<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<rss xmlns:atom="http://www.w3.org/2005/Atom" xmlns:content="http://purl.org/rss/1.0/modules/content/" version="2.0">
  <channel>
    <title>Most recent sightings.</title>
    <link>https://vulnerability.circl.lu</link>
    <description>Contains only the most 10 recent sightings.</description>
    <docs>http://www.rssboard.org/rss-specification</docs>
    <generator>python-feedgen</generator>
    <language>en</language>
    <lastBuildDate>Fri, 03 Jul 2026 23:22:11 +0000</lastBuildDate>
    <item>
      <title>1ce74025-ed21-4a53-a39d-35aac58ccec8</title>
      <link>https://vulnerability.circl.lu/sighting/1ce74025-ed21-4a53-a39d-35aac58ccec8/export</link>
      <description>{"uuid": "1ce74025-ed21-4a53-a39d-35aac58ccec8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "c933734a-9be8-4142-889e-26e95c752803", "vulnerability": "CVE-2024-44938", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/816dcc8e-f25a-4895-9b59-1bbd9caeccb8", "content": "", "creation_timestamp": "2025-12-03T14:14:49.267740Z"}</description>
      <content:encoded>{"uuid": "1ce74025-ed21-4a53-a39d-35aac58ccec8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "c933734a-9be8-4142-889e-26e95c752803", "vulnerability": "CVE-2024-44938", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/816dcc8e-f25a-4895-9b59-1bbd9caeccb8", "content": "", "creation_timestamp": "2025-12-03T14:14:49.267740Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/1ce74025-ed21-4a53-a39d-35aac58ccec8/export</guid>
      <pubDate>Wed, 03 Dec 2025 14:14:49 +0000</pubDate>
    </item>
    <item>
      <title>8b08c11d-38c8-4470-82c4-1378adbe3a5e</title>
      <link>https://vulnerability.circl.lu/sighting/8b08c11d-38c8-4470-82c4-1378adbe3a5e/export</link>
      <description>{"uuid": "8b08c11d-38c8-4470-82c4-1378adbe3a5e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "c933734a-9be8-4142-889e-26e95c752803", "vulnerability": "CVE-2024-44939", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/816dcc8e-f25a-4895-9b59-1bbd9caeccb8", "content": "", "creation_timestamp": "2025-12-03T14:14:49.267740Z"}</description>
      <content:encoded>{"uuid": "8b08c11d-38c8-4470-82c4-1378adbe3a5e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "c933734a-9be8-4142-889e-26e95c752803", "vulnerability": "CVE-2024-44939", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/816dcc8e-f25a-4895-9b59-1bbd9caeccb8", "content": "", "creation_timestamp": "2025-12-03T14:14:49.267740Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/8b08c11d-38c8-4470-82c4-1378adbe3a5e/export</guid>
      <pubDate>Wed, 03 Dec 2025 14:14:49 +0000</pubDate>
    </item>
    <item>
      <title>e20df464-c98b-4733-af0d-0145233309e9</title>
      <link>https://vulnerability.circl.lu/sighting/e20df464-c98b-4733-af0d-0145233309e9/export</link>
      <description>{"uuid": "e20df464-c98b-4733-af0d-0145233309e9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-44935", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-226-07", "content": "", "creation_timestamp": "2025-08-14T10:00:00.000000Z"}</description>
      <content:encoded>{"uuid": "e20df464-c98b-4733-af0d-0145233309e9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-44935", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-226-07", "content": "", "creation_timestamp": "2025-08-14T10:00:00.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/e20df464-c98b-4733-af0d-0145233309e9/export</guid>
      <pubDate>Thu, 14 Aug 2025 10:00:00 +0000</pubDate>
    </item>
    <item>
      <title>c963c8b5-c01d-43f8-821b-a5781e5f180f</title>
      <link>https://vulnerability.circl.lu/sighting/c963c8b5-c01d-43f8-821b-a5781e5f180f/export</link>
