{"vulnerability": "CVE-2024-4106", "sightings": [{"uuid": "8f845a73-5b11-4fad-8511-24143be31e26", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2024-41062", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/", "content": "", "creation_timestamp": "2026-03-19T00:00:00.000000Z"}, {"uuid": "72eea91e-bd65-4d15-b9c0-69a43e7f1afa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41065", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-226-07", "content": "", "creation_timestamp": "2025-08-14T10:00:00.000000Z"}, {"uuid": "cded7e75-1ff1-4326-8b91-c52cb9d69a65", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41063", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-226-07", "content": "", "creation_timestamp": "2025-08-14T10:00:00.000000Z"}, {"uuid": "3f6833b3-1345-451a-b933-6d47289c7dd3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41064", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-226-07", "content": "", "creation_timestamp": "2025-08-14T10:00:00.000000Z"}, {"uuid": "8b0414cb-d947-4c32-aa4c-742d4c9d589e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41068", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-226-07", "content": "", "creation_timestamp": "2025-08-14T10:00:00.000000Z"}, {"uuid": "828833f6-57ed-4378-804f-34542d155daa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2024-41067", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/", "content": "", "creation_timestamp": "2026-03-19T00:00:00.000000Z"}, {"uuid": "981c13dd-e000-4b30-8cd4-798d7f4a091b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2024-41069", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/", "content": "", "creation_timestamp": "2026-03-19T00:00:00.000000Z"}, {"uuid": "92192cff-a73b-487d-a848-a0fb65074007", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "c933734a-9be8-4142-889e-26e95c752803", "vulnerability": "CVE-2024-41069", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/816dcc8e-f25a-4895-9b59-1bbd9caeccb8", "content": "", "creation_timestamp": "2025-12-03T14:14:49.267740Z"}, {"uuid": "ee7f25ce-5c36-49c7-b350-b4937d3f2565", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "c933734a-9be8-4142-889e-26e95c752803", "vulnerability": "CVE-2024-41060", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/816dcc8e-f25a-4895-9b59-1bbd9caeccb8", "content": "", "creation_timestamp": "2025-12-03T14:14:49.267740Z"}, {"uuid": "532c6f37-03bd-4306-9352-488d91b26fee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "c933734a-9be8-4142-889e-26e95c752803", "vulnerability": "CVE-2024-41067", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/816dcc8e-f25a-4895-9b59-1bbd9caeccb8", "content": "", "creation_timestamp": "2025-12-03T14:14:49.267740Z"}, {"uuid": "9c4cadae-2f2b-4ff0-8bbf-a114ae23af23", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41064", "type": "seen", "source": "https://t.me/cvedetector/1868", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-41064 - IBM PowerPC Linux Kernel Double Free Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-41064 \nPublished : July 29, 2024, 3:15 p.m. | 35\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved:  \n  \npowerpc/eeh: avoid possible crash when edev->pdev changes  \n  \nIf a PCI device is removed during eeh_pe_report_edev(), edev->pdev  \nwill change and can cause a crash, hold the PCI rescan/remove lock  \nwhile taking a copy of edev->pdev->bus. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"29 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-29T17:58:13.000000Z"}, {"uuid": "21a9497c-1cd6-4f6e-8da6-e69c80ea48bb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "c933734a-9be8-4142-889e-26e95c752803", "vulnerability": "CVE-2024-41062", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/816dcc8e-f25a-4895-9b59-1bbd9caeccb8", "content": "", "creation_timestamp": "2025-12-03T14:14:49.267740Z"}, {"uuid": "e93fbef9-e2e7-48e2-b5c2-6abf06930b9f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "c933734a-9be8-4142-889e-26e95c752803", "vulnerability": "CVE-2024-41066", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/816dcc8e-f25a-4895-9b59-1bbd9caeccb8", "content": "", "creation_timestamp": "2025-12-03T14:14:49.267740Z"}, {"uuid": "e1c1f79a-5c24-4bb8-994d-39a52d6f1ff3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41061", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/1948", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-41061\n\ud83d\udd39 Description: In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Fix array-index-out-of-bounds in dml2/FCLKChangeSupport\n\n[Why]\nPotential out of bounds access in dml2_calculate_rq_and_dlg_params()\nbecause the value of out_lowest_state_idx used as an index for FCLKChangeSupport\narray can be greater than 1.