https://db.gcve.eu/sightings/feed 2026-06-05T00:08:03.771596+00:00 Vulnerability-Lookup info@gcve.eu python-feedgen Contains only the most 10 recent sightings. https://db.gcve.eu/sighting/9d218992-be86-4396-b11f-645885861715/export 2026-06-05T00:08:04.045426+00:00 cedric https://db.gcve.eu/user/cedric {"uuid": "9d218992-be86-4396-b11f-645885861715", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-46782", "type": "seen", "source": "https://t.me/cvedetector/5943", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-46782 - Here is the title: \"IPv6 ILA Rhashtable Use-After-Free Vulnerability\"\", \n \"Content\": \"CVE ID : CVE-2024-46782 \nPublished : Sept. 18, 2024, 8:15 a.m. | 35\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved: \n \nila: call nf_unregister_net_hooks() sooner \n \nsyzbot found an use-after-free Read in ila_nf_input [1] \n \nIssue here is that ila_xlat_exit_net() frees the rhashtable, \nthen call nf_unregister_net_hooks(). \n \nIt should be done in the reverse way, with a synchronize_rcu(). \n \nThis is a good match for a pre_exit() method. \n \n[1] \n BUG: KASAN: use-after-free in rht_key_hashfn include/linux/rhashtable.h:159 [inline] \n BUG: KASAN: use-after-free in __rhashtable_lookup include/linux/rhashtable.h:604 [inline] \n BUG: KASAN: use-after-free in rhashtable_lookup include/linux/rhashtable.h:646 [inline] \n BUG: KASAN: use-after-free in rhashtable_lookup_fast+0x77a/0x9b0 include/linux/rhashtable.h:672 \nRead of size 4 at addr ffff888064620008 by task ksoftirqd/0/16 \n \nCPU: 0 UID: 0 PID: 16 Comm: ksoftirqd/0 Not tainted 6.11.0-rc4-syzkaller-00238-g2ad6d23f465a #0 \nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 \nCall Trace: \n \n __dump_stack lib/dump_stack.c:93 [inline] \n dump_stack_lvl+0x241/0x360 lib/dump_stack.c:119 \n print_address_description mm/kasan/report.c:377 [inline] \n print_report+0x169/0x550 mm/kasan/report.c:488 \n kasan_report+0x143/0x180 mm/kasan/report.c:601 \n rht_key_hashfn include/linux/rhashtable.h:159 [inline] \n __rhashtable_lookup include/linux/rhashtable.h:604 [inline] \n rhashtable_lookup include/linux/rhashtable.h:646 [inline] \n rhashtable_lookup_fast+0x77a/0x9b0 include/linux/rhashtable.h:672 \n ila_lookup_wildcards net/ipv6/ila/ila_xlat.c:132 [inline] \n ila_xlat_addr net/ipv6/ila/ila_xlat.c:652 [inline] \n ila_nf_input+0x1fe/0x3c0 net/ipv6/ila/ila_xlat.c:190 \n nf_hook_entry_hookfn include/linux/netfilter.h:154 [inline] \n nf_hook_slow+0xc3/0x220 net/netfilter/core.c:626 \n nf_hook include/linux/netfilter.h:269 [inline] \n NF_HOOK+0x29e/0x450 include/linux/netfilter.h:312 \n __netif_receive_skb_one_core net/core/dev.c:5661 [inline] \n __netif_receive_skb+0x1ea/0x650 net/core/dev.c:5775 \n process_backlog+0x662/0x15b0 net/core/dev.c:6108 \n __napi_poll+0xcb/0x490 net/core/dev.c:6772 \n napi_poll net/core/dev.c:6841 [inline] \n net_rx_action+0x89b/0x1240 net/core/dev.c:6963 \n handle_softirqs+0x2c4/0x970 kernel/softirq.c:554 \n run_ksoftirqd+0xca/0x130 kernel/softirq.c:928 \n smpboot_thread_fn+0x544/0xa30 kernel/smpboot.c:164 \n kthread+0x2f0/0x390 kernel/kthread.c:389 \n ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:147 \n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244 \n \n \nThe buggy address belongs to the physical page: \npage: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x64620 \nflags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff) \npage_type: 0xbfffffff(buddy) \nraw: 00fff00000000000 ffffea0000959608 ffffea00019d9408 0000000000000000 \nraw: 0000000000000000 0000000000000003 00000000bfffffff 0000000000000000 \npage dumped because: kasan: bad access detected \npage_owner tracks the page as freed \npage last allocated via order 3, migratetype Unmovable, gfp_mask 0x52dc0(GFP_KERNEL|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_ZERO), pid 5242, tgid 5242 (syz-executor), ts 73611328570, free_ts 618981657187 \n set_page_owner include/linux/page_owner.h:32 [inline] \n post_alloc_hook+0x1f3/0x230 mm/page_alloc.c:1493 \n prep_new_page mm/page_alloc.c:1501 [inline] \n get_page_from_freelist+0x2e4c/0x2f10 mm/page_alloc.c:3439 \n __alloc_pages_noprof+0x256/0x6c0 mm/page_alloc.c:4695 \n __alloc_pages_node_noprof include/linux/gfp.h:269 [inline] \n alloc_pages_node_noprof include/linux/gfp.h:296 [inline] \n ___kmalloc_large_node+0x8b/0x1d0 mm/slub.c:4103 \n __kmalloc_large_node_noprof+0x1a/0x80 mm/slub.c:4130 \n __do_kmalloc_node m[...]", "creation_timestamp": "2024-09-18T10:52:47.000000Z"} 2024-09-18T10:52:47+00:00 https://db.gcve.eu/sighting/4ec01b9f-f7f2-4427-8130-e577133170ec/export 2026-06-05T00:08:04.045366+00:00 cedric https://db.gcve.eu/user/cedric {"uuid": "4ec01b9f-f7f2-4427-8130-e577133170ec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-46783", "type": "seen", "source": "https://t.me/cvedetector/5945", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-46783 - Linux tcp_bpf Send Message Buffer Overflow ( SEGFAULT )\", \n \"Content\": \"CVE ID : CVE-2024-46783 \nPublished : Sept. 18, 2024, 8:15 a.m. | 35\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved: \n \ntcp_bpf: fix return value of tcp_bpf_sendmsg() \n \nWhen we cork messages in psock->cork, the last message triggers the \nflushing will result in sending a sk_msg larger than the current \nmessage size. In this case, in tcp_bpf_send_verdict(), 'copied' becomes \nnegative at least in the following case: \n \n468 case __SK_DROP: \n469 default: \n470 sk_msg_free_partial(sk, msg, tosend); \n471 sk_msg_apply_bytes(psock, tosend); \n472 *copied -= (tosend + delta); // <====\nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"18 Sep 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-18T10:53:23.000000Z"} 2024-09-18T10:53:23+00:00 https://db.gcve.eu/sighting/44668d9f-c805-4f3f-aab4-fb1a5e209293/export 2026-06-05T00:08:04.045303+00:00 cedric https://db.gcve.eu/user/cedric {"uuid": "44668d9f-c805-4f3f-aab4-fb1a5e209293", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-46784", "type": "seen", "source": "https://t.me/cvedetector/5946", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-46784 - Intel Mana NAPI Race Condition Vulnerability\", \n \"Content\": \"CVE ID : CVE-2024-46784 \nPublished : Sept. 18, 2024, 8:15 a.m. | 35\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved: \n \nnet: mana: Fix error handling in mana_create_txq/rxq's NAPI cleanup \n \nCurrently