{"vulnerability": "CVE-2024-43900", "sightings": [{"uuid": "516d7a1a-04d8-493d-a6e1-f52be965b917", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-43900", "type": "seen", "source": "https://t.me/cvedetector/4125", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-43900 - Cisco Media xc2028 Use-After-Free Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-43900 \nPublished : Aug. 26, 2024, 11:15 a.m. | 21\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved:  \n  \nmedia: xc2028: avoid use-after-free in load_firmware_cb()  \n  \nsyzkaller reported use-after-free in load_firmware_cb() [1].  \nThe reason is because the module allocated a struct tuner in tuner_probe(),  \nand then the module initialization failed, the struct tuner was released.  \nA worker which created during module initialization accesses this struct  \ntuner later, it caused use-after-free.  \n  \nThe process is as follows:  \n  \ntask-6504           worker_thread  \ntuner_probe                             ffff8000d7ca2300: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb  \n                           ^  \n      ffff8000d7ca2380: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb  \n      ffff8000d7ca2400: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb  \n     ==================================================================  \n  \n[2]  \n    Actually, it is allocated for struct tuner, and dvb_frontend is inside. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"26 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-26T13:42:57.000000Z"}, {"uuid": "ba7e54ce-4e83-43b2-b968-d6e28d758349", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-43900", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/816dcc8e-f25a-4895-9b59-1bbd9caeccb8", "content": "", "creation_timestamp": "2025-12-03T14:14:49.267740Z"}]}