\n\n[How]\nCurrently dml2 core specifies identical values for all FCLKChangeSupport\nelements. Always use index 0 in the condition to avoid out of bounds access.\n\ud83d\udccf Published: 2024-07-29T14:57:23.459Z\n\ud83d\udccf Modified: 2025-01-16T11:53:10.531Z\n\ud83d\udd17 References:\n1. https://git.kernel.org/stable/c/94166fe12543fbef122ca2d093e794ea41073a85\n2. https://git.kernel.org/stable/c/0ad4b4a2f6357c45fbe444ead1a929a0b4017d03", "creation_timestamp": "2025-01-16T12:55:42.000000Z"}, {"uuid": "f6598d6c-694e-4491-9ca5-4d070d6c7426", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41069", "type": "seen", "source": "https://t.me/cvedetector/1871", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-41069 - Linux kernel ASoC Memory Reference Leak Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-41069 \nPublished : July 29, 2024, 3:15 p.m. | 35\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved:  \n  \nASoC: topology: Fix references to freed memory  \n  \nMost users after parsing a topology file, release memory used by it, so  \nhaving pointer references directly into topology file contents is wrong.  \nUse devm_kmemdup(), to allocate memory as needed. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"29 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-29T17:58:16.000000Z"}, {"uuid": "64ca9166-b301-4539-8a7c-2ba7d4cc365a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41062", "type": "seen", "source": "https://t.me/cvedetector/1866", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-41062 - \"Bluetooth Linux kernel L2CAP Sock Access Vulnerability\"\", \n  \"Content\": \"CVE ID : CVE-2024-41062 \nPublished : July 29, 2024, 3:15 p.m. | 35\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved:  \n  \nbluetooth/l2cap: sync sock recv cb and release  \n  \nThe problem occurs between the system call to close the sock and hci_rx_work,  \nwhere the former releases the sock and the latter accesses it without lock protection.  \n  \n           CPU0                       CPU1  \n           ----                       ----  \n           sock_close                 hci_rx_work  \n    l2cap_sock_release         hci_acldata_packet  \n    l2cap_sock_kill            l2cap_recv_frame  \n    sk_free                    l2cap_conless_channel  \n                               l2cap_sock_recv_cb  \n  \nIf hci_rx_work processes the data that needs to be received before the sock is  \nclosed, then everything is normal; Otherwise, the work thread may access the  \nreleased sock when receiving data.  \n  \nAdd a chan mutex in the rx callback of the sock to achieve synchronization between  \nthe sock release and recv cb.  \n  \nSock is dead, so set chan data to NULL, avoid others use invalid sock pointer. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"29 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-29T17:58:11.000000Z"}, {"uuid": "5a0c32c4-e807-4ef6-9f11-29e7a616fec7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41066", "type": "seen", "source": "https://t.me/cvedetector/1865", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-41066 - \"IBMvnic skb Leak Prevention\"\", \n  \"Content\": \"CVE ID : CVE-2024-41066 \nPublished : July 29, 2024, 3:15 p.m. | 35\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved:  \n  \nibmvnic: Add tx check to prevent skb leak  \n  \nBelow is a summary of how the driver stores a reference to an skb during  \ntransmit:  \n    tx_buff[free_map[consumer_index]]->skb = new_skb;  \n    free_map[consumer_index] = IBMVNIC_INVALID_MAP;  \n    consumer_index ++;  \nWhere variable data looks like this:  \n    free_map == [4, IBMVNIC_INVALID_MAP, IBMVNIC_INVALID_MAP, 0, 3]  \n                                                consumer_index^  \n    tx_buff == [skb=null, skb=, skb=, skb=null, skb=null]  \n  \nThe driver has checks to ensure that free_map[consumer_index] pointed to  \na valid index but there was no check to ensure that this index pointed  \nto an unused/null skb address. So, if, by some chance, our free_map and  \ntx_buff lists become out of sync then we were previously risking an  \nskb memory leak. This could then cause tcp congestion control to stop  \nsending packets, eventually leading to ETIMEDOUT.  \n  \nTherefore, add a conditional to ensure that the skb address is null. If  \nnot then warn the user (because this is still a bug that should be  \npatched) and free the old pointer to prevent memleak/tcp problems. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"29 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-29T17:58:10.000000Z"}]}