      <description>{"uuid": "c963c8b5-c01d-43f8-821b-a5781e5f180f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-44930", "type": "seen", "source": "https://t.me/cvedetector/4441", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-44930 - Serilog Client IP Spoofing Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-44930 \nPublished : Aug. 29, 2024, 6:15 p.m. | 44\u00a0minutes ago \nDescription : Serilog before v2.1.0 was discovered to contain a Client IP Spoofing vulnerability, which allows attackers to falsify their IP addresses by specifying an arbitrary IP as a value of X-Forwarded-For or Client-Ip headers while performing HTTP requests. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"29 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-29T21:14:44.000000Z"}</description>
      <content:encoded>{"uuid": "c963c8b5-c01d-43f8-821b-a5781e5f180f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-44930", "type": "seen", "source": "https://t.me/cvedetector/4441", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-44930 - Serilog Client IP Spoofing Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-44930 \nPublished : Aug. 29, 2024, 6:15 p.m. | 44\u00a0minutes ago \nDescription : Serilog before v2.1.0 was discovered to contain a Client IP Spoofing vulnerability, which allows attackers to falsify their IP addresses by specifying an arbitrary IP as a value of X-Forwarded-For or Client-Ip headers while performing HTTP requests. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"29 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-29T21:14:44.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/c963c8b5-c01d-43f8-821b-a5781e5f180f/export</guid>
      <pubDate>Thu, 29 Aug 2024 21:14:44 +0000</pubDate>
    </item>
    <item>
      <title>39c10b11-4b75-4e0b-a514-fb0ba50c2085</title>
      <link>https://vulnerability.circl.lu/sighting/39c10b11-4b75-4e0b-a514-fb0ba50c2085/export</link>
      <description>{"uuid": "39c10b11-4b75-4e0b-a514-fb0ba50c2085", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-44938", "type": "seen", "source": "https://t.me/cvedetector/4136", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-44938 - Linux Kernel JFS ArrayIndexOutOfBoundsException\", \n  \"Content\": \"CVE ID : CVE-2024-44938 \nPublished : Aug. 26, 2024, 12:15 p.m. | 42\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved:  \n  \njfs: Fix shift-out-of-bounds in dbDiscardAG  \n  \nWhen searching for the next smaller log2 block, BLKSTOL2() returned 0,  \ncausing shift exponent -1 to be negative.  \n  \nThis patch fixes the issue by exiting the loop directly when negative  \nshift is found. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"26 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-26T15:23:56.000000Z"}</description>
      <content:encoded>{"uuid": "39c10b11-4b75-4e0b-a514-fb0ba50c2085", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-44938", "type": "seen", "source": "https://t.me/cvedetector/4136", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-44938 - Linux Kernel JFS ArrayIndexOutOfBoundsException\", \n  \"Content\": \"CVE ID : CVE-2024-44938 \nPublished : Aug. 26, 2024, 12:15 p.m. | 42\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved:  \n  \njfs: Fix shift-out-of-bounds in dbDiscardAG  \n  \nWhen searching for the next smaller log2 block, BLKSTOL2() returned 0,  \ncausing shift exponent -1 to be negative.  \n  \nThis patch fixes the issue by exiting the loop directly when negative  \nshift is found. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"26 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-26T15:23:56.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/39c10b11-4b75-4e0b-a514-fb0ba50c2085/export</guid>
      <pubDate>Mon, 26 Aug 2024 15:23:56 +0000</pubDate>
    </item>
    <item>
      <title>f0ba9473-f852-4904-a0df-9d45bb654664</title>
      <link>https://vulnerability.circl.lu/sighting/f0ba9473-f852-4904-a0df-9d45bb654664/export</link>
