{"uuid": "c74573d6-074f-4368-9ab3-ade7b79268ef", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-50094", "type": "seen", "source": "https://t.me/cvedetector/9906", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-50094 - \"Philips SFC Linux Net Driver Unconditional XDP Flush Buffer Over-Write\"\", \n  \"Content\": \"CVE ID : CVE-2024-50094 \nPublished : Nov. 5, 2024, 5:15 p.m. | 32\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved:  \n  \nsfc: Don't invoke xdp_do_flush() from netpoll.  \n  \nYury reported a crash in the sfc driver originated from  \nnetpoll_send_udp(). The netconsole sends a message and then netpoll  \ninvokes the driver's NAPI function with a budget of zero. It is  \ndedicated to allow driver to free TX resources, that it may have used  \nwhile sending the packet.  \n  \nIn the netpoll case the driver invokes xdp_do_flush() unconditionally,  \nleading to crash because bpf_net_context was never assigned.  \n  \nInvoke xdp_do_flush() only if budget is not zero. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"05 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-05T18:53:54.000000Z"}