napi_disable() gets called during rxq and txq cleanup, \neven before napi is enabled and hrtimer is initialized. It causes \nkernel panic. \n \n? page_fault_oops+0x136/0x2b0 \n ? page_counter_cancel+0x2e/0x80 \n ? do_user_addr_fault+0x2f2/0x640 \n ? refill_obj_stock+0xc4/0x110 \n ? exc_page_fault+0x71/0x160 \n ? asm_exc_page_fault+0x27/0x30 \n ? __mmdrop+0x10/0x180 \n ? __mmdrop+0xec/0x180 \n ? hrtimer_active+0xd/0x50 \n hrtimer_try_to_cancel+0x2c/0xf0 \n hrtimer_cancel+0x15/0x30 \n napi_disable+0x65/0x90 \n mana_destroy_rxq+0x4c/0x2f0 \n mana_create_rxq.isra.0+0x56c/0x6d0 \n ? mana_uncfg_vport+0x50/0x50 \n mana_alloc_queues+0x21b/0x320 \n ? skb_dequeue+0x5f/0x80 \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"18 Sep 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-18T10:53:24.000000Z"} 2024-09-18T10:53:24+00:00 https://db.gcve.eu/sighting/27d2509a-1752-4495-be4d-288178750957/export 2026-06-05T00:08:04.045230+00:00 cedric https://db.gcve.eu/user/cedric {"uuid": "27d2509a-1752-4495-be4d-288178750957", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-46785", "type": "published-proof-of-concept", "source": "https://t.me/cvedetector/5947", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-46785 - Linux Eventfs Null Pointer Dereference Vulnerability\", \n \"Content\": \"CVE ID : CVE-2024-46785 \nPublished : Sept. 18, 2024, 8:15 a.m. | 35\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved: \n \neventfs: Use list_del_rcu() for SRCU protected list variable \n \nChi Zhiling reported: \n \n We found a null pointer accessing in tracefs[1], the reason is that the \n variable 'ei_child' is set to LIST_POISON1, that means the list was \n removed in eventfs_remove_rec. so when access the ei_child->is_freed, the \n panic triggered. \n \n by the way, the following script can reproduce this panic \n \n loop1 (){ \n while true \n do \n echo \"p:kp submit_bio\" > /sys/kernel/debug/tracing/kprobe_events \n echo \"\" > /sys/kernel/debug/tracing/kprobe_events \n done \n } \n loop2 (){ \n while true \n do \n tree /sys/kernel/debug/tracing/events/kprobes/ \n done \n } \n loop1 & \n loop2 \n \n [1]: \n [ 1147.959632][T17331] Unable to handle kernel paging request at virtual address dead000000000150 \n [ 1147.968239][T17331] Mem abort info: \n [ 1147.971739][T17331] ESR = 0x0000000096000004 \n [ 1147.976172][T17331] EC = 0x25: DABT (current EL), IL = 32 bits \n [ 1147.982171][T17331] SET = 0, FnV = 0 \n [ 1147.985906][T17331] EA = 0, S1PTW = 0 \n [ 1147.989734][T17331] FSC = 0x04: level 0 translation fault \n [ 1147.995292][T17331] Data abort info: \n [ 1147.998858][T17331] ISV = 0, ISS = 0x00000004, ISS2 = 0x00000000 \n [ 1148.005023][T17331] CM = 0, WnR = 0, TnD = 0, TagAccess = 0 \n [ 1148.010759][T17331] GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0 \n [ 1148.016752][T17331] [dead000000000150] address between user and kernel address ranges \n [ 1148.024571][T17331] Internal error: Oops: 0000000096000004 [#1] SMP \n [ 1148.030825][T17331] Modules linked in: team_mode_loadbalance team nlmon act_gact cls_flower sch_ingress bonding tls macvlan dummy ib_core bridge stp llc veth amdgpu amdxcp mfd_core gpu_sched drm_exec drm_buddy radeon