{"vulnerability": "CVE-2024-3588", "sightings": [{"uuid": "45c00c8e-6e09-4e7b-a124-d9c9eb02f368", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-35880", "type": "seen", "source": "https://bsky.app/profile/buherator.bsky.social/post/3ljhgmnwwpm22", "content": "", "creation_timestamp": "2025-03-03T07:31:34.127364Z"}, {"uuid": "53c27c9b-d9e2-4933-bd37-14da25bfe87d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-35880", "type": "seen", "source": "https://bsky.app/profile/0xor0ne.bsky.social/post/3lo4gjc5bkk2f", "content": "", "creation_timestamp": "2025-05-01T13:36:25.432639Z"}, {"uuid": "b8391948-90b2-4b8b-871f-2930083d99f2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "c933734a-9be8-4142-889e-26e95c752803", "vulnerability": "CVE-2024-35887", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/816dcc8e-f25a-4895-9b59-1bbd9caeccb8", "content": "", "creation_timestamp": "2025-12-03T14:14:49.267740Z"}, {"uuid": "359d46e3-2803-43a1-8e8d-79b0bfc489dc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-35883", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/14739", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-35883\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: In the Linux kernel, the following vulnerability has been resolved:\n\nspi: mchp-pci1xxx: Fix a possible null pointer dereference in pci1xxx_spi_probe\n\nIn function pci1xxxx_spi_probe, there is a potential null pointer that\nmay be caused by a failed memory allocation by the function devm_kzalloc.\nHence, a null pointer check needs to be added to prevent null pointer\ndereferencing later in the code.\n\nTo fix this issue, spi_bus->spi_int[iter] should be checked. The memory\nallocated by devm_kzalloc will be automatically released, so just directly\nreturn -ENOMEM without worrying about memory leaks.\n\ud83d\udccf Published: 2024-05-19T08:34:40.035Z\n\ud83d\udccf Modified: 2025-05-04T09:07:32.530Z\n\ud83d\udd17 References:\n1. https://git.kernel.org/stable/c/4b31a226097cf8cc3c9de5e855d97757fdb2bf06\n2. https://git.kernel.org/stable/c/95e5d9eb26705a9a76d2ef8bcba9ee2e195d653d\n3. https://git.kernel.org/stable/c/1f886a7bfb3faf4c1021e73f045538008ce7634e", "creation_timestamp": "2025-05-04T09:17:45.000000Z"}, {"uuid": "193a1109-a044-47fc-9eb9-9708aebce50b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-35885", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/14738", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-35885\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: In the Linux kernel, the following vulnerability has been resolved:\n\nmlxbf_gige: stop interface during shutdown\n\nThe mlxbf_gige driver intermittantly encounters a NULL pointer\nexception while the system is shutting down via \"reboot\" command.\nThe mlxbf_driver will experience an exception right after executing\nits shutdown() method.  One example of this exception is:\n\nUnable to handle kernel NULL pointer dereference at virtual address 0000000000000070\nMem abort info:\n  ESR = 0x0000000096000004\n  EC = 0x25: DABT (current EL), IL = 32 bits\n  SET = 0, FnV = 0\n  EA = 0, S1PTW = 0\n  FSC = 0x04: level 0 translation fault\nData abort info:\n  ISV = 0, ISS = 0x00000004\n  CM = 0, WnR = 0\nuser pgtable: 4k pages, 48-bit VAs, pgdp=000000011d373000\n[0000000000000070] pgd=0000000000000000, p4d=0000000000000000\nInternal error: Oops: 96000004 [#1] SMP\nCPU: 0 PID: 13 Comm: ksoftirqd/0 Tainted: G S         OE     5.15.0-bf.6.gef6992a #1\nHardware name: https://www.mellanox.com BlueField SoC/BlueField SoC, BIOS 4.0.2.12669 Apr 21 2023\npstate: 20400009 (nzCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\npc : mlxbf_gige_handle_tx_complete+0xc8/0x170 [mlxbf_gige]\nlr : mlxbf_gige_poll+0x54/0x160 [mlxbf_gige]\nsp : ffff8000080d3c10\nx29: ffff8000080d3c10 x28: ffffcce72cbb7000 x27: ffff8000080d3d58\nx26: ffff0000814e7340 x25: ffff331cd1a05000 x24: ffffcce72c4ea008\nx23: ffff0000814e4b40 x22: ffff0000814e4d10 x21: ffff0000814e4128\nx20: 0000000000000000 x19: ffff0000814e4a80 x18: ffffffffffffffff\nx17: 000000000000001c x16: ffffcce72b4553f4 x15: ffff80008805b8a7\nx14: 0000000000000000 x13: 0000000000000030 x12: 0101010101010101\nx11: 7f7f7f7f7f7f7f7f x10: c2ac898b17576267 x9 : ffffcce720fa5404\nx8 : ffff000080812138 x7 : 0000000000002e9a x6 : 0000000000000080\nx5 : ffff00008de3b000 x4 : 0000000000000000 x3 : 0000000000000001\nx2 : 0000000000000000 x1 : 0000000000000000 x0 : 0000000000000000\nCall trace:\n mlxbf_gige_handle_tx_complete+0xc8/0x170 [mlxbf_gige]\n mlxbf_gige_poll+0x54/0x160 [mlxbf_gige]\n __napi_poll+0x40/0x1c8\n net_rx_action+0x314/0x3a0\n __do_softirq+0x128/0x334\n run_ksoftirqd+0x54/0x6c\n smpboot_thread_fn+0x14c/0x190\n kthread+0x10c/0x110\n ret_from_fork+0x10/0x20\nCode: 8b070000 f9000ea0 f95056c0 f86178a1 (b9407002)\n---[ end trace 7cc3941aa0d8e6a4 ]---\nKernel panic - not syncing: Oops: Fatal exception in interrupt\nKernel Offset: 0x4ce722520000 from 0xffff800008000000\nPHYS_OFFSET: 0x80000000\nCPU features: 0x000005c1,a3330e5a\nMemory Limit: none\n---[ end Kernel panic - not syncing: Oops: Fatal exception in interrupt ]---\n\nDuring system shutdown, the mlxbf_gige driver's shutdown() is always executed.