      <description>{"uuid": "f0ba9473-f852-4904-a0df-9d45bb654664", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-44939", "type": "seen", "source": "https://t.me/cvedetector/4134", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-44939 - Linux Kernel JFS Null Pointer Dereference\", \n  \"Content\": \"CVE ID : CVE-2024-44939 \nPublished : Aug. 26, 2024, 12:15 p.m. | 42\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved:  \n  \njfs: fix null ptr deref in dtInsertEntry  \n  \n[syzbot reported]  \ngeneral protection fault, probably for non-canonical address 0xdffffc0000000001: 0000 [#1] PREEMPT SMP KASAN PTI  \nKASAN: null-ptr-deref in range [0x0000000000000008-0x000000000000000f]  \nCPU: 0 PID: 5061 Comm: syz-executor404 Not tainted 6.8.0-syzkaller-08951-gfe46a7dd189e #0  \nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024  \nRIP: 0010:dtInsertEntry+0xd0c/0x1780 fs/jfs/jfs_dtree.c:3713  \n...  \n[Analyze]  \nIn dtInsertEntry(), when the pointer h has the same value as p, after writing  \nname in UniStrncpy_to_le(), p-&amp;gt;header.flag will be cleared. This will cause the  \npreviously true judgment \"p-&amp;gt;header.flag &amp;amp; BT-LEAF\" to change to no after writing  \nthe name operation, this leads to entering an incorrect branch and accessing the  \nuninitialized object ih when judging this condition for the second time.  \n  \n[Fix]  \nAfter got the page, check freelist first, if freelist == 0 then exit dtInsert()  \nand return -EINVAL. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"26 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-26T15:23:52.000000Z"}</description>
      <content:encoded>{"uuid": "f0ba9473-f852-4904-a0df-9d45bb654664", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-44939", "type": "seen", "source": "https://t.me/cvedetector/4134", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-44939 - Linux Kernel JFS Null Pointer Dereference\", \n  \"Content\": \"CVE ID : CVE-2024-44939 \nPublished : Aug. 26, 2024, 12:15 p.m. | 42\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved:  \n  \njfs: fix null ptr deref in dtInsertEntry  \n  \n[syzbot reported]  \ngeneral protection fault, probably for non-canonical address 0xdffffc0000000001: 0000 [#1] PREEMPT SMP KASAN PTI  \nKASAN: null-ptr-deref in range [0x0000000000000008-0x000000000000000f]  \nCPU: 0 PID: 5061 Comm: syz-executor404 Not tainted 6.8.0-syzkaller-08951-gfe46a7dd189e #0  \nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024  \nRIP: 0010:dtInsertEntry+0xd0c/0x1780 fs/jfs/jfs_dtree.c:3713  \n...  \n[Analyze]  \nIn dtInsertEntry(), when the pointer h has the same value as p, after writing  \nname in UniStrncpy_to_le(), p-&amp;gt;header.flag will be cleared. This will cause the  \npreviously true judgment \"p-&amp;gt;header.flag &amp;amp; BT-LEAF\" to change to no after writing  \nthe name operation, this leads to entering an incorrect branch and accessing the  \nuninitialized object ih when judging this condition for the second time.  \n  \n[Fix]  \nAfter got the page, check freelist first, if freelist == 0 then exit dtInsert()  \nand return -EINVAL. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"26 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-26T15:23:52.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/f0ba9473-f852-4904-a0df-9d45bb654664/export</guid>
      <pubDate>Mon, 26 Aug 2024 15:23:52 +0000</pubDate>
    </item>
    <item>
      <title>8e7f5716-d639-4b01-a286-4b5612b8907e</title>
      <link>https://vulnerability.circl.lu/sighting/8e7f5716-d639-4b01-a286-4b5612b8907e/export</link>
      <description>{"uuid": "8e7f5716-d639-4b01-a286-4b5612b8907e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-44931", "type": "seen", "source": "https://t.me/cvedetector/4122", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-44931 - Linux Kernel GPIO Spectre Information Leak\", \n  \"Content\": \"CVE ID : CVE-2024-44931 \nPublished : Aug. 26, 2024, 11:15 a.m. | 21\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved:  \n  \ngpio: prevent potential speculation leaks in gpio_device_get_desc()  \n  \nUserspace may trigger a speculative read of an address outside the gpio  \ndescriptor array.  \nUsers can do that by calling gpio_ioctl() with an offset out of range.  \nOffset is copied from user and then used as an array index to get  \nthe gpio descriptor without sanitization in gpio_device_get_desc().  \n  \nThis change ensures that the offset is sanitized by using  \narray_index_nospec() to mitigate any possibility of speculative  \ninformation leaks.  \n  \nThis bug was discovered and resolved using Coverity Static Analysis  \nSecurity Testing (SAST) by Synopsys, Inc. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"26 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-26T13:42:51.000000Z"}</description>
