{"vulnerability": "CVE-2022-4884", "sightings": [{"uuid": "66450148-08c2-490f-adf6-42c2e5aa4f65", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-48849", "type": "seen", "source": "https://t.me/cvedetector/968", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2022-48849 - AMDgpu Tiling Flag Check Bypass Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2022-48849 \nPublished : July 16, 2024, 1:15 p.m. | 37\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved:  \n  \ndrm/amdgpu: bypass tiling flag check in virtual display case (v2)  \n  \nvkms leverages common amdgpu framebuffer creation, and  \nalso as it does not support FB modifier, there is no need  \nto check tiling flags when initing framebuffer when virtual  \ndisplay is enabled.  \n  \nThis can fix below calltrace:  \n  \namdgpu 0000:00:08.0: GFX9+ requires FB check based on format modifier  \nWARNING: CPU: 0 PID: 1023 at drivers/gpu/drm/amd/amdgpu/amdgpu_display.c:1150 amdgpu_display_framebuffer_init+0x8e7/0xb40 [amdgpu]  \n  \nv2: check adev->enable_virtual_display instead as vkms can be  \n enabled in bare metal as well. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"16 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-16T16:17:13.000000Z"}, {"uuid": "85d5cf57-5e32-4fd1-bd9a-b21489243f3d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "c933734a-9be8-4142-889e-26e95c752803", "vulnerability": "CVE-2022-48844", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/816dcc8e-f25a-4895-9b59-1bbd9caeccb8", "content": "", "creation_timestamp": "2025-12-03T14:14:49.267740Z"}, {"uuid": "59877639-002a-4e1e-9bf9-1f0a10f61d97", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-48848", "type": "seen", "source": "https://t.me/cvedetector/962", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2022-48848 - Linux Kernel trace-cmd Tracepoint Unregister Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2022-48848 \nPublished : July 16, 2024, 1:15 p.m. | 37\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved:  \n  \ntracing/osnoise: Do not unregister events twice  \n  \nNicolas reported that using:  \n  \n # trace-cmd record -e all -M 10 -p osnoise --poll  \n  \nResulted in the following kernel warning:  \n  \n ------------[ cut here ]------------  \n WARNING: CPU: 0 PID: 1217 at kernel/tracepoint.c:404 tracepoint_probe_unregister+0x280/0x370  \n [...]  \n CPU: 0 PID: 1217 Comm: trace-cmd Not tainted 5.17.0-rc6-next-20220307-nico+ #19  \n RIP: 0010:tracepoint_probe_unregister+0x280/0x370  \n [...]  \n CR2: 00007ff919b29497 CR3: 0000000109da4005 CR4: 0000000000170ef0  \n Call Trace:  \n    \n  osnoise_workload_stop+0x36/0x90  \n  tracing_set_tracer+0x108/0x260  \n  tracing_set_trace_write+0x94/0xd0  \n  ? __check_object_size.part.0+0x10a/0x150  \n  ? selinux_file_permission+0x104/0x150  \n  vfs_write+0xb5/0x290  \n  ksys_write+0x5f/0xe0  \n  do_syscall_64+0x3b/0x90  \n  entry_SYSCALL_64_after_hwframe+0x44/0xae  \n RIP: 0033:0x7ff919a18127  \n [...]  \n ---[ end trace 0000000000000000 ]---  \n  \nThe warning complains about an attempt to unregister an  \nunregistered tracepoint.  \n  \nThis happens on trace-cmd because it first stops tracing, and  \nthen switches the tracer to nop. Which is equivalent to:  \n  \n  # cd /sys/kernel/tracing/  \n  # echo osnoise > current_tracer  \n  # echo 0 > tracing_on  \n  # echo nop > current_tracer  \n  \nThe osnoise tracer stops the workload when no trace instance  \nis actually collecting data. This can be caused both by  \ndisabling tracing or disabling the tracer itself.  \n  \nTo avoid unregistering events twice, use the existing  \ntrace_osnoise_callback_enabled variable to check if the events  \n(and the workload) are actually active before trying to  \ndeactivate them. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"16 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-16T16:17:04.000000Z"}, {"uuid": "6b97ca01-8e88-47ca-9227-f1b425e6fde6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-4884", "type": "seen", "source": "https://t.me/cibsecurity/56165", "content": "\u203c CVE-2022-4884 \u203c\n\nPath-Traversal in MKP storing in Tribe29 Checkmk <=2.0.0p32 and <= 2.1.0p18 allows an administrator to write mkp files to arbitrary locations via a malicious mkp file.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-01-09T22:11:17.000000Z"}]}