13.0-rc3-syzkaller-00762-g9268abe611b0 #0  \nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024  \n RIP: 0010:skb_panic net/core/skbuff.c:206 [inline]  \n RIP: 0010:skb_under_panic+0x14b/0x150 net/core/skbuff.c:216  \nCode: 0b 8d 48 c7 c6 9e 6c 26 8e 48 8b 54 24 08 8b 0c 24 44 8b 44 24 04 4d 89 e9 50 41 54 41 57 41 56 e8 3a 5a 79 f7 48 83 c4 20 90 <0f0b 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3  \nRSP: 0018:ffffc90003baf5b8 EFLAGS: 00010286  \nRAX: 0000000000000087 RBX: dffffc0000000000 RCX: 8565c1eec37aa000  \nRDX: 0000000000000000 RSI: 0000000080000000 RDI: 0000000000000000  \nRBP: ffff88802616fb50 R08: ffffffff817f0a4c R09: 1ffff92000775e50  \nR10: dffffc0000000000 R11: fffff52000775e51 R12: 0000000000000140  \nR13: ffff88807a1d5800 R14: ffff88807a1d5810 R15: 0000000000000014  \nFS:  00007fa03261f6c0(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000  \nCS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033  \nCR2: 00007ffd65753000 CR3: 0000000031720000 CR4: 00000000003526f0  \nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000  \nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400  \nCall Trace:  \n   \n  skb_push+0xe5/0x100 net/core/skbuff.c:2636  \n  vlan_get_tci+0x272/0x550 net/packet/af_packet.c:565  \n  packet_recvmsg+0x13c9/0x1ef0 net/packet/af_packet.c:3616  \n  sock_recvmsg_nosec net/socket.c:1044 [inline]  \n  sock_recvmsg+0x22f/0x280 net/socket.c:1066  \n  ____sys_recvmsg+0x1c6/0x480 net/socket.c:2814  \n  ___sys_recvmsg net/socket.c:2856 [inline]  \n  do_recvmmsg+0x426/0xab0 net/socket.c:2951  \n  __sys_recvmmsg net/socket.c:3025 [inline]  \n  __do_sys_recvmmsg net/socket.c:3048 [inline]  \n  __se_sys_recvmmsg net/socket.c:3041 [inline]  \n  __x64_sys_recvmmsg+0x199/0x250 net/socket.c:3041  \n  do_syscall_x64 arch/x86/entry/common.c:52 [inline]  \n  do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83 \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"15 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-15T15:06:50.000000Z"}, {"uuid": "1dfbe04b-a43a-4249-8614-1dc5f68177da", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-57900", "type": "seen", "source": "https://t.me/cvedetector/15447", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-57900 - \"Linux ILA Net Hooks Registration Race Vulnerability\"\", \n  \"Content\": \"CVE ID : CVE-2024-57900 \nPublished : Jan. 15, 2025, 1:15 p.m. | 36\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved:  \n  \nila: serialize calls to nf_register_net_hooks()  \n  \nsyzbot found a race in ila_add_mapping() [1]  \n  \ncommit 031ae72825ce (\"ila: call nf_unregister_net_hooks() sooner\")  \nattempted to fix a similar issue.  \n  \nLooking at the syzbot repro, we have concurrent ILA_CMD_ADD commands.  \n  \nAdd a mutex to make sure at most one thread is calling nf_register_net_hooks().  \n  \n[1]  \n BUG: KASAN: slab-use-after-free in rht_key_hashfn include/linux/rhashtable.h:159 [inline]  \n BUG: KASAN: slab-use-after-free in __rhashtable_lookup.constprop.0+0x426/0x550 include/linux/rhashtable.h:604  \nRead of size 4 at addr ffff888028f40008 by task dhcpcd/5501  \n  \nCPU: 1 UID: 0 PID: 5501 Comm: dhcpcd Not tainted 6.13.0-rc4-syzkaller-00054-gd6ef8b40d075 #0  \nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024  \nCall Trace:  \n   \n  __dump_stack lib/dump_stack.c:94 [inline]  \n  dump_stack_lvl+0x116/0x1f0 lib/dump_stack.c:120  \n  print_address_description mm/kasan/report.c:378 [inline]  \n  print_report+0xc3/0x620 