{"uuid": "ed1cccb3-5017-456f-a7ea-65466b883eab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50293", "type": "seen", "source": "https://t.me/cvedetector/11420", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-50293 - Oracle Linux Linux Kernel SMC Dangling Sk Pointer Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-50293 \nPublished : Nov. 19, 2024, 2:16 a.m. | 41\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved:  \n  \nnet/smc: do not leave a dangling sk pointer in __smc_create()  \n  \nThanks to commit 4bbd360a5084 (\"socket: Print pf->create() when  \nit does not clear sock->sk on failure.\"), syzbot found an issue with AF_SMC:  \n  \nsmc_create must clear sock->sk on failure, family: 43, type: 1, protocol: 0  \n WARNING: CPU: 0 PID: 5827 at net/socket.c:1565 __sock_create+0x96f/0xa30 net/socket.c:1563  \nModules linked in:  \nCPU: 0 UID: 0 PID: 5827 Comm: syz-executor259 Not tainted 6.12.0-rc6-next-20241106-syzkaller #0  \nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024  \n RIP: 0010:__sock_create+0x96f/0xa30 net/socket.c:1563  \nCode: 03 00 74 08 4c 89 e7 e8 4f 3b 85 f8 49 8b 34 24 48 c7 c7 40 89 0c 8d 8b 54 24 04 8b 4c 24 0c 44 8b 44 24 08 e8 32 78 db f7 90 <0f0b 90 90 e9 d3 fd ff ff 89 e9 80 e1 07 fe c1 38 c1 0f 8c ee f7  \nRSP: 0018:ffffc90003e4fda0 EFLAGS: 00010246  \nRAX: 099c6f938c7f4700 RBX: 1ffffffff1a595fd RCX: ffff888034823c00  \nRDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000  \nRBP: 00000000ffffffe9 R08: ffffffff81567052 R09: 1ffff920007c9f50  \nR10: dffffc0000000000 R11: fffff520007c9f51 R12: ffffffff8d2cafe8  \nR13: 1ffffffff1a595fe R14: ffffffff9a789c40 R15: ffff8880764298c0  \nFS:  000055557b518380(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000  \nCS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033  \nCR2: 00007fa62ff43225 CR3: 0000000031628000 CR4: 00000000003526f0  \nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000  \nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400  \nCall Trace:  \n   \n  sock_create net/socket.c:1616 [inline]  \n  __sys_socket_create net/socket.c:1653 [inline]  \n  __sys_socket+0x150/0x3c0 net/socket.c:1700  \n  __do_sys_socket net/socket.c:1714 [inline]  \n  __se_sys_socket net/socket.c:1712 [inline]  \n  \nFor reference, see commit 2d859aff775d (\"Merge branch  \n'do-not-leave-dangling-sk-pointers-in-pf-create-functions'\") \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"19 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-19T04:15:58.000000Z"}