{"vulnerability": "CVE-2024-50210", "sightings": [{"uuid": "73c5ecd5-2498-4f95-ba42-729eeba12dce", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50210", "type": "seen", "source": "https://t.me/cvedetector/10166", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-50210 - Linux Kernel posix-clock Unbalanced Locking Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-50210 \nPublished : Nov. 8, 2024, 6:15 a.m. | 41\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved:  \n  \nposix-clock: posix-clock: Fix unbalanced locking in pc_clock_settime()  \n  \nIf get_clock_desc() succeeds, it calls fget() for the clockid's fd,  \nand get the clk->rwsem read lock, so the error path should release  \nthe lock to make the lock balance and fput the clockid's fd to make  \nthe refcount balance and release the fd related resource.  \n  \nHowever the below commit left the error path locked behind resulting in  \nunbalanced locking. Check timespec64_valid_strict() before  \nget_clock_desc() to fix it, because the \"ts\" is not changed  \nafter that.  \n  \n[pabeni@redhat.com: fixed commit message typo] \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"08 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-08T07:59:37.000000Z"}]}