Most recent sightings.

Most recent sightings. https://vulnerability.circl.lu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Tue, 02 Jun 2026 12:30:36 +0000 c140a324-e857-4bb7-bee6-ea1fd9088dbe https://vulnerability.circl.lu/sighting/c140a324-e857-4bb7-bee6-ea1fd9088dbe/export {"uuid": "c140a324-e857-4bb7-bee6-ea1fd9088dbe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-44959", "type": "seen", "source": "https://t.me/cvedetector/4844", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-44959 - Linux tracefs RCU List Corruption\", \n \"Content\": \"CVE ID : CVE-2024-44959 \nPublished : Sept. 4, 2024, 7:15 p.m. | 36\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved: \n \ntracefs: Use generic inode RCU for synchronizing freeing \n \nWith structure layout randomization enabled for 'struct inode' we need to \navoid overlapping any of the RCU-used / initialized-only-once members, \ne.g. i_lru or i_sb_list to not corrupt related list traversals when making \nuse of the rcu_head. \n \nFor an unlucky structure layout of 'struct inode' we may end up with the \nfollowing splat when running the ftrace selftests: \n \n[<...] list_del corruption, ffff888103ee2cb0->next (tracefs_inode_cache+0x0/0x4e0 [slab object]) is NULL (prev is tracefs_inode_cache+0x78/0x4e0 [slab object]) \n[<...] ------------[ cut here ]------------ \n[<...] kernel BUG at lib/list_debug.c:54! \n[<...] invalid opcode: 0000 [#1] PREEMPT SMP KASAN \n[<...] CPU: 3 PID: 2550 Comm: mount Tainted: G N 6.8.12-grsec+ #122 ed2f536ca62f28b087b90e3cc906a8d25b3ddc65 \n[<...] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.14.0-2 04/01/2014 \n[<...] RIP: 0010:[] __list_del_entry_valid_or_report+0x138/0x3e0 \n[<...] Code: 48 b8 99 fb 65 f2 ff ff ff ff e9 03 5c d9 fc cc 48 b8 99 fb 65 f2 ff ff ff ff e9 33 5a d9 fc cc 48 b8 99 fb 65 f2 ff ff ff ff 0b 4c 89 e9 48 89 ea 48 89 ee 48 c7 c7 60 8f dd 89 31 c0 e8 2f \n[<...] RSP: 0018:fffffe80416afaf0 EFLAGS: 00010283 \n[<...] RAX: 0000000000000098 RBX: ffff888103ee2cb0 RCX: 0000000000000000 \n[<...] RDX: ffffffff84655fe8 RSI: ffffffff89dd8b60 RDI: 0000000000000001 \n[<...] RBP: ffff888103ee2cb0 R08: 0000000000000001 R09: fffffbd0082d5f25 \n[<...] R10: fffffe80416af92f R11: 0000000000000001 R12: fdf99c16731d9b6d \n[<...] R13: 0000000000000000 R14: ffff88819ad4b8b8 R15: 0000000000000000 \n[<...] RBX: tracefs_inode_cache+0x0/0x4e0 [slab object] \n[<...] RDX: __list_del_entry_valid_or_report+0x108/0x3e0 \n[<...] RSI: __func__.47+0x4340/0x4400 \n[<...] RBP: tracefs_inode_cache+0x0/0x4e0 [slab object] \n[<...] RSP: process kstack fffffe80416afaf0+0x7af0/0x8000 [mount 2550 2550] \n[<...] R09: kasan shadow of process kstack fffffe80416af928+0x7928/0x8000 [mount 2550 2550] \n[<...] R10: process kstack fffffe80416af92f+0x792f/0x8000 [mount 2550 2550] \n[<...] R14: tracefs_inode_cache+0x78/0x4e0 [slab object] \n[<...] FS: 00006dcb380c1840(0000) GS:ffff8881e0600000(0000) knlGS:0000000000000000 \n[<...] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 \n[<...] CR2: 000076ab72b30e84 CR3: 000000000b088004 CR4: 0000000000360ef0 shadow CR4: 0000000000360ef0 \n[<...] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 \n[<...] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 \n[<...] ASID: 0003 \n[<...] Stack: \n[<...] ffffffff818a2315 00000000f5c856ee ffffffff896f1840 ffff888103ee2cb0 \n[<...] ffff88812b6b9750 0000000079d714b6 fffffbfff1e9280b ffffffff8f49405f \n[<...] 0000000000000001 0000000000000000 ffff888104457280 ffffffff8248b392 \n[<...] Call Trace: \n[<...] \n[<...] [] ? lock_release+0x175/0x380 fffffe80416afaf0 \n[<...] [] list_lru_del+0x152/0x740 fffffe80416afb48 \n[<...] [] list_lru_del_obj+0x113/0x280 fffffe80416afb88 \n[<...] [] ? _atomic_dec_and_lock+0x119/0x200 fffffe80416afb90 \n[<...] [] iput_final+0x1c4/0x9a0 fffffe80416afbb8 \n[<...] [] dentry_unlink_inode+0x44b/0xaa0 fffffe80416afbf8 \n[<...] [] __dentry_kill+0x23c/0xf00 fffffe80416afc40 \n[<...] [] ? __this_cpu_preempt_check+0x1f/0xa0 fffffe80416afc48 \n[<...] [] ? shrink_dentry_list+0x1c5/0x760 fffffe80416afc70 \n[<...] [] ? shrink_dentry_list+0x51/0x760 fffffe80416afc78 \n[<...] [] shrink_dentry_list+0x288/0x760 fffffe80416afc80 \n[<...] [] shrink_dcache_sb+0x155/0x420 fffffe80416afcc8 \n[<...] [] ? debug_smp_[...]", "creation_timestamp": "2024-09-04T21:56:24.000000Z"} {"uuid": "c140a324-e857-4bb7-bee6-ea1fd9088dbe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-44959", "type": "seen", "source": "https://t.me/cvedetector/4844", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-44959 - Linux tracefs RCU List Corruption\", \n \"Content\": \"CVE ID : CVE-2024-44959 \nPublished : Sept. 4, 2024, 7:15 p.m. | 36\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved: \n \ntracefs: Use generic inode RCU for synchronizing freeing \n \nWith structure layout randomization enabled for 'struct inode' we need to \navoid overlapping any of the RCU-used / initialized-only-once members, \ne.g. i_lru or i_sb_list to not corrupt related list traversals when making \nuse of the rcu_head. \n \nFor an unlucky structure layout of 'struct inode' we may end up with the \nfollowing splat when running the ftrace selftests: \n \n[<...] list_del corruption, ffff888103ee2cb0->next (tracefs_inode_cache+0x0/0x4e0 [slab object]) is NULL (prev is tracefs_inode_cache+0x78/0x4e0 [slab object]) \n[<...] ------------[ cut here ]------------ \n[<...] kernel BUG at lib/list_debug.c:54! \n[<...] invalid opcode: 0000 [#1] PREEMPT SMP KASAN \n[<...] CPU: 3 PID: 2550 Comm: mount Tainted: G N 6.8.12-grsec+ #122 ed2f536ca62f28b087b90e3cc906a8d25b3ddc65 \n[<...] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.14.0-2 04/01/2014 \n[<...] RIP: 0010:[] __list_del_entry_valid_or_report+0x138/0x3e0 \n[<...] Code: 48 b8 99 fb 65 f2 ff ff ff ff e9 03 5c d9 fc cc 48 b8 99 fb 65 f2 ff ff ff ff e9 33 5a d9 fc cc 48 b8 99 fb 65 f2 ff ff ff ff 0b 4c 89 e9 48 89 ea 48 89 ee 48 c7 c7 60 8f dd 89 31 c0 e8 2f \n[<...] RSP: 0018:fffffe80416afaf0 EFLAGS: 00010283 \n[<...] RAX: 0000000000000098 RBX: ffff888103ee2cb0 RCX: 0000000000000000 \n[<...] RDX: ffffffff84655fe8 RSI: ffffffff89dd8b60 RDI: 0000000000000001 \n[<...] RBP: ffff888103ee2cb0 R08: 0000000000000001 R09: fffffbd0082d5f25 \n[<...] R10: fffffe80416af92f R11: 0000000000000001 R12: fdf99c16731d9b6d \n[<...] R13: 0000000000000000 R14: ffff88819ad4b8b8 R15: 0000000000000000 \n[<...] RBX: tracefs_inode_cache+0x0/0x4e0 [slab object] \n[<...] RDX: __list_del_entry_valid_or_report+0x108/0x3e0 \n[<...] RSI: __func__.47+0x4340/0x4400 \n[<...] RBP: tracefs_inode_cache+0x0/0x4e0 [slab object] \n[<...] RSP: process kstack fffffe80416afaf0+0x7af0/0x8000 [mount 2550 2550] \n[<...] R09: kasan shadow of process kstack fffffe80416af928+0x7928/0x8000 [mount 2550 2550] \n[<...] R10: process kstack fffffe80416af92f+0x792f/0x8000 [mount 2550 2550] \n[<...] R14: tracefs_inode_cache+0x78/0x4e0 [slab object] \n[<...] FS: 00006dcb380c1840(0000) GS:ffff8881e0600000(0000) knlGS:0000000000000000 \n[<...] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 \n[<...] CR2: 000076ab72b30e84 CR3: 000000000b088004 CR4: 0000000000360ef0 shadow CR4: 0000000000360ef0 \n[<...] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 \n[<...] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 \n[<...] ASID: 0003 \n[<...] Stack: \n[<...] ffffffff818a2315 00000000f5c856ee ffffffff896f1840 ffff888103ee2cb0 \n[<...] ffff88812b6b9750 0000000079d714b6 fffffbfff1e9280b ffffffff8f49405f \n[<...] 0000000000000001 0000000000000000 ffff888104457280 ffffffff8248b392 \n[<...] Call Trace: \n[<...] \n[<...] [] ? lock_release+0x175/0x380 fffffe80416afaf0 \n[<...] [] list_lru_del+0x152/0x740 fffffe80416afb48 \n[<...] [] list_lru_del_obj+0x113/0x280 fffffe80416afb88 \n[<...] [] ? _atomic_dec_and_lock+0x119/0x200 fffffe80416afb90 \n[<...] [] iput_final+0x1c4/0x9a0 fffffe80416afbb8 \n[<...] [] dentry_unlink_inode+0x44b/0xaa0 fffffe80416afbf8 \n[<...] [] __dentry_kill+0x23c/0xf00 fffffe80416afc40 \n[<...] [] ? __this_cpu_preempt_check+0x1f/0xa0 fffffe80416afc48 \n[<...] [] ? shrink_dentry_list+0x1c5/0x760 fffffe80416afc70 \n[<...] [] ? shrink_dentry_list+0x51/0x760 fffffe80416afc78 \n[<...] [] shrink_dentry_list+0x288/0x760 fffffe80416afc80 \n[<...] [] shrink_dcache_sb+0x155/0x420 fffffe80416afcc8 \n[<...] [] ? debug_smp_[...]", "creation_timestamp": "2024-09-04T21:56:24.000000Z"} https://vulnerability.circl.lu/sighting/c140a324-e857-4bb7-bee6-ea1fd9088dbe/export Wed, 04 Sep 2024 21:56:24 +0000