mm/kasan/report.c:489  \n  kasan_report+0xd9/0x110 mm/kasan/report.c:602  \n  rht_key_hashfn include/linux/rhashtable.h:159 [inline]  \n  __rhashtable_lookup.constprop.0+0x426/0x550 include/linux/rhashtable.h:604  \n  rhashtable_lookup include/linux/rhashtable.h:646 [inline]  \n  rhashtable_lookup_fast include/linux/rhashtable.h:672 [inline]  \n  ila_lookup_wildcards net/ipv6/ila/ila_xlat.c:127 [inline]  \n  ila_xlat_addr net/ipv6/ila/ila_xlat.c:652 [inline]  \n  ila_nf_input+0x1ee/0x620 net/ipv6/ila/ila_xlat.c:185  \n  nf_hook_entry_hookfn include/linux/netfilter.h:154 [inline]  \n  nf_hook_slow+0xbb/0x200 net/netfilter/core.c:626  \n  nf_hook.constprop.0+0x42e/0x750 include/linux/netfilter.h:269  \n  NF_HOOK include/linux/netfilter.h:312 [inline]  \n  ipv6_rcv+0xa4/0x680 net/ipv6/ip6_input.c:309  \n  __netif_receive_skb_one_core+0x12e/0x1e0 net/core/dev.c:5672  \n  __netif_receive_skb+0x1d/0x160 net/core/dev.c:5785  \n  process_backlog+0x443/0x15f0 net/core/dev.c:6117  \n  __napi_poll.constprop.0+0xb7/0x550 net/core/dev.c:6883  \n  napi_poll net/core/dev.c:6952 [inline]  \n  net_rx_action+0xa94/0x1010 net/core/dev.c:7074  \n  handle_softirqs+0x213/0x8f0 kernel/softirq.c:561  \n  __do_softirq kernel/softirq.c:595 [inline]  \n  invoke_softirq kernel/softirq.c:435 [inline]  \n  __irq_exit_rcu+0x109/0x170 kernel/softirq.c:662  \n  irq_exit_rcu+0x9/0x30 kernel/softirq.c:678  \n  instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1049 [inline]  \n  sysvec_apic_timer_interrupt+0xa4/0xc0 arch/x86/kernel/apic/apic.c:1049 \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"15 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-15T15:06:48.000000Z"}, {"uuid": "54aba7e4-ca27-460d-bca2-d6f5a77210f5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-57905", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/2347", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-57905\n\ud83d\udd39 Description: In the Linux kernel, the following vulnerability has been resolved:\n\niio: adc: ti-ads1119: fix information leak in triggered buffer\n\nThe 'scan' local struct is used to push data to user space from a\ntriggered buffer, but it has a hole between the sample (unsigned int)\nand the timestamp. This hole is never initialized.\n\nInitialize the struct to zero before using it to avoid pushing\nuninitialized information to userspace.\n\ud83d\udccf Published: 2025-01-19T11:52:29.699Z\n\ud83d\udccf Modified: 2025-01-19T11:52:29.699Z\n\ud83d\udd17 References:\n1. https://git.kernel.org/stable/c/2f1687cca911a2f294313c762e0646cd9e7be8cc\n2. https://git.kernel.org/stable/c/75f339d3ecd38cb1ce05357d647189d4a7f7ed08", "creation_timestamp": "2025-01-19T11:58:46.000000Z"}, {"uuid": "a6e721ab-2ac0-4c89-b6f4-e05182f70b55", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-57906", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/2346", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-57906\n\ud83d\udd39 Description: In the Linux kernel, the following vulnerability has been resolved:\n\niio: adc: ti-ads8688: fix information leak in triggered buffer\n\nThe 'buffer' local array is used to push data to user space from a\ntriggered buffer, but it does not set values for inactive channels, as\nit only uses iio_for_each_active_channel() to assign new values.\n\nInitialize the array to zero before using it to avoid pushing\nuninitialized information to userspace.