{"vulnerability": "CVE-2024-4772", "sightings": [{"uuid": "3c9f5a05-e2e0-47a9-82e0-b3b955e554c6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47723", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-226-07", "content": "", "creation_timestamp": "2025-08-14T10:00:00.000000Z"}, {"uuid": "e83bbee7-2fbc-4390-8d9a-adf4c9953e86", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2024-47727", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0290/", "content": "", "creation_timestamp": "2026-03-13T00:00:00.000000Z"}, {"uuid": "a439e9fb-a221-4447-b19f-86a014a7121a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "c933734a-9be8-4142-889e-26e95c752803", "vulnerability": "CVE-2024-47726", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/816dcc8e-f25a-4895-9b59-1bbd9caeccb8", "content": "", "creation_timestamp": "2025-12-03T14:14:49.267740Z"}, {"uuid": "edd4ac6a-8fd0-4698-bb30-fe7372359fa6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "c933734a-9be8-4142-889e-26e95c752803", "vulnerability": "CVE-2024-47728", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/816dcc8e-f25a-4895-9b59-1bbd9caeccb8", "content": "", "creation_timestamp": "2025-12-03T14:14:49.267740Z"}, {"uuid": "2aae334c-4ab8-49ec-b530-8733fa80be35", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47726", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/4896", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-47726\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: In the Linux kernel, the following vulnerability has been resolved:\n\nf2fs: fix to wait dio completion\n\nIt should wait all existing dio write IOs before block removal,\notherwise, previous direct write IO may overwrite data in the\nblock which may be reused by other inode.\n\ud83d\udccf Published: 2024-10-21T12:13:59.615Z\n\ud83d\udccf Modified: 2025-02-21T13:45:09.147Z\n\ud83d\udd17 References:\n1. https://git.kernel.org/stable/c/f81302decd64245bb1bd154ecae0f65a9ee21f04\n2. https://git.kernel.org/stable/c/c2a7fc514637f640ff55c3f3e3ed879970814a3f\n3. https://git.kernel.org/stable/c/e3db757ff9b7101ae68650ac5f6dd5743b68164e\n4. https://git.kernel.org/stable/c/96cfeb0389530ae32ade8a48ae3ae1ac3b6c009d", "creation_timestamp": "2025-02-21T14:18:34.000000Z"}, {"uuid": "940ac310-0517-4d67-acde-5b4725a40f01", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2024-47728", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/", "content": "", "creation_timestamp": "2026-03-19T00:00:00.000000Z"}, {"uuid": "12a4a29a-9094-408f-b3b5-e7c02b6d5b27", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47721", "type": "seen", "source": "https://t.me/cvedetector/8459", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-47721 - Realtek Wi-Fi Out-of-bounds Read Vulnerability\", \n \"Content\": \"CVE ID : CVE-2024-47721 \nPublished : Oct. 21, 2024, 12:15 p.m. | 41\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved: \n \nwifi: rtw89: remove unused C2H event ID RTW89_MAC_C2H_FUNC_READ_WOW_CAM to prevent out-of-bounds reading \n \nThe handler of firmware C2H event RTW89_MAC_C2H_FUNC_READ_WOW_CAM isn't \nimplemented, but driver expects number of handlers is \nNUM_OF_RTW89_MAC_C2H_FUNC_WOW causing out-of-bounds access. Fix it by \nremoving ID. \n \nAddresses-Coverity-ID: 1598775 (\"Out-of-bounds read\") \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"21 Oct 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-21T15:09:42.000000Z"}, {"uuid": "ff71bd3d-c47c-43e0-be7a-cc5aaa2ca4d0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47720", "type": "seen", "source": "https://t.me/cvedetector/8457", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-47720 - AMD display driver null pointer dereference vulnerability\", \n \"Content\": \"CVE ID : CVE-2024-47720 \nPublished : Oct. 21, 2024, 12:15 p.m. | 41\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved: \n \ndrm/amd/display: Add null check for set_output_gamma in dcn30_set_output_transfer_func \n \nThis commit adds a null check for the set_output_gamma function pointer \nin the dcn30_set_output_transfer_func function. Previously, \nset_output_gamma was being checked for nullity at line 386, but then it \nwas being dereferenced without any nullity check at line 401. This \ncould potentially lead to a null pointer dereference error if \nset_output_gamma is indeed null. \n \nTo fix this, we now ensure that set_output_gamma is not null before \ndereferencing it. We do this by adding a nullity check for \nset_output_gamma before the call to set_output_gamma at line 401. If \nset_output_gamma is null, we log an error message and do not call the \nfunction. \n \nThis fix prevents a potential null pointer dereference error. \n \ndrivers/gpu/drm/amd/amdgpu/../display/dc/hwss/dcn30/dcn30_hwseq.c:401 dcn30_set_output_transfer_func() \nerror: we previously assumed 'mpc->funcs->set_output_gamma' could be null (see line 386) \n \ndrivers/gpu/drm/amd/amdgpu/../display/dc/hwss/dcn30/dcn30_hwseq.c \n 373 bool dcn30_set_output_transfer_func(struct dc *dc, \n 374 struct pipe_ctx *pipe_ctx, \n 375 const struct dc_stream_state *stream) \n 376 { \n 377 int mpcc_id = pipe_ctx->plane_res.hubp->inst; \n 378 struct mpc *mpc = pipe_ctx->stream_res.opp->ctx->dc->res_pool->mpc; \n 379 const struct pwl_params *params = NULL; \n 380 bool ret = false; \n 381 \n 382 /* program OGAM or 3DLUT only for the top pipe*/ \n 383 if (pipe_ctx->top_pipe == NULL) { \n 384 /*program rmu shaper and 3dlut in MPC*/ \n 385 ret = dcn30_set_mpc_shaper_3dlut(pipe_ctx, stream); \n 386 if (ret == false && mpc->funcs->set_output_gamma) { \n ^^^^^^^^^^^^^^^^^^^^^^^^^^^^ If this is NULL \n \n 387 if (stream->out_transfer_func.type == TF_TYPE_HWPWL) \n 388 params = &stream->out_transfer_func.pwl; \n 389 else if (pipe_ctx->stream->out_transfer_func.type == \n 390 TF_TYPE_DISTRIBUTED_POINTS && \n 391 cm3_helper_translate_curve_to_hw_format( \n 392 &stream->out_transfer_func, \n 393 &mpc->blender_params, false)) \n 394 params = &mpc->blender_params; \n 395 /* there are no ROM LUTs in OUTGAM */ \n 396 if (stream->out_transfer_func.type == TF_TYPE_PREDEFINED) \n 397 BREAK_TO_DEBUGGER(); \n 398 } \n 399 } \n 400 \n--> 401 mpc->funcs->set_output_gamma(mpc, mpcc_id, params); \n ^^^^^^^^^^^^^^^^^^^^^^^^^^^^ Then it will crash \n \n 402 return ret; \n 403 } \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"21 Oct 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-21T15:09:38.000000Z"}, {"uuid": "085b4d07-a21f-421d-8998-0e418fc8adc9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47726", "type": "seen", "source": "Telegram/hjMsE_X6QMSv9aBxyWUUaCWvpnvLdpWDXOnR9z_UmGt2ia9l", "content": "", "creation_timestamp": "2025-02-21T22:10:23.000000Z"}]}