{"vulnerability": "CVE-2024-5015", "sightings": [{"uuid": "ff066205-7b8e-4439-b580-1ec258eb4fd3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50150", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113441114370633567", "content": "", "creation_timestamp": "2024-11-07T10:07:15.866798Z"}, {"uuid": "1c541fcf-2db2-4368-a8d7-453a7ba81b16", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50151", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113441173371221215", "content": "", "creation_timestamp": "2024-11-07T10:22:15.981563Z"}, {"uuid": "7714f897-6fa7-4e59-aaca-22a41e9a437e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50152", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113441173386671955", "content": "", "creation_timestamp": "2024-11-07T10:22:16.236536Z"}, {"uuid": "fd7118e6-576a-45b9-8ceb-e204803bfb1e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50153", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113441173400665037", "content": "", "creation_timestamp": "2024-11-07T10:22:16.434299Z"}, {"uuid": "78012276-0185-49c8-aeb3-d1d3008a6081", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50154", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113441173414751479", "content": "", "creation_timestamp": "2024-11-07T10:22:16.682640Z"}, {"uuid": "04d2902d-7803-4905-841d-37a98c861885", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50155", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113441232416925005", "content": "", "creation_timestamp": "2024-11-07T10:37:17.011905Z"}, {"uuid": "26cc8bfa-b929-418c-ba34-348185262fc9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50156", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113441232433416909", "content": "", "creation_timestamp": "2024-11-07T10:37:17.231362Z"}, {"uuid": "30ec3ec5-e1ce-44da-9b97-951d06681756", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50157", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113441232448624767", "content": "", "creation_timestamp": "2024-11-07T10:37:17.471205Z"}, {"uuid": "7708ee98-64f6-4598-9a17-35d0283b670c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50158", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113441232463736752", "content": "", "creation_timestamp": "2024-11-07T10:37:17.765288Z"}, {"uuid": "f486421f-6222-43f5-b3f0-579fc77e348f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50159", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113441291467025906", "content": "", "creation_timestamp": "2024-11-07T10:52:17.980599Z"}, {"uuid": "fd553e88-60be-47dc-8184-aa1e8e0071a5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50156", "type": "seen", "source": "https://t.me/cvedetector/10079", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-50156 - Android MSM DRM Null Pointer Dereference Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-50156 \nPublished : Nov. 7, 2024, 10:15 a.m. | 34\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved:  \n  \ndrm/msm: Avoid NULL dereference in msm_disp_state_print_regs()  \n  \nIf the allocation in msm_disp_state_dump_regs() failed then  \n`block->state` can be NULL. The msm_disp_state_print_regs() function  \n_does_ have code to try to handle it with:  \n  \n  if (*reg)  \n    dump_addr = *reg;  \n  \n...but since \"dump_addr\" is initialized to NULL the above is actually  \na noop. The code then goes on to dereference `dump_addr`.  \n  \nMake the function print \"Registers not stored\" when it sees a NULL to  \nsolve this. Since we're touching the code, fix  \nmsm_disp_state_print_regs() not to pointlessly take a double-pointer  \nand properly mark the pointer as `const`.  \n  \nPatchwork:  \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"07 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-07T11:54:38.000000Z"}, {"uuid": "e7262eec-cb04-49e9-a808-4128b54d7761", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50158", "type": "seen", "source": "https://t.me/cvedetector/10067", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-50158 - \"Intel RDMA Network Interface bnxt_re Out-of-Bounds Write Vulnerability\"\", \n  \"Content\": \"CVE ID : CVE-2024-50158 \nPublished : Nov. 7, 2024, 10:15 a.m. | 34\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved:  \n  \nRDMA/bnxt_re: Fix out of bound check  \n  \nDriver exports pacing stats only on GenP5 and P7 adapters. But while  \nparsing the pacing stats, driver has a check for \"rdev->dbr_pacing\".  This  \ncaused a trace when KASAN is enabled.  \n  \nBUG: KASAN: slab-out-of-bounds in bnxt_re_get_hw_stats+0x2b6a/0x2e00 [bnxt_re]  \nWrite of size 8 at addr ffff8885942a6340 by task modprobe/4809 \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"07 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-07T11:54:23.000000Z"}, {"uuid": "f69a64ce-8a6c-4ef3-a4fe-3ebe4104d5e9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50157", "type": "seen", "source": "https://t.me/cvedetector/10078", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-50157 - \"IBM Networking: CPU Lockup Vulnerability\"\", \n  \"Content\": \"CVE ID : CVE-2024-50157 \nPublished : Nov. 7, 2024, 10:15 a.m. | 34\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved:  \n  \nRDMA/bnxt_re: Avoid CPU lockups due fifo occupancy check loop  \n  \nDriver waits indefinitely for the fifo occupancy to go below a threshold  \nas soon as the pacing interrupt is received. This can cause soft lockup on  \none of the processors, if the rate of DB is very high.  \n  \nAdd a loop count for FPGA and exit the __wait_for_fifo_occupancy_below_th  \nif the loop is taking more time. Pacing will be continuing until the  \noccupancy is below the threshold. This is ensured by the checks in  \nbnxt_re_pacing_timer_exp and further scheduling the work for pacing based  \non the fifo occupancy. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"07 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-07T11:54:38.000000Z"}, {"uuid": "e3497c7e-d15a-44c4-bb32-3bd5a9720de6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50155", "type": "seen", "source": "https://t.me/cvedetector/10073", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-50155 - Apache Netdevsim Kernel Use After Free\", \n  \"Content\": \"CVE ID : CVE-2024-50155 \nPublished : Nov. 7, 2024, 10:15 a.m. | 34\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved:  \n  \nnetdevsim: use cond_resched() in nsim_dev_trap_report_work()  \n  \nI am still seeing many syzbot reports hinting that syzbot  \nmight fool nsim_dev_trap_report_work() with hundreds of ports [1]  \n  \nLets use cond_resched(), and system_unbound_wq  \ninstead of implicit system_wq.  \n  \n[1]  \nINFO: task syz-executor:20633 blocked for more than 143 seconds.  \n      Not tainted 6.12.0-rc2-syzkaller-00205-g1d227fcc7222 #0  \n\"echo 0 > /proc/sys/kernel/hung_task_timeout_secs\" disables this message.  \ntask:syz-executor    state:D stack:25856 pid:20633 tgid:20633 ppid:1      flags:0x00004006  \n...  \nNMI backtrace for cpu 1  \nCPU: 1 UID: 0 PID: 16760 Comm: kworker/1:0 Not tainted 6.12.0-rc2-syzkaller-00205-g1d227fcc7222 #0  \nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024  \nWorkqueue: events nsim_dev_trap_report_work  \n RIP: 0010:__sanitizer_cov_trace_pc+0x0/0x70 kernel/kcov.c:210  \nCode: 89 fb e8 23 00 00 00 48 8b 3d 04 fb 9c 0c 48 89 de 5b e9 c3 c7 5d 00 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90  0f 1e fa 48 8b 04 24 65 48 8b 0c 25 c0 d7 03 00 65 8b 15 60 f0  \nRSP: 0018:ffffc90000a187e8 EFLAGS: 00000246  \nRAX: 0000000000000100 RBX: ffffc90000a188e0 RCX: ffff888027d3bc00  \nRDX: ffff888027d3bc00 RSI: 0000000000000000 RDI: 0000000000000000  \nRBP: ffff88804a2e6000 R08: ffffffff8a4bc495 R09: ffffffff89da3577  \nR10: 0000000000000004 R11: ffffffff8a4bc2b0 R12: dffffc0000000000  \nR13: ffff88806573b503 R14: dffffc0000000000 R15: ffff8880663cca00  \nFS:  0000000000000000(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000  \nCS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033  \nCR2: 00007fc90a747f98 CR3: 000000000e734000 CR4: 00000000003526f0  \nDR0: 0000000000000000 DR1: 000000000000002b DR2: 0000000000000000  \nDR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400  \nCall Trace:  \n   \n   \n   \n  __local_bh_enable_ip+0x1bb/0x200 kernel/softirq.c:382  \n  spin_unlock_bh include/linux/spinlock.h:396 [inline]  \n  nsim_dev_trap_report drivers/net/netdevsim/dev.c:820 [inline]  \n  nsim_dev_trap_report_work+0x75d/0xaa0 drivers/net/netdevsim/dev.c:850  \n  process_one_work kernel/workqueue.c:3229 [inline]  \n  process_scheduled_works+0xa63/0x1850 kernel/workqueue.c:3310  \n  worker_thread+0x870/0xd30 kernel/workqueue.c:3391  \n  kthread+0x2f0/0x390 kernel/kthread.c:389  \n  ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:147  \n  ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244 \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"07 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-07T11:54:31.000000Z"}, {"uuid": "a70b3433-1ccf-48ea-b2da-c571bee6d3da", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50159", "type": "seen", "source": "https://t.me/cvedetector/10068", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-50159 - \"ARM SCM Double Free Firmware Vuln\"\", \n  \"Content\": \"CVE ID : CVE-2024-50159 \nPublished : Nov. 7, 2024, 10:15 a.m. | 34\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved:  \n  \nfirmware: arm_scmi: Fix the double free in scmi_debugfs_common_setup()  \n  \nClang static checker(scan-build) throws below warning\uff1a  \n  |  drivers/firmware/arm_scmi/driver.c:line 2915, column 2  \n  |        Attempt to free released memory.  \n  \nWhen devm_add_action_or_reset() fails, scmi_debugfs_common_cleanup()  \nwill run twice which causes double free of 'dbg->name'.  \n  \nRemove the redundant scmi_debugfs_common_cleanup() to fix this problem. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"07 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-07T11:54:24.000000Z"}]}