      <content:encoded>{"uuid": "8e7f5716-d639-4b01-a286-4b5612b8907e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-44931", "type": "seen", "source": "https://t.me/cvedetector/4122", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-44931 - Linux Kernel GPIO Spectre Information Leak\", \n  \"Content\": \"CVE ID : CVE-2024-44931 \nPublished : Aug. 26, 2024, 11:15 a.m. | 21\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved:  \n  \ngpio: prevent potential speculation leaks in gpio_device_get_desc()  \n  \nUserspace may trigger a speculative read of an address outside the gpio  \ndescriptor array.  \nUsers can do that by calling gpio_ioctl() with an offset out of range.  \nOffset is copied from user and then used as an array index to get  \nthe gpio descriptor without sanitization in gpio_device_get_desc().  \n  \nThis change ensures that the offset is sanitized by using  \narray_index_nospec() to mitigate any possibility of speculative  \ninformation leaks.  \n  \nThis bug was discovered and resolved using Coverity Static Analysis  \nSecurity Testing (SAST) by Synopsys, Inc. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"26 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-26T13:42:51.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/8e7f5716-d639-4b01-a286-4b5612b8907e/export</guid>
      <pubDate>Mon, 26 Aug 2024 13:42:51 +0000</pubDate>
    </item>
    <item>
      <title>c6b4098a-767e-4200-8e25-4385751e26d3</title>
      <link>https://vulnerability.circl.lu/sighting/c6b4098a-767e-4200-8e25-4385751e26d3/export</link>
      <description>{"uuid": "c6b4098a-767e-4200-8e25-4385751e26d3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-44932", "type": "seen", "source": "https://t.me/cvedetector/4120", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-44932 - Linux Kernel idpf Use-After-Free Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-44932 \nPublished : Aug. 26, 2024, 11:15 a.m. | 21\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved:  \n  \nidpf: fix UAFs when destroying the queues  \n  \nThe second tagged commit started sometimes (very rarely, but possible)  \nthrowing WARNs from  \nnet/core/page_pool.c:page_pool_disable_direct_recycling().  \nTurned out idpf frees interrupt vectors with embedded NAPIs *before*  \nfreeing the queues making page_pools' NAPI pointers lead to freed  \nmemory before these pools are destroyed by libeth.  \nIt's not clear whether there are other accesses to the freed vectors  \nwhen destroying the queues, but anyway, we usually free queue/interrupt  \nvectors only when the queues are destroyed and the NAPIs are guaranteed  \nto not be referenced anywhere.  \n  \nInvert the allocation and freeing logic making queue/interrupt vectors  \nbe allocated first and freed last. Vectors don't require queues to be  \npresent, so this is safe. Additionally, this change allows to remove  \nthat useless queue-&amp;gt;q_vector pointer cleanup, as vectors are still  \nvalid when freeing the queues (+ both are freed within one function,  \nso it's not clear why nullify the pointers at all). \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"26 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-26T13:42:50.000000Z"}</description>
