Most recent sightings.

Most recent sightings. https://vulnerability.circl.lu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Sun, 31 May 2026 23:01:13 +0000 c51dffd9-f5fb-4218-98b8-feace6bcdc65 https://vulnerability.circl.lu/sighting/c51dffd9-f5fb-4218-98b8-feace6bcdc65/export {"uuid": "c51dffd9-f5fb-4218-98b8-feace6bcdc65", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49861", "type": "seen", "source": "https://t.me/cvedetector/8487", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-49861 - Linux Kernel BPF Off-Path Write Weakness Cisco\", \n \"Content\": \"CVE ID : CVE-2024-49861 \nPublished : Oct. 21, 2024, 1:15 p.m. | 41\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved: \n \nbpf: Fix helper writes to read-only maps \n \nLonial found an issue that despite user- and BPF-side frozen BPF map \n(like in case of .rodata), it was still possible to write into it from \na BPF program side through specific helpers having ARG_PTR_TO_{LONG,INT} \nas arguments. \n \nIn check_func_arg() when the argument is as mentioned, the meta->raw_mode \nis never set. Later, check_helper_mem_access(), under the case of \nPTR_TO_MAP_VALUE as register base type, it assumes BPF_READ for the \nsubsequent call to check_map_access_type() and given the BPF map is \nread-only it succeeds. \n \nThe helpers really need to be annotated as ARG_PTR_TO_{LONG,INT} | MEM_UNINIT \nwhen results are written into them as opposed to read out of them. The \nlatter indicates that it's okay to pass a pointer to uninitialized memory \nas the memory is written to anyway. \n \nHowever, ARG_PTR_TO_{LONG,INT} is a special case of ARG_PTR_TO_FIXED_SIZE_MEM \njust with additional alignment requirement. So it is better to just get \nrid of the ARG_PTR_TO_{LONG,INT} special cases altogether and reuse the \nfixed size memory types. For this, add MEM_ALIGNED to additionally ensure \nalignment given these helpers write directly into the args via * = val. \nThe .arg*_size has been initialized reflecting the actual sizeof(*). \n \nMEM_ALIGNED can only be used in combination with MEM_FIXED_SIZE annotated \nargument types, since in !MEM_FIXED_SIZE cases the verifier does not know \nthe buffer size a priori and therefore cannot blindly write * = val. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"21 Oct 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-21T16:00:56.000000Z"} {"uuid": "c51dffd9-f5fb-4218-98b8-feace6bcdc65", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49861", "type": "seen", "source": "https://t.me/cvedetector/8487", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-49861 - Linux Kernel BPF Off-Path Write Weakness Cisco\", \n \"Content\": \"CVE ID : CVE-2024-49861 \nPublished : Oct. 21, 2024, 1:15 p.m. | 41\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved: \n \nbpf: Fix helper writes to read-only maps \n \nLonial found an issue that despite user- and BPF-side frozen BPF map \n(like in case of .rodata), it was still possible to write into it from \na BPF program side through specific helpers having ARG_PTR_TO_{LONG,INT} \nas arguments. \n \nIn check_func_arg() when the argument is as mentioned, the meta->raw_mode \nis never set. Later, check_helper_mem_access(), under the case of \nPTR_TO_MAP_VALUE as register base type, it assumes BPF_READ for the \nsubsequent call to check_map_access_type() and given the BPF map is \nread-only it succeeds. \n \nThe helpers really need to be annotated as ARG_PTR_TO_{LONG,INT} | MEM_UNINIT \nwhen results are written into them as opposed to read out of them. The \nlatter indicates that it's okay to pass a pointer to uninitialized memory \nas the memory is written to anyway. \n \nHowever, ARG_PTR_TO_{LONG,INT} is a special case of ARG_PTR_TO_FIXED_SIZE_MEM \njust with additional alignment requirement. So it is better to just get \nrid of the ARG_PTR_TO_{LONG,INT} special cases altogether and reuse the \nfixed size memory types. For this, add MEM_ALIGNED to additionally ensure \nalignment given these helpers write directly into the args via * = val. \nThe .arg*_size has been initialized reflecting the actual sizeof(*). \n \nMEM_ALIGNED can only be used in combination with MEM_FIXED_SIZE annotated \nargument types, since in !MEM_FIXED_SIZE cases the verifier does not know \nthe buffer size a priori and therefore cannot blindly write * = val. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"21 Oct 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-21T16:00:56.000000Z"} https://vulnerability.circl.lu/sighting/c51dffd9-f5fb-4218-98b8-feace6bcdc65/export Mon, 21 Oct 2024 16:00:56 +0000 81f996cf-218b-4370-b8c1-500c2b469d09 https://vulnerability.circl.lu/sighting/81f996cf-218b-4370-b8c1-500c2b469d09/export {"uuid": "81f996cf-218b-4370-b8c1-500c2b469d09", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "c933734a-9be8-4142-889e-26e95c752803", "vulnerability": "CVE-2024-49861", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/816dcc8e-f25a-4895-9b59-1bbd9caeccb8", "content": "", "creation_timestamp": "2025-12-03T14:14:49.267740Z"} {"uuid": "81f996cf-218b-4370-b8c1-500c2b469d09", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "c933734a-9be8-4142-889e-26e95c752803", "vulnerability": "CVE-2024-49861", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/816dcc8e-f25a-4895-9b59-1bbd9caeccb8", "content": "", "creation_timestamp": "2025-12-03T14:14:49.267740Z"} https://vulnerability.circl.lu/sighting/81f996cf-218b-4370-b8c1-500c2b469d09/export Wed, 03 Dec 2025 14:14:49 +0000 53c55a26-29e5-494d-8c93-6d0247803101 https://vulnerability.circl.lu/sighting/53c55a26-29e5-494d-8c93-6d0247803101/export {"uuid": "53c55a26-29e5-494d-8c93-6d0247803101", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2024-49861", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/", "content": "", "creation_timestamp": "2026-03-19T00:00:00.000000Z"} {"uuid": "53c55a26-29e5-494d-8c93-6d0247803101", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2024-49861", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/", "content": "", "creation_timestamp": "2026-03-19T00:00:00.000000Z"} https://vulnerability.circl.lu/sighting/53c55a26-29e5-494d-8c93-6d0247803101/export Thu, 19 Mar 2026 00:00:00 +0000