crct10dif_ce video drm_suballoc_helper ghash_ce drm_ttm_helper sha2_ce ttm sha256_arm64 i2c_algo_bit sha1_ce sbsa_gwdt cp210x drm_display_helper cec sr_mod cdrom drm_kms_helper binfmt_misc sg loop fuse drm dm_mod nfnetlink ip_tables autofs4 [last unloaded: tls] \n [ 1148.072808][T17331] CPU: 3 PID: 17331 Comm: ls Tainted: G W ------- ---- 6.6.43 #2 \n [ 1148.081751][T17331] Source Version: 21b3b386e948bedd29369af66f3e98ab01b1c650 \n [ 1148.088783][T17331] Hardware name: Greatwall GW-001M1A-FTF/GW-001M1A-FTF, BIOS KunLun BIOS V4.0 07/16/2020 \n [ 1148.098419][T17331] pstate: 20000005 (nzCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--) \n [ 1148.106060][T17331] pc : eventfs_iterate+0x2c0/0x398 \n [ 1148.111017][T17331] lr : eventfs_iterate+0x2fc/0x398 \n [ 1148.115969][T17331] sp : ffff80008d56bbd0 \n [ 1148.119964][T17331] x29: ffff80008d56bbf0 x28: ffff001ff5be2600 x27: 0000000000000000 \n [ 1148.127781][T17331] x26: ffff001ff52ca4e0 x25: 0000000000009977 x24: dead000000000100 \n [ 1148.135598][T17331] x23: 0000000000000000 x22: 000000000000000b x21: ffff800082645f10 \n [ 1148.143415][T17331] x20: ffff001fddf87c70 x19: ffff80008d56bc90 x18: 0000000000000000 \n [ 1148.151231][T17331] x17: 0000000000000000 x16: 0000000000000000 x15: ffff001ff52ca4e0 \n [ 1148.159048][T17331] x14: 0000000000000000 x13: 0000000000000000 x12: 0000000000000000 \n [ 1148.166864][T17331] x11: 0000000000000000 x10: 0000000000000000 x9 : ffff8000804391d0 \n [ 1148.174680][T17331] x8 : 0000000180000000 x7 : 0000000000000018 x6 : 0000aaab04b92862 \n [ 1148.182498][T17331] x5 : 0000aaab04b92862 x4 : 0000000080000000 x3 : 0000000000000068 \n [ 1148.190314][T17331] x2 : 000000000000000f x1 : 0000000000007ea8 x0 : 0000000000000001 \n [ 1148.198131][T17331] Call trace: \n [ 1148.201259][T17331] eventfs_iterate+0x2c0/0x398 \n [ 1148.205864][T17331] iterate_dir+0x98/0x188 \n [ 1[...]", "creation_timestamp": "2024-09-18T10:53:25.000000Z"} 2024-09-18T10:53:25+00:00 https://db.gcve.eu/sighting/36c429c9-0564-4fc5-895f-4483f3ef1677/export 2026-06-05T00:08:04.045142+00:00 cedric https://db.gcve.eu/user/cedric {"uuid": "36c429c9-0564-4fc5-895f-4483f3ef1677", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-46786", "type": "seen", "source": "https://t.me/cvedetector/5949", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-46786 - Apache Linux fscache Use-After-Free Vulnerability\", \n \"Content\": \"CVE ID : CVE-2024-46786 \nPublished : Sept. 18, 2024, 8:15 a.m. | 35\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved: \n \nfscache: delete fscache_cookie_lru_timer when fscache exits to avoid UAF \n \nThe fscache_cookie_lru_timer is initialized when the fscache module \nis inserted, but is not deleted when the fscache module is removed. \nIf timer_reduce() is called before removing the fscache module, \nthe fscache_cookie_lru_timer will be added to the timer list of \nthe current cpu. Afterwards, a use-after-free will be triggered \nin the softIRQ after removing the fscache module, as follows: \n \n================================================================== \nBUG: unable to handle page fault for address: fffffbfff803c9e9 \n PF: supervisor read access