{"vulnerability": "CVE-2024-57901", "sightings": [{"uuid": "c562c0dc-9577-44e0-9f21-113e909086dd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-57901", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lfrtzkbblm2h", "content": "", "creation_timestamp": "2025-01-15T13:17:15.865271Z"}, {"uuid": "9ec0fee8-a842-4f33-881b-f196a62200f7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-57901", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lfrvq6scl42e", "content": "", "creation_timestamp": "2025-01-15T13:47:50.059063Z"}, {"uuid": "72344e05-a479-48de-86ff-03e647b0f7e0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-57901", "type": "seen", "source": "https://t.me/cvedetector/15448", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-57901 - Linux Kernel af_packet VLAN Protocol Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-57901 \nPublished : Jan. 15, 2025, 1:15 p.m. | 36\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved:  \n  \naf_packet: fix vlan_get_protocol_dgram() vs MSG_PEEK  \n  \nBlamed commit forgot MSG_PEEK case, allowing a crash [1] as found  \nby syzbot.  \n  \nRework vlan_get_protocol_dgram() to not touch skb at all,  \nso that it can be used from many cpus on the same skb.  \n  \nAdd a const qualifier to skb argument.  \n  \n[1]  \nskbuff: skb_under_panic: text:ffffffff8a8ccd05 len:29 put:14 head:ffff88807fc8e400 data:ffff88807fc8e3f4 tail:0x11 end:0x140 dev:  \n------------[ cut here ]------------  \n kernel BUG at net/core/skbuff.c:206 !  \nOops: invalid opcode: 0000 [#1] PREEMPT SMP KASAN PTI  \nCPU: 1 UID: 0 PID: 5892 Comm: syz-executor883 Not tainted 6.13.0-rc4-syzkaller-00054-gd6ef8b40d075 #0  \nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024  \n RIP: 0010:skb_panic net/core/skbuff.c:206 [inline]  \n RIP: 0010:skb_under_panic+0x14b/0x150 net/core/skbuff.c:216  \nCode: 0b 8d 48 c7 c6 86 d5 25 8e 48 8b 54 24 08 8b 0c 24 44 8b 44 24 04 4d 89 e9 50 41 54 41 57 41 56 e8 5a 69 79 f7 48 83 c4 20 90 <0f0b 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3  \nRSP: 0018:ffffc900038d7638 EFLAGS: 00010282  \nRAX: 0000000000000087 RBX: dffffc0000000000 RCX: 609ffd18ea660600  \nRDX: 0000000000000000 RSI: 0000000080000000 RDI: 0000000000000000  \nRBP: ffff88802483c8d0 R08: ffffffff817f0a8c R09: 1ffff9200071ae60  \nR10: dffffc0000000000 R11: fffff5200071ae61 R12: 0000000000000140  \nR13: ffff88807fc8e400 R14: ffff88807fc8e3f4 R15: 0000000000000011  \nFS:  00007fbac5e006c0(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000  \nCS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033  \nCR2: 00007fbac5e00d58 CR3: 000000001238e000 CR4: 00000000003526f0  \nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000  \nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400  \nCall Trace:  \n   \n  skb_push+0xe5/0x100 net/core/skbuff.c:2636  \n  vlan_get_protocol_dgram+0x165/0x290 net/packet/af_packet.c:585  \n  packet_recvmsg+0x948/0x1ef0 net/packet/af_packet.c:3552  \n  sock_recvmsg_nosec net/socket.c:1033 [inline]  \n  sock_recvmsg+0x22f/0x280 net/socket.c:1055  \n  ____sys_recvmsg+0x1c6/0x480 net/socket.c:2803  \n  ___sys_recvmsg net/socket.c:2845 [inline]  \n  do_recvmmsg+0x426/0xab0 net/socket.c:2940  \n  __sys_recvmmsg net/socket.c:3014 [inline]  \n  __do_sys_recvmmsg net/socket.c:3037 [inline]  \n  __se_sys_recvmmsg net/socket.c:3030 [inline]  \n  __x64_sys_recvmmsg+0x199/0x250 net/socket.c:3030  \n  do_syscall_x64 arch/x86/entry/common.c:52 [inline]  \n  do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83  \n entry_SYSCALL_64_after_hwframe+0x77/0x7f \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"15 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-15T15:06:49.000000Z"}]}