{"vulnerability": "CVE-2024-47408", "sightings": [{"uuid": "dd158ef2-b108-4e9e-a8bd-47c3d4c10df1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-47408", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/1314", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-47408\n\ud83d\udd39 Description: In the Linux kernel, the following vulnerability has been resolved:\n\nnet/smc: check smcd_v2_ext_offset when receiving proposal msg\n\nWhen receiving proposal msg in server, the field smcd_v2_ext_offset in\nproposal msg is from the remote client and can not be fully trusted.\nOnce the value of smcd_v2_ext_offset exceed the max value, there has\nthe chance to access wrong address, and crash may happen.\n\nThis patch checks the value of smcd_v2_ext_offset before using it.\n\ud83d\udccf Published: 2025-01-11T12:35:35.284Z\n\ud83d\udccf Modified: 2025-01-11T12:35:35.284Z\n\ud83d\udd17 References:\n1. https://git.kernel.org/stable/c/a36364d8d4fabb105001f992fb8ff2d3546203d6\n2. https://git.kernel.org/stable/c/e1cc8be2a785a8f1ce1f597f3e608602c5fccd46\n3. https://git.kernel.org/stable/c/935caf324b445fe73d7708fae6f7176fb243f357\n4. https://git.kernel.org/stable/c/48d5a8a304a643613dab376a278f29d3e22f7c34\n5. https://git.kernel.org/stable/c/9ab332deb671d8f7e66d82a2ff2b3f715bc3a4ad", "creation_timestamp": "2025-01-11T13:06:50.000000Z"}, {"uuid": "d9ffcfdd-faec-4734-a4b8-7a9067d8ef05", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-47408", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lfhs3kejje2i", "content": "", "creation_timestamp": "2025-01-11T13:15:58.217525Z"}]}