{"vulnerability": "CVE-2024-50059", "sightings": [{"uuid": "ed164160-e9f1-49b7-9cab-4fc05b744f86", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50059", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-226-07", "content": "", "creation_timestamp": "2025-08-14T10:00:00.000000Z"}, {"uuid": "cd0111d6-7d7a-4614-9e98-f23fecedf429", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50059", "type": "seen", "source": "https://t.me/cvedetector/8548", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-50059 - Linux Kernel ntb: Switchtec NTB Use After Free Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-50059 \nPublished : Oct. 21, 2024, 8:15 p.m. | 16\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved:  \n  \nntb: ntb_hw_switchtec: Fix use after free vulnerability in switchtec_ntb_remove due to race condition  \n  \nIn the switchtec_ntb_add function, it can call switchtec_ntb_init_sndev  \nfunction, then &sndev->check_link_status_work is bound with  \ncheck_link_status_work. switchtec_ntb_link_notification may be called  \nto start the work.  \n  \nIf we remove the module which will call switchtec_ntb_remove to make  \ncleanup, it will free sndev through kfree(sndev), while the work  \nmentioned above will be used. The sequence of operations that may lead  \nto a UAF bug is as follows:  \n  \nCPU0                                 CPU1  \n  \n                        | check_link_status_work  \nswitchtec_ntb_remove    |  \nkfree(sndev);           |  \n                        | if (sndev->link_force_down)  \n                        | // use sndev  \n  \nFix it by ensuring that the work is canceled before proceeding with  \nthe cleanup in switchtec_ntb_remove. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"21 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-21T22:42:56.000000Z"}]}