in kernel mode \n PF: error_code(0x0000) - not-present page \nPGD 21ffea067 P4D 21ffea067 PUD 21ffe6067 PMD 110a7c067 PTE 0 \nOops: Oops: 0000 [#1] PREEMPT SMP KASAN PTI \nCPU: 1 UID: 0 PID: 0 Comm: swapper/1 Tainted: G W 6.11.0-rc3 #855 \nTainted: [W]=WARN \nRIP: 0010:__run_timer_base.part.0+0x254/0x8a0 \nCall Trace: \n \n tmigr_handle_remote_up+0x627/0x810 \n __walk_groups.isra.0+0x47/0x140 \n tmigr_handle_remote+0x1fa/0x2f0 \n handle_softirqs+0x180/0x590 \n irq_exit_rcu+0x84/0xb0 \n sysvec_apic_timer_interrupt+0x6e/0x90 \n \n \n asm_sysvec_apic_timer_interrupt+0x1a/0x20 \nRIP: 0010:default_idle+0xf/0x20 \n default_idle_call+0x38/0x60 \n do_idle+0x2b5/0x300 \n cpu_startup_entry+0x54/0x60 \n start_secondary+0x20d/0x280 \n common_startup_64+0x13e/0x148 \n \nModules linked in: [last unloaded: netfs] \n================================================================== \n \nTherefore delete fscache_cookie_lru_timer when removing the fscahe module. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"18 Sep 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-18T10:53:27.000000Z"} 2024-09-18T10:53:27+00:00 https://db.gcve.eu/sighting/ac5b9b41-edf7-4c59-b436-c0fcef418e46/export 2026-06-05T00:08:04.045086+00:00 cedric https://db.gcve.eu/user/cedric {"uuid": "ac5b9b41-edf7-4c59-b436-c0fcef418e46", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-46780", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-226-07", "content": "", "creation_timestamp": "2025-08-14T10:00:00.000000Z"} 2025-08-14T10:00:00+00:00 https://db.gcve.eu/sighting/0eec6dce-e1fd-4581-bd40-8187aa7e9fce/export 2026-06-05T00:08:04.045030+00:00 cedric https://db.gcve.eu/user/cedric {"uuid": "0eec6dce-e1fd-4581-bd40-8187aa7e9fce", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-46781", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-226-07", "content": "", "creation_timestamp": "2025-08-14T10:00:00.000000Z"} 2025-08-14T10:00:00+00:00 https://db.gcve.eu/sighting/f83ad8f1-0610-4add-b787-ce8d1686e7f8/export 2026-06-05T00:08:04.044973+00:00 cedric https://db.gcve.eu/user/cedric {"uuid": "f83ad8f1-0610-4add-b787-ce8d1686e7f8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-46783", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-226-07", "content": "", "creation_timestamp": "2025-08-14T10:00:00.000000Z"} 2025-08-14T10:00:00+00:00 https://db.gcve.eu/sighting/1544a7f6-b1e1-4462-9317-24b76c9630fa/export 2026-06-05T00:08:04.044884+00:00 cedric https://db.gcve.eu/user/cedric {"uuid": "1544a7f6-b1e1-4462-9317-24b76c9630fa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-46782", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-226-07", "content": "", "creation_timestamp": "2025-08-14T10:00:00.000000Z"} 2025-08-14T10:00:00+00:00 https://db.gcve.eu/sighting/a8fcff63-f6e9-4a62-9edd-9eda5efbb5ed/export 2026-06-05T00:08:04.040645+00:00 cedric https://db.gcve.eu/user/cedric {"uuid": "a8fcff63-f6e9-4a62-9edd-9eda5efbb5ed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-46787", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/816dcc8e-f25a-4895-9b59-1bbd9caeccb8", "content": "", "creation_timestamp": "2025-12-03T14:14:49.267740Z"} 2025-12-03T14:14:49.267740+00:00