      <content:encoded>{"uuid": "c6b4098a-767e-4200-8e25-4385751e26d3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-44932", "type": "seen", "source": "https://t.me/cvedetector/4120", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-44932 - Linux Kernel idpf Use-After-Free Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-44932 \nPublished : Aug. 26, 2024, 11:15 a.m. | 21\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved:  \n  \nidpf: fix UAFs when destroying the queues  \n  \nThe second tagged commit started sometimes (very rarely, but possible)  \nthrowing WARNs from  \nnet/core/page_pool.c:page_pool_disable_direct_recycling().  \nTurned out idpf frees interrupt vectors with embedded NAPIs *before*  \nfreeing the queues making page_pools' NAPI pointers lead to freed  \nmemory before these pools are destroyed by libeth.  \nIt's not clear whether there are other accesses to the freed vectors  \nwhen destroying the queues, but anyway, we usually free queue/interrupt  \nvectors only when the queues are destroyed and the NAPIs are guaranteed  \nto not be referenced anywhere.  \n  \nInvert the allocation and freeing logic making queue/interrupt vectors  \nbe allocated first and freed last. Vectors don't require queues to be  \npresent, so this is safe. Additionally, this change allows to remove  \nthat useless queue-&amp;gt;q_vector pointer cleanup, as vectors are still  \nvalid when freeing the queues (+ both are freed within one function,  \nso it's not clear why nullify the pointers at all). \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"26 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-26T13:42:50.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/c6b4098a-767e-4200-8e25-4385751e26d3/export</guid>
      <pubDate>Mon, 26 Aug 2024 13:42:50 +0000</pubDate>
    </item>
    <item>
      <title>1384a0d1-eb14-40bc-a252-60d539ae08bb</title>
      <link>https://vulnerability.circl.lu/sighting/1384a0d1-eb14-40bc-a252-60d539ae08bb/export</link>
      <description>{"uuid": "1384a0d1-eb14-40bc-a252-60d539ae08bb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-44933", "type": "seen", "source": "https://t.me/cvedetector/4118", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-44933 - \"BNXT Linux Kernel Memory Out-of-Bounds Vulnerability\"\", \n  \"Content\": \"CVE ID : CVE-2024-44933 \nPublished : Aug. 26, 2024, 11:15 a.m. | 21\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved:  \n  \nbnxt_en : Fix memory out-of-bounds in bnxt_fill_hw_rss_tbl()  \n  \nA recent commit has modified the code in __bnxt_reserve_rings() to  \nset the default RSS indirection table to default only when the number  \nof RX rings is changing.  While this works for newer firmware that  \nrequires RX ring reservations, it causes the regression on older  \nfirmware not requiring RX ring resrvations (BNXT_NEW_RM() returns  \nfalse).  \n  \nWith older firmware, RX ring reservations are not required and so  \nhw_resc-&amp;gt;resv_rx_rings is not always set to the proper value.  The  \ncomparison:  \n  \nif (old_rx_rings != bp-&amp;gt;hw_resc.resv_rx_rings)  \n  \nin __bnxt_reserve_rings() may be false even when the RX rings are  \nchanging.  This will cause __bnxt_reserve_rings() to skip setting  \nthe default RSS indirection table to default to match the current  \nnumber of RX rings.  This may later cause bnxt_fill_hw_rss_tbl() to  \nuse an out-of-range index.  \n  \nWe already have bnxt_check_rss_tbl_no_rmgr() to handle exactly this  \nscenario.  We just need to move it up in bnxt_need_reserve_rings()  \nto be called unconditionally when using older firmware.  Without the  \nfix, if the TX rings are changing, we'll skip the  \nbnxt_check_rss_tbl_no_rmgr() call and __bnxt_reserve_rings() may also  \nskip the bnxt_set_dflt_rss_indir_tbl() call for the reason explained  \nin the last paragraph.  Without setting the default RSS indirection  \ntable to default, it causes the regression:  \n  \nBUG: KASAN: slab-out-of-bounds in __bnxt_hwrm_vnic_set_rss+0xb79/0xe40  \nRead of size 2 at addr ffff8881c5809618 by task ethtool/31525  \nCall Trace:  \n__bnxt_hwrm_vnic_set_rss+0xb79/0xe40  \n bnxt_hwrm_vnic_rss_cfg_p5+0xf7/0x460  \n __bnxt_setup_vnic_p5+0x12e/0x270  \n __bnxt_open_nic+0x2262/0x2f30  \n bnxt_open_nic+0x5d/0xf0  \n ethnl_set_channels+0x5d4/0xb30  \n ethnl_default_set_doit+0x2f1/0x620 \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"26 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-26T13:42:45.000000Z"}</description>