\nHowever, the driver's stop() method will only execute if networking interface\nconfiguration logic within the Linux distribution has been setup to do so.\n\nIf shutdown() executes but stop() does not execute, NAPI remains enabled\nand this can lead to an exception if NAPI is scheduled while the hardware\ninterface has only been partially deinitialized.\n\nThe networking interface managed by the mlxbf_gige driver must be properly\nstopped during system shutdown so that IFF_UP is cleared, the hardware\ninterface is put into a clean state, and NAPI is fully deinitialized.\n\ud83d\udccf Published: 2024-05-19T08:34:41.873Z\n\ud83d\udccf Modified: 2025-05-04T09:07:35.129Z\n\ud83d\udd17 References:\n1. https://git.kernel.org/stable/c/63a10b530e22cc923008b5925821c26872f37971\n2. https://git.kernel.org/stable/c/80247e0eca14ff177d565f58ecd3010f6b7910a4\n3. https://git.kernel.org/stable/c/36a1cb0371aa6f0698910ee70cb4ed3c349f4fa4\n4. https://git.kernel.org/stable/c/9783b3b0e71d704949214a8f76468f591a31f3f5\n5. https://git.kernel.org/stable/c/09ba28e1cd3cf715daab1fca6e1623e22fd754a6", "creation_timestamp": "2025-05-04T09:17:45.000000Z"}, {"uuid": "78dcb467-2d38-4a3f-9e52-926a11f77077", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-35880", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/14741", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-35880\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: In the Linux kernel, the following vulnerability has been resolved:\n\nio_uring/kbuf: hold io_buffer_list reference over mmap\n\nIf we look up the kbuf, ensure that it doesn't get unregistered until\nafter we're done with it. Since we're inside mmap, we cannot safely use\nthe io_uring lock. Rely on the fact that we can lookup the buffer list\nunder RCU now and grab a reference to it, preventing it from being\nunregistered until we're done with it. The lookup returns the\nio_buffer_list directly with it referenced.\n\ud83d\udccf Published: 2024-05-19T08:34:37.262Z\n\ud83d\udccf Modified: 2025-05-04T09:07:30.099Z\n\ud83d\udd17 References:\n1. https://git.kernel.org/stable/c/65938e81df2197203bda4b9a0c477e7987218d66\n2. https://git.kernel.org/stable/c/5fd8e2359498043e0b5329a05f02d10a9eb91eb9\n3. https://git.kernel.org/stable/c/561e4f9451d65fc2f7eef564e0064373e3019793", "creation_timestamp": "2025-05-04T09:17:47.000000Z"}, {"uuid": "86d90b27-f66d-46f6-9ba9-9fa18b76659c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-35882", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/14740", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-35882\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: In the Linux kernel, the following vulnerability has been resolved:\n\nSUNRPC: Fix a slow server-side memory leak with RPC-over-TCP\n\nJan Schunk reports that his small NFS servers suffer from memory\nexhaustion after just a few days. A bisect shows that commit\ne18e157bb5c8 (\"SUNRPC: Send RPC message on TCP with a single\nsock_sendmsg() call\") is the first bad commit.\n\nThat commit assumed that sock_sendmsg() releases all the pages in\nthe underlying bio_vec array, but the reality is that it doesn't.\nsvc_xprt_release() releases the rqst's response pages, but the\nrecord marker page fragment isn't one of those, so it is never\nreleased.\n\nThis is a narrow fix that can be applied to stable kernels. A\nmore extensive fix is in the works.\n\ud83d\udccf Published: 2024-05-19T08:34:39.185Z\n\ud83d\udccf Modified: 2025-05-04T09:07:31.310Z\n\ud83d\udd17 References:\n1. https://git.kernel.org/stable/c/1ba1291172f935e6b6fe703161a948f3347400b8\n2. https://git.kernel.org/stable/c/a2ebedf7bcd17a1194a0a18122c885eb578ee882\n3. https://git.kernel.org/stable/c/05258a0a69b3c5d2c003f818702c0a52b6fea861", "creation_timestamp": "2025-05-04T09:17:47.000000Z"}, {"uuid": "77cf1fac-7eb9-4513-a1a0-456772e5c4e9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-35880", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/11924", "content": "#exploit\n1. CVE-2025-27636, CVE-2025-29891:\nApache Camel RCE PoC/Detection\n\n2. CVE-2024-0760:\nDoS in ISC BIND DNS\n\n3. CVE-2025-24813:\nApache Tomcat RCE\n\n4. CVE-2015-0009:\nSMB Security Feature Bypass (SMB Signing)\n\n5. CVE-2024-0582, CVE-2024-35880:\nA Series of io_uring pbuf Vulnerabilities", "creation_timestamp": "2025-03-13T23:40:19.000000Z"}]}