{"uuid": "fb86c93b-b864-4ae0-9a13-c579339f53c2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-50132", "type": "seen", "source": "https://t.me/cvedetector/9926", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-50132 - Linux Kernel Tracing Probe Array Overflow Null Pointer Dereference Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-50132 \nPublished : Nov. 5, 2024, 6:15 p.m. | 22\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved:  \n  \ntracing/probes: Fix MAX_TRACE_ARGS limit handling  \n  \nWhen creating a trace_probe we would set nr_args prior to truncating the  \narguments to MAX_TRACE_ARGS. However, we would only initialize arguments  \nup to the limit.  \n  \nThis caused invalid memory access when attempting to set up probes with  \nmore than 128 fetchargs.  \n  \n  BUG: kernel NULL pointer dereference, address: 0000000000000020  \n  #PF: supervisor read access in kernel mode  \n  #PF: error_code(0x0000) - not-present page  \n  PGD 0 P4D 0  \n  Oops: Oops: 0000 [#1] PREEMPT SMP PTI  \n  CPU: 0 UID: 0 PID: 1769 Comm: cat Not tainted 6.11.0-rc7+ #8  \n  Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-1.fc39 04/01/2014  \n  RIP: 0010:__set_print_fmt+0x134/0x330  \n  \nResolve the issue by applying the MAX_TRACE_ARGS limit earlier. Return  \nan error when there are too many arguments instead of silently  \ntruncating. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"05 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-05T19:44:29.000000Z"}