{"vulnerability": "CVE-2024-56549", "sightings": [{"uuid": "1b31d332-99b7-4172-bb1f-ddfa1640351e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56549", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lec6nljrqw22", "content": "", "creation_timestamp": "2024-12-27T14:19:38.140554Z"}, {"uuid": "260e5ae3-cb2a-4249-b02c-d440c1c36318", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56549", "type": "seen", "source": "https://t.me/cvedetector/13746", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-56549 - Linux Kernel cachefiles NULL Pointer Dereference\", \n  \"Content\": \"CVE ID : CVE-2024-56549 \nPublished : Dec. 27, 2024, 2:15 p.m. | 42\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved:  \n  \ncachefiles: Fix NULL pointer dereference in object->file  \n  \nAt present, the object->file has the NULL pointer dereference problem in  \nondemand-mode. The root cause is that the allocated fd and object->file  \nlifetime are inconsistent, and the user-space invocation to anon_fd uses  \nobject->file. Following is the process that triggers the issue:  \n  \n   [write fd]    [umount]  \ncachefiles_ondemand_fd_write_iter  \n           fscache_cookie_state_machine  \n      cachefiles_withdraw_cookie  \n  if (!file) return -ENOBUFS  \n        cachefiles_clean_up_object  \n          cachefiles_unmark_inode_in_use  \n          fput(object->file)  \n          object->file = NULL  \n  // file NULL pointer dereference!  \n  __cachefiles_write(..., file, ...)  \n  \nFix this issue by add an additional reference count to the object->file  \nbefore write/llseek, and decrement after it finished. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"27 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-27T15:59:50.000000Z"}]}