{"uuid": "26292aaa-4d7c-4085-9bc9-8b6d9b3095a6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-57912", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/2340", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-57912\n\ud83d\udd39 Description: In the Linux kernel, the following vulnerability has been resolved:\n\niio: pressure: zpa2326: fix information leak in triggered buffer\n\nThe 'sample' local struct is used to push data to user space from a\ntriggered buffer, but it has a hole between the temperature and the\ntimestamp (u32 pressure, u16 temperature, GAP, u64 timestamp).\nThis hole is never initialized.\n\nInitialize the struct to zero before using it to avoid pushing\nuninitialized information to userspace.\n\ud83d\udccf Published: 2025-01-19T11:52:34.490Z\n\ud83d\udccf Modified: 2025-01-19T11:52:34.490Z\n\ud83d\udd17 References:\n1. https://git.kernel.org/stable/c/b7849f62e61242e0e02c776e1109eb81e59c567c\n2. https://git.kernel.org/stable/c/fefb88a4da961a0b9c2473cbdcfce1a942fcfa9a\n3. https://git.kernel.org/stable/c/979a0db76ceda8fe1f2f85a116bfe97620ebbadf\n4. https://git.kernel.org/stable/c/6007d10c5262f6f71479627c1216899ea7f09073", "creation_timestamp": "2025-01-19T11:58:35.000000Z"}