{"vulnerability": "cve-2022-4991", "sightings": [{"uuid": "260d1ddc-0cbd-4f40-946a-4ec544fe1d23", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-49918", "type": "seen", "source": "https://t.me/cvedetector/24248", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2022-49918 - Linux Kernel ipvs proc_entry Double Free\", \n  \"Content\": \"CVE ID : CVE-2022-49918 \nPublished : May 1, 2025, 3:16 p.m. | 1\u00a0hour, 9\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved:  \n  \nipvs: fix WARNING in __ip_vs_cleanup_batch()  \n  \nDuring the initialization of ip_vs_conn_net_init(), if file ip_vs_conn  \nor ip_vs_conn_sync fails to be created, the initialization is successful  \nby default. Therefore, the ip_vs_conn or ip_vs_conn_sync file doesn't  \nbe found during the remove.  \n  \nThe following is the stack information:  \nname 'ip_vs_conn_sync'  \nWARNING: CPU: 3 PID: 9 at fs/proc/generic.c:712  \nremove_proc_entry+0x389/0x460  \nModules linked in:  \nWorkqueue: netns cleanup_net  \nRIP: 0010:remove_proc_entry+0x389/0x460  \nCall Trace:  \n  \n__ip_vs_cleanup_batch+0x7d/0x120  \nops_exit_list+0x125/0x170  \ncleanup_net+0x4ea/0xb00  \nprocess_one_work+0x9bf/0x1710  \nworker_thread+0x665/0x1080  \nkthread+0x2e4/0x3a0  \nret_from_fork+0x1f/0x30 \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"01 May 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-05-01T19:01:41.000000Z"}, {"uuid": "1755ddf7-92ad-44e8-8699-5af580688594", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-49912", "type": "seen", "source": "https://t.me/cvedetector/24250", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2022-49912 - Linux Btrfs Ulist Leak\", \n  \"Content\": \"CVE ID : CVE-2022-49912 \nPublished : May 1, 2025, 3:16 p.m. | 1\u00a0hour, 9\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved:  \n  \nbtrfs: fix ulist leaks in error paths of qgroup self tests  \n  \nIn the test_no_shared_qgroup() and test_multiple_refs() qgroup self tests,  \nif we fail to add the tree ref, remove the extent item or remove the  \nextent ref, we are returning from the test function without freeing the  \n\"old_roots\" ulist that was allocated by the previous calls to  \nbtrfs_find_all_roots(). Fix that by calling ulist_free() before returning. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"01 May 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-05-01T19:01:43.000000Z"}, {"uuid": "0b7bedb9-6a34-49a5-ac26-0982e47b1037", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-49911", "type": "published-proof-of-concept", "source": "https://t.me/cvedetector/24251", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2022-49911 - Linux kernel netfilter ipset Memory Allocation Denial of Service\", \n  \"Content\": \"CVE ID : CVE-2022-49911 \nPublished : May 1, 2025, 3:16 p.m. | 1\u00a0hour, 9\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved:  \n  \nnetfilter: ipset: enforce documented limit to prevent allocating huge memory  \n  \nDaniel Xu reported that the hash:net,iface type of the ipset subsystem does  \nnot limit adding the same network with different interfaces to a set, which  \ncan lead to huge memory usage or allocation failure.  \n  \nThe quick reproducer is  \n  \n$ ipset create ACL.IN.ALL_PERMIT hash:net,iface hashsize 1048576 timeout 0  \n$ for i in $(seq 0 100); do /sbin/ipset add ACL.IN.ALL_PERMIT 0.0.0.0/0,kaf_$i timeout 0 -exist; done  \n  \nThe backtrace when vmalloc fails:  \n  \n        [Tue Oct 25 00:13:08 2022] ipset: vmalloc error: size 1073741848, exceeds total pages <...[Tue Oct 25 00:13:08 2022] Call Trace:  \n        [Tue Oct 25 00:13:08 2022]    \n        [Tue Oct 25 00:13:08 2022]  dump_stack_lvl+0x48/0x60  \n        [Tue Oct 25 00:13:08 2022]  warn_alloc+0x155/0x180  \n        [Tue Oct 25 00:13:08 2022]  __vmalloc_node_range+0x72a/0x760  \n        [Tue Oct 25 00:13:08 2022]  ? hash_netiface4_add+0x7c0/0xb20  \n        [Tue Oct 25 00:13:08 2022]  ? __kmalloc_large_node+0x4a/0x90  \n        [Tue Oct 25 00:13:08 2022]  kvmalloc_node+0xa6/0xd0  \n        [Tue Oct 25 00:13:08 2022]  ? hash_netiface4_resize+0x99/0x710 <...The fix is to enforce the limit documented in the ipset(8) manpage:  \n  \n>  The internal restriction of the hash:net,iface set type is that the same  \n>  network prefix cannot be stored with more than 64 different interfaces  \n>  in a single set. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"01 May 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-05-01T19:01:43.000000Z"}, {"uuid": "ae47833b-090e-42a9-8a57-be65fdb117a9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-49919", "type": "seen", "source": "https://t.me/cvedetector/24244", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2022-49919 - Netfilter NF Tables Use-After-Free Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2022-49919 \nPublished : May 1, 2025, 3:16 p.m. | 1\u00a0hour, 9\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved:  \n  \nnetfilter: nf_tables: release flow rule object from commit path  \n  \nNo need to postpone this to the commit release path, since no packets  \nare walking over this object, this is accessed from control plane only.  \nThis helped uncovered UAF triggered by races with the netlink notifier. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"01 May 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-05-01T19:01:35.000000Z"}, {"uuid": "fdd05416-b427-4b16-951f-d92839cfbbb9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2022-49910", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/", "content": "", "creation_timestamp": "2026-03-19T00:00:00.000000Z"}]}