{"vulnerability": "CVE-2024-53151", "sightings": [{"uuid": "cc930ae7-b0ab-468a-a802-48e6d24c1747", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-53151", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113707645594792662", "content": "", "creation_timestamp": "2024-12-24T11:49:39.925571Z"}, {"uuid": "e2b383af-9012-4dce-891e-2e8d624336e5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-53151", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3le2gdglf6i25", "content": "", "creation_timestamp": "2024-12-24T12:15:49.561786Z"}, {"uuid": "624b78db-6a16-4e16-b741-970538491aac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-53151", "type": "seen", "source": "https://t.me/cvedetector/13600", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-53151 - Here is the title: \"Oracle Solaris Sun RPC SVCRDMA Integer Overflow Vulnerability\"\", \n  \"Content\": \"CVE ID : CVE-2024-53151 \nPublished : Dec. 24, 2024, 12:15 p.m. | 45\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved:  \n  \nsvcrdma: Address an integer overflow  \n  \nDan Carpenter reports:  \n> Commit 78147ca8b4a9 (\"svcrdma: Add a \"parsed chunk list\" data  \n> structure\") from Jun 22, 2020 (linux-next), leads to the following  \n> Smatch static checker warning:  \n>  \n> net/sunrpc/xprtrdma/svc_rdma_recvfrom.c:498 xdr_check_write_chunk()  \n> warn: potential user controlled sizeof overflow 'segcount * 4 * 4'  \n>  \n> net/sunrpc/xprtrdma/svc_rdma_recvfrom.c  \n>     488 static bool xdr_check_write_chunk(struct svc_rdma_recv_ctxt *rctxt)  \n>     489 {  \n>     490         u32 segcount;  \n>     491         __be32 *p;  \n>     492  \n>     493         if (xdr_stream_decode_u32(&rctxt->rc_stream, &segcount))  \n>                                                               ^^^^^^^^  \n>  \n>     494                 return false;  \n>     495  \n>     496         /* A bogus segcount causes this buffer overflow check to fail. */  \n>     497         p = xdr_inline_decode(&rctxt->rc_stream,  \n> --> 498                               segcount * rpcrdma_segment_maxsz * sizeof(*p));  \n>  \n>  \n> segcount is an untrusted u32.  On 32bit systems anything >= SIZE_MAX / 16 will  \n> have an integer overflow and some those values will be accepted by  \n> xdr_inline_decode(). \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"24 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-24T14:24:32.000000Z"}]}