{"vulnerability": "cve-2024-4997", "sightings": [{"uuid": "4e72ca1c-1b3d-4bb8-ae32-1bc606c65db5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49974", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/816dcc8e-f25a-4895-9b59-1bbd9caeccb8", "content": "", "creation_timestamp": "2025-12-03T14:14:49.267740Z"}, {"uuid": "e4accc2e-153b-44b0-baea-138e3dc4e1b5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49970", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/816dcc8e-f25a-4895-9b59-1bbd9caeccb8", "content": "", "creation_timestamp": "2025-12-03T14:14:49.267740Z"}, {"uuid": "4029d234-d9f2-426c-bba9-4535d4466047", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49971", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/1940", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-49971\n\ud83d\udd39 Description: In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Increase array size of dummy_boolean\n\n[WHY]\ndml2_core_shared_mode_support and dml_core_mode_support access the third\nelement of dummy_boolean, i.e. hw_debug5 = &s->dummy_boolean[2], when\ndummy_boolean has size of 2. Any assignment to hw_debug5 causes an\nOVERRUN.\n\n[HOW]\nIncrease dummy_boolean's array size to 3.\n\nThis fixes 2 OVERRUN issues reported by Coverity.\n\ud83d\udccf Published: 2024-10-21T18:02:20.344Z\n\ud83d\udccf Modified: 2025-01-16T11:53:24.847Z\n\ud83d\udd17 References:\n1. https://git.kernel.org/stable/c/e9e48b7bb9cf3b78f0305ef0144aaf61da0a83d8\n2. https://git.kernel.org/stable/c/6d64d39486197083497a01b39e23f2f8474b35d3", "creation_timestamp": "2025-01-16T12:55:29.000000Z"}, {"uuid": "219b9375-c7cc-4140-9f11-ef0895d114cf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49979", "type": "seen", "source": "https://t.me/cvedetector/8525", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-49979 - Linux Kernel TCP GSO Fraglist Null Pointer Dereference Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-49979 \nPublished : Oct. 21, 2024, 6:15 p.m. | 44\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved:  \n  \nnet: gso: fix tcp fraglist segmentation after pull from frag_list  \n  \nDetect tcp gso fraglist skbs with corrupted geometry (see below) and  \npass these to skb_segment instead of skb_segment_list, as the first  \ncan segment them correctly.  \n  \nValid SKB_GSO_FRAGLIST skbs  \n- consist of two or more segments  \n- the head_skb holds the protocol headers plus first gso_size  \n- one or more frag_list skbs hold exactly one segment  \n- all but the last must be gso_size  \n  \nOptional datapath hooks such as NAT and BPF (bpf_skb_pull_data) can  \nmodify these skbs, breaking these invariants.  \n  \nIn extreme cases they pull all data into skb linear. For TCP, this  \ncauses a NULL ptr deref in __tcpv4_gso_segment_list_csum at  \ntcp_hdr(seg->next).  \n  \nDetect invalid geometry due to pull, by checking head_skb size.  \nDon't just drop, as this may blackhole a destination. Convert to be  \nable to pass to regular skb_segment.  \n  \nApproach and description based on a patch by Willem de Bruijn. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"21 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-21T21:02:17.000000Z"}, {"uuid": "78454525-5f8b-47ca-b4a7-7c4461204b0a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49978", "type": "seen", "source": "https://t.me/cvedetector/8523", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-49978 - Linux Kernel UDP GSO Fraglist Segmentation Denial of Service\", \n  \"Content\": \"CVE ID : CVE-2024-49978 \nPublished : Oct. 21, 2024, 6:15 p.m. | 44\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved:  \n  \ngso: fix udp gso fraglist segmentation after pull from frag_list  \n  \nDetect gso fraglist skbs with corrupted geometry (see below) and  \npass these to skb_segment instead of skb_segment_list, as the first  \ncan segment them correctly.  \n  \nValid SKB_GSO_FRAGLIST skbs  \n- consist of two or more segments  \n- the head_skb holds the protocol headers plus first gso_size  \n- one or more frag_list skbs hold exactly one segment  \n- all but the last must be gso_size  \n  \nOptional datapath hooks such as NAT and BPF (bpf_skb_pull_data) can  \nmodify these skbs, breaking these invariants.  \n  \nIn extreme cases they pull all data into skb linear. For UDP, this  \ncauses a NULL ptr deref in __udpv4_gso_segment_list_csum at  \nudp_hdr(seg->next)->dest.  \n  \nDetect invalid geometry due to pull, by checking head_skb size.  \nDon't just drop, as this may blackhole a destination. Convert to be  \nable to pass to regular skb_segment. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"21 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-21T21:02:15.000000Z"}, {"uuid": "284bd400-6fe9-4470-9cde-2eb632f8e256", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49973", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-226-07", "content": "", "creation_timestamp": "2025-08-14T10:00:00.000000Z"}, {"uuid": "315b0e79-0813-47c5-b410-cbc6ebc88558", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49975", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-226-07", "content": "", "creation_timestamp": "2025-08-14T10:00:00.000000Z"}, {"uuid": "a5e7d57c-4460-4e8f-a76c-ba50821f8e35", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2024-49970", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/", "content": "", "creation_timestamp": "2026-03-19T00:00:00.000000Z"}, {"uuid": "8f7a747b-1ddb-4116-8e61-a82efb18fb8d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2024-49978", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/", "content": "", "creation_timestamp": "2026-03-19T00:00:00.000000Z"}, {"uuid": "baf21220-0c52-437b-b232-6c7c4c9e3691", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49974", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/16649", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-49974\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: In the Linux kernel, the following vulnerability has been resolved:\n\nNFSD: Limit the number of concurrent async COPY operations\n\nNothing appears to limit the number of concurrent async COPY\noperations that clients can start. In addition, AFAICT each async\nCOPY can copy an unlimited number of 4MB chunks, so can run for a\nlong time. Thus IMO async COPY can become a DoS vector.\n\nAdd a restriction mechanism that bounds the number of concurrent\nbackground COPY operations. Start simple and try to be fair -- this\npatch implements a per-namespace limit.\n\nAn async COPY request that occurs while this limit is exceeded gets\nNFS4ERR_DELAY. The requesting client can choose to send the request\nagain after a delay or fall back to a traditional read/write style\ncopy.\n\nIf there is need to make the mechanism more sophisticated, we can\nvisit that in future patches.\n\ud83d\udccf Published: 2024-10-21T18:02:22.392Z\n\ud83d\udccf Modified: 2025-05-16T07:25:07.039Z\n\ud83d\udd17 References:\n1. https://git.kernel.org/stable/c/9e52ff544e0bfa09ee339fd7b0937ee3c080c24e\n2. https://git.kernel.org/stable/c/43e46ee5efc03990b223f7aa8b77aa9c3d3acfdf\n3. https://git.kernel.org/stable/c/7ea9260874b779637aff6d24c344b8ef4ac862a0\n4. https://git.kernel.org/stable/c/ae267989b7b7933dfedcd26468d0a88fc3a9da9e\n5. https://git.kernel.org/stable/c/b4e21431a0db4854b5023cd5af001be557e6c3db\n6. https://git.kernel.org/stable/c/6a488ad7745b8f64625c6d3a24ce7e448e83f11b\n7. https://git.kernel.org/stable/c/aadc3bbea163b6caaaebfdd2b6c4667fbc726752", "creation_timestamp": "2025-05-16T07:34:00.000000Z"}, {"uuid": "4f49680d-80f5-4fdd-b5d4-3b356e34357d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49971", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-226-07", "content": "", "creation_timestamp": "2025-08-14T10:00:00.000000Z"}, {"uuid": "4ba62262-ad12-408e-8c09-9c5d14ae8e4d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49977", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-226-07", "content": "", "creation_timestamp": "2025-08-14T10:00:00.000000Z"}]}