      <content:encoded>{"uuid": "1384a0d1-eb14-40bc-a252-60d539ae08bb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-44933", "type": "seen", "source": "https://t.me/cvedetector/4118", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-44933 - \"BNXT Linux Kernel Memory Out-of-Bounds Vulnerability\"\", \n  \"Content\": \"CVE ID : CVE-2024-44933 \nPublished : Aug. 26, 2024, 11:15 a.m. | 21\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved:  \n  \nbnxt_en : Fix memory out-of-bounds in bnxt_fill_hw_rss_tbl()  \n  \nA recent commit has modified the code in __bnxt_reserve_rings() to  \nset the default RSS indirection table to default only when the number  \nof RX rings is changing.  While this works for newer firmware that  \nrequires RX ring reservations, it causes the regression on older  \nfirmware not requiring RX ring resrvations (BNXT_NEW_RM() returns  \nfalse).  \n  \nWith older firmware, RX ring reservations are not required and so  \nhw_resc-&amp;gt;resv_rx_rings is not always set to the proper value.  The  \ncomparison:  \n  \nif (old_rx_rings != bp-&amp;gt;hw_resc.resv_rx_rings)  \n  \nin __bnxt_reserve_rings() may be false even when the RX rings are  \nchanging.  This will cause __bnxt_reserve_rings() to skip setting  \nthe default RSS indirection table to default to match the current  \nnumber of RX rings.  This may later cause bnxt_fill_hw_rss_tbl() to  \nuse an out-of-range index.  \n  \nWe already have bnxt_check_rss_tbl_no_rmgr() to handle exactly this  \nscenario.  We just need to move it up in bnxt_need_reserve_rings()  \nto be called unconditionally when using older firmware.  Without the  \nfix, if the TX rings are changing, we'll skip the  \nbnxt_check_rss_tbl_no_rmgr() call and __bnxt_reserve_rings() may also  \nskip the bnxt_set_dflt_rss_indir_tbl() call for the reason explained  \nin the last paragraph.  Without setting the default RSS indirection  \ntable to default, it causes the regression:  \n  \nBUG: KASAN: slab-out-of-bounds in __bnxt_hwrm_vnic_set_rss+0xb79/0xe40  \nRead of size 2 at addr ffff8881c5809618 by task ethtool/31525  \nCall Trace:  \n__bnxt_hwrm_vnic_set_rss+0xb79/0xe40  \n bnxt_hwrm_vnic_rss_cfg_p5+0xf7/0x460  \n __bnxt_setup_vnic_p5+0x12e/0x270  \n __bnxt_open_nic+0x2262/0x2f30  \n bnxt_open_nic+0x5d/0xf0  \n ethnl_set_channels+0x5d4/0xb30  \n ethnl_default_set_doit+0x2f1/0x620 \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"26 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-26T13:42:45.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/1384a0d1-eb14-40bc-a252-60d539ae08bb/export</guid>
      <pubDate>Mon, 26 Aug 2024 13:42:45 +0000</pubDate>
    </item>
    <item>
      <title>ba81de14-b615-4ce2-9c7d-2125beab91c5</title>
      <link>https://vulnerability.circl.lu/sighting/ba81de14-b615-4ce2-9c7d-2125beab91c5/export</link>
      <description>{"uuid": "ba81de14-b615-4ce2-9c7d-2125beab91c5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-44934", "type": "seen", "source": "https://t.me/cvedetector/4116", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-44934 - \"Fortinet Linux Kernel Bridge Multicast Use-After-Free Vulnerability\"\", \n  \"Content\": \"CVE ID : CVE-2024-44934 \nPublished : Aug. 26, 2024, 11:15 a.m. | 21\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved:  \n  \nnet: bridge: mcast: wait for previous gc cycles when removing port  \n  \nsyzbot hit a use-after-free[1] which is caused because the bridge doesn't  \nmake sure that all previous garbage has been collected when removing a  \nport. What happens is:  \n      CPU 1                   CPU 2  \n start gc cycle           remove port  \n                         acquire gc lock first  \n wait for lock  \n                         call br_multicasg_gc() directly  \n acquire lock now but    free port  \n the port can be freed  \n while grp timers still  \n running  \n  \nMake sure all previous gc cycles have finished by using flush_work before  \nfreeing the port.  \n  \n[1]  \n  BUG: KASAN: slab-use-after-free in br_multicast_port_group_expired+0x4c0/0x550 net/bridge/br_multicast.c:861  \n  Read of size 8 at addr ffff888071d6d000 by task syz.5.1232/9699  \n  \n  CPU: 1 PID: 9699 Comm: syz.5.1232 Not tainted 6.10.0-rc5-syzkaller-00021-g24ca36a562d6 #0  \n  Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024  \n  Call Trace:  \n     \n   __dump_stack lib/dump_stack.c:88 [inline]  \n   dump_stack_lvl+0x116/0x1f0 lib/dump_stack.c:114  \n   print_address_description mm/kasan/report.c:377 [inline]  \n   print_report+0xc3/0x620 mm/kasan/report.c:488  \n   kasan_report+0xd9/0x110 mm/kasan/report.c:601  \n   br_multicast_port_group_expired+0x4c0/0x550 net/bridge/br_multicast.c:861  \n   call_timer_fn+0x1a3/0x610 kernel/time/timer.c:1792  \n   expire_timers kernel/time/timer.c:1843 [inline]  \n   __run_timers+0x74b/0xaf0 kernel/time/timer.c:2417  \n   __run_timer_base kernel/time/timer.c:2428 [inline]  \n   __run_timer_base kernel/time/timer.c:2421 [inline]  \n   run_timer_base+0x111/0x190 kernel/time/timer.c:2437 \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"26 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-26T13:42:43.000000Z"}</description>
      <content:encoded>{"uuid": "ba81de14-b615-4ce2-9c7d-2125beab91c5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-44934", "type": "seen", "source": "https://t.me/cvedetector/4116", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-44934 - \"Fortinet Linux Kernel Bridge Multicast Use-After-Free Vulnerability\"\", \n  \"Content\": \"CVE ID : CVE-2024-44934 \nPublished : Aug. 26, 2024, 11:15 a.m. | 21\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved:  \n  \nnet: bridge: mcast: wait for previous gc cycles when removing port  \n  \nsyzbot hit a use-after-free[1] which is caused because the bridge doesn't  \nmake sure that all previous garbage has been collected when removing a  \nport. What happens is:  \n      CPU 1                   CPU 2  \n start gc cycle           remove port  \n                         acquire gc lock first  \n wait for lock  \n                         call br_multicasg_gc() directly  \n acquire lock now but    free port  \n the port can be freed  \n while grp timers still  \n running  \n  \nMake sure all previous gc cycles have finished by using flush_work before  \nfreeing the port.  \n  \n[1]  \n  BUG: KASAN: slab-use-after-free in br_multicast_port_group_expired+0x4c0/0x550 net/bridge/br_multicast.c:861  \n  Read of size 8 at addr ffff888071d6d000 by task syz.5.1232/9699  \n  \n  CPU: 1 PID: 9699 Comm: syz.5.1232 Not tainted 6.10.0-rc5-syzkaller-00021-g24ca36a562d6 #0  \n  Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024  \n  Call Trace:  \n     \n   __dump_stack lib/dump_stack.c:88 [inline]  \n   dump_stack_lvl+0x116/0x1f0 lib/dump_stack.c:114  \n   print_address_description mm/kasan/report.c:377 [inline]  \n   print_report+0xc3/0x620 mm/kasan/report.c:488  \n   kasan_report+0xd9/0x110 mm/kasan/report.c:601  \n   br_multicast_port_group_expired+0x4c0/0x550 net/bridge/br_multicast.c:861  \n   call_timer_fn+0x1a3/0x610 kernel/time/timer.c:1792  \n   expire_timers kernel/time/timer.c:1843 [inline]  \n   __run_timers+0x74b/0xaf0 kernel/time/timer.c:2417  \n   __run_timer_base kernel/time/timer.c:2428 [inline]  \n   __run_timer_base kernel/time/timer.c:2421 [inline]  \n   run_timer_base+0x111/0x190 kernel/time/timer.c:2437 \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"26 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-26T13:42:43.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/ba81de14-b615-4ce2-9c7d-2125beab91c5/export</guid>
      <pubDate>Mon, 26 Aug 2024 13:42:43 +0000</pubDate>
    </item>
  </channel>
</rss>
