https://vulnerability.circl.lu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Fri, 08 May 2026 16:42:54 +0000 https://vulnerability.circl.lu/sighting/1eae9aa3-4697-42ca-8914-33d80bedfa08/export {"uuid": "1eae9aa3-4697-42ca-8914-33d80bedfa08", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-49285", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/5434", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-49285\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: In the Linux kernel, the following vulnerability has been resolved:\n\niio: accel: mma8452: use the correct logic to get mma8452_data\n\nThe original logic to get mma8452_data is wrong, the *dev point to\nthe device belong to iio_dev. we can't use this dev to find the\ncorrect i2c_client. The original logic happen to work because it\nfinally use dev->driver_data to get iio_dev. Here use the API\nto_i2c_client() is wrong and make reader confuse. To correct the\nlogic, it should be like this\n\n struct mma8452_data *data = iio_priv(dev_get_drvdata(dev));\n\nBut after commit 8b7651f25962 (\"iio: iio_device_alloc(): Remove\nunnecessary self drvdata\"), the upper logic also can't work.\nWhen try to show the avialable scale in userspace, will meet kernel\ndump, kernel handle NULL pointer dereference.\n\nSo use dev_to_iio_dev() to correct the logic.\n\nDual fixes tags as the second reflects when the bug was exposed, whilst\nthe first reflects when the original bug was introduced.\n\ud83d\udccf Published: 2025-02-26T01:56:25.096Z\n\ud83d\udccf Modified: 2025-02-26T01:56:25.096Z\n\ud83d\udd17 References:\n1. https://git.kernel.org/stable/c/4c0bb583a4444cce224e8661090cbffc98e2fe07\n2. https://git.kernel.org/stable/c/d2d9ebdbff79d87d27652578e6d1638ad3b5f3bf\n3. https://git.kernel.org/stable/c/c87b7b12f48db86ac9909894f4dc0107d7df6375", "creation_timestamp": "2025-02-26T02:23:38.000000Z"} {"uuid": "1eae9aa3-4697-42ca-8914-33d80bedfa08", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-49285", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/5434", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-49285\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: In the Linux kernel, the following vulnerability has been resolved:\n\niio: accel: mma8452: use the correct logic to get mma8452_data\n\nThe original logic to get mma8452_data is wrong, the *dev point to\nthe device belong to iio_dev. we can't use this dev to find the\ncorrect i2c_client. The original logic happen to work because it\nfinally use dev->driver_data to get iio_dev. Here use the API\nto_i2c_client() is wrong and make reader confuse. To correct the\nlogic, it should be like this\n\n struct mma8452_data *data = iio_priv(dev_get_drvdata(dev));\n\nBut after commit 8b7651f25962 (\"iio: iio_device_alloc(): Remove\nunnecessary self drvdata\"), the upper logic also can't work.\nWhen try to show the avialable scale in userspace, will meet kernel\ndump, kernel handle NULL pointer dereference.\n\nSo use dev_to_iio_dev() to correct the logic.\n\nDual fixes tags as the second reflects when the bug was exposed, whilst\nthe first reflects when the original bug was introduced.\n\ud83d\udccf Published: 2025-02-26T01:56:25.096Z\n\ud83d\udccf Modified: 2025-02-26T01:56:25.096Z\n\ud83d\udd17 References:\n1. https://git.kernel.org/stable/c/4c0bb583a4444cce224e8661090cbffc98e2fe07\n2. https://git.kernel.org/stable/c/d2d9ebdbff79d87d27652578e6d1638ad3b5f3bf\n3. https://git.kernel.org/stable/c/c87b7b12f48db86ac9909894f4dc0107d7df6375", "creation_timestamp": "2025-02-26T02:23:38.000000Z"} https://vulnerability.circl.lu/sighting/1eae9aa3-4697-42ca-8914-33d80bedfa08/export Wed, 26 Feb 2025 02:23:38 +0000 https://vulnerability.circl.lu/sighting/98521444-80a4-450a-b461-0acf439482d6/export {"uuid": "98521444-80a4-450a-b461-0acf439482d6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "c933734a-9be8-4142-889e-26e95c752803", "vulnerability": "CVE-2022-49285", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/816dcc8e-f25a-4895-9b59-1bbd9caeccb8", "content": "", "creation_timestamp": "2025-12-03T14:14:49.267740Z"} {"uuid": "98521444-80a4-450a-b461-0acf439482d6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "c933734a-9be8-4142-889e-26e95c752803", "vulnerability": "CVE-2022-49285", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/816dcc8e-f25a-4895-9b59-1bbd9caeccb8", "content": "", "creation_timestamp": "2025-12-03T14:14:49.267740Z"} https://vulnerability.circl.lu/sighting/98521444-80a4-450a-b461-0acf439482d6/export Wed, 03 Dec 2025 14:14:49 +0000