\n\ud83d\udccf Published: 2025-01-19T11:52:30.365Z\n\ud83d\udccf Modified: 2025-01-19T11:52:30.365Z\n\ud83d\udd17 References:\n1. https://git.kernel.org/stable/c/ebe2672bc42a0dfe31bb539f8ce79d024aa7e46d\n2. https://git.kernel.org/stable/c/455df95eb8f24a37abc549d6738fc8ee07eb623b\n3. https://git.kernel.org/stable/c/485570ed82b7a6bb109fa1d0a79998e21f7f4c73\n4. https://git.kernel.org/stable/c/2a7377ccfd940cd6e9201756aff1e7852c266e69", "creation_timestamp": "2025-01-19T11:58:42.000000Z"}, {"uuid": "9e3ff51a-dfea-43b6-89bb-71037c19b7d0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-57907", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/2345", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-57907\n\ud83d\udd39 Description: In the Linux kernel, the following vulnerability has been resolved:\n\niio: adc: rockchip_saradc: fix information leak in triggered buffer\n\nThe 'data' local struct is used to push data to user space from a\ntriggered buffer, but it does not set values for inactive channels, as\nit only uses iio_for_each_active_channel() to assign new values.\n\nInitialize the struct to zero before using it to avoid pushing\nuninitialized information to userspace.\n\ud83d\udccf Published: 2025-01-19T11:52:31.039Z\n\ud83d\udccf Modified: 2025-01-19T11:52:31.039Z\n\ud83d\udd17 References:\n1. https://git.kernel.org/stable/c/5a95fbbecec7a34bbad5dcc3156700b8711d53c4\n2. https://git.kernel.org/stable/c/8193941bc4fe7247ff13233f328aea709f574554\n3. https://git.kernel.org/stable/c/38724591364e1e3b278b4053f102b49ea06ee17c", "creation_timestamp": "2025-01-19T11:58:42.000000Z"}, {"uuid": "0553f814-7bff-4c29-9c5d-2dad3abf747c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-57909", "type": "seen", "source": "https://t.me/cvedetector/15866", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-57909 - \"Linux IIO light bh1745 Information Leak\"\", \n  \"Content\": \"CVE ID : CVE-2024-57909 \nPublished : Jan. 19, 2025, 12:15 p.m. | 36\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved:  \n  \niio: light: bh1745: fix information leak in triggered buffer  \n  \nThe 'scan' local struct is used to push data to user space from a  \ntriggered buffer, but it does not set values for inactive channels, as  \nit only uses iio_for_each_active_channel() to assign new values.  \n  \nInitialize the struct to zero before using it to avoid pushing  \nuninitialized information to userspace. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"19 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-19T13:59:19.000000Z"}, {"uuid": "146161e0-5c66-4903-b551-7f968d3193b9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-57909", "type": "seen", "source": "Telegram/d_5nGhf0MWAPcY54XckF-b5CGAi9Nvdf7TVg6UxIZUirxEs1", "content": "", "creation_timestamp": "2025-02-18T21:11:31.000000Z"}, {"uuid": "65e5e5d5-8536-41fd-937f-d3aedb13baa2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-57907", "type": "seen", "source": "Telegram/ixzcc8daq1pB7ojwOcJbedlz_LPWj_fkJLdOovMfqFDDyFjJ", "content": "", "creation_timestamp": "2025-02-18T21:11:31.000000Z"}, {"uuid": "cabbd048-35ee-43a5-938e-bfecb8c2cb8f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-57906", "type": "seen", "source": "Telegram/t7DG41-XZq4pmUw9xxBBVMEK1KESLeLaCZ7p7eFYzgutHhy6", "content": "", "creation_timestamp": "2025-02-18T21:11:31.000000Z"}, {"uuid": "6fcab0b4-a27b-4f88-a05f-f1ae5e59d2be", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-57905", "type": "seen", "source": "Telegram/5L82iLY2phk6LzLYorTW034jdhF4N0sgUXd7qiDipYZvgQ9U", "content": "", "creation_timestamp": "2025-02-18T21:11:31.000000Z"}]}