Most recent sightings.

https://vulnerability.circl.lu/sightings/feed Most recent sightings. 2026-06-03T08:40:45.078611+00:00 Vulnerability-Lookup info@circl.lu python-feedgen Contains only the most 10 recent sightings. https://vulnerability.circl.lu/sighting/39a670a6-cbdd-495b-a31e-1e11c9cda1de/export 39a670a6-cbdd-495b-a31e-1e11c9cda1de 2026-06-03T08:40:45.560286+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "39a670a6-cbdd-495b-a31e-1e11c9cda1de", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50278", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113507242973411637", "content": "", "creation_timestamp": "2024-11-19T02:24:38.354481Z"} 2024-11-19T02:24:38.354481+00:00 https://vulnerability.circl.lu/sighting/62dbab47-9ca4-438f-aa5f-e58d7618fba6/export 62dbab47-9ca4-438f-aa5f-e58d7618fba6 2026-06-03T08:40:45.560176+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "62dbab47-9ca4-438f-aa5f-e58d7618fba6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50278", "type": "published-proof-of-concept", "source": "https://t.me/cvedetector/11428", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-50278 - \"linux kernel dm cache out-of-bounds access\"\", \n \"Content\": \"CVE ID : CVE-2024-50278 \nPublished : Nov. 19, 2024, 2:16 a.m. | 41\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved: \n \ndm cache: fix potential out-of-bounds access on the first resume \n \nOut-of-bounds access occurs if the fast device is expanded unexpectedly \nbefore the first-time resume of the cache table. This happens because \nexpanding the fast device requires reloading the cache table for \ncache_create to allocate new in-core data structures that fit the new \nsize, and the check in cache_preresume is not performed during the \nfirst resume, leading to the issue. \n \nReproduce steps: \n \n1. prepare component devices: \n \ndmsetup create cmeta --table \"0 8192 linear /dev/sdc 0\" \ndmsetup create cdata --table \"0 65536 linear /dev/sdc 8192\" \ndmsetup create corig --table \"0 524288 linear /dev/sdc 262144\" \ndd if=/dev/zero of=/dev/mapper/cmeta bs=4k count=1 oflag=direct \n \n2. load a cache table of 512 cache blocks, and deliberately expand the \n fast device before resuming the cache, making the in-core data \n structures inadequate. \n \ndmsetup create cache --notable \ndmsetup reload cache --table \"0 524288 cache /dev/mapper/cmeta \\ \n/dev/mapper/cdata /dev/mapper/corig 128 2 metadata2 writethrough smq 0\" \ndmsetup reload cdata --table \"0 131072 linear /dev/sdc 8192\" \ndmsetup resume cdata \ndmsetup resume cache \n \n3. suspend the cache to write out the in-core dirty bitset and hint \n array, leading to out-of-bounds access to the dirty bitset at offset \n 0x40: \n \ndmsetup suspend cache \n \nKASAN reports: \n \n BUG: KASAN: vmalloc-out-of-bounds in is_dirty_callback+0x2b/0x80 \n Read of size 8 at addr ffffc90000085040 by task dmsetup/90 \n \n (...snip...) \n The buggy address belongs to the virtual mapping at \n [ffffc90000085000, ffffc90000087000) created by: \n cache_ctr+0x176a/0x35f0 \n \n (...snip...) \n Memory state around the buggy address: \n ffffc90000084f00: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 \n ffffc90000084f80: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 \n >ffffc90000085000: 00 00 00 00 00 00 00 00 f8 f8 f8 f8 f8 f8 f8 f8 \n ^ \n ffffc90000085080: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 \n ffffc90000085100: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 \n \nFix by checking the size change on the first resume. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"19 Nov 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-19T04:16:10.000000Z"} 2024-11-19T04:16:10+00:00 https://vulnerability.circl.lu/sighting/b59a14c9-3c09-4cc9-8d64-7ad51dc64fb8/export b59a14c9-3c09-4cc9-8d64-7ad51dc64fb8 2026-06-03T08:40:45.560071+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "b59a14c9-3c09-4cc9-8d64-7ad51dc64fb8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50278", "type": "seen", "source": "https://bsky.app/profile/bluesky.awakari.com/post/3lwbhky6biw2y", "content": "", "creation_timestamp": "2025-08-13T09:00:04.717839Z"} 2025-08-13T09:00:04.717839+00:00 https://vulnerability.circl.lu/sighting/398cdb80-0eff-43ee-81ab-55b7bdbbb1a3/export 398cdb80-0eff-43ee-81ab-55b7bdbbb1a3 2026-06-03T08:40:45.557266+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "398cdb80-0eff-43ee-81ab-55b7bdbbb1a3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50278", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-226-07", "content": "", "creation_timestamp": "2025-08-14T10:00:00.000000Z"} 2025-08-14T10:00:00+00:00