{"vulnerability": "cve-2024-5670", "sightings": [{"uuid": "7c69918f-7544-4690-b152-986b313868cf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56705", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-226-07", "content": "", "creation_timestamp": "2025-08-14T10:00:00.000000Z"}, {"uuid": "c35d6e93-792c-4fab-81f8-e2b5d5ec3d77", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2024-56707", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/", "content": "", "creation_timestamp": "2026-03-19T00:00:00.000000Z"}, {"uuid": "ea258edf-3b5d-4559-87b0-72d3d6b603e6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2024-56709", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/", "content": "", "creation_timestamp": "2026-03-19T00:00:00.000000Z"}, {"uuid": "303c118f-828b-451b-8abc-235db799fd1a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2024-56703", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/", "content": "", "creation_timestamp": "2026-03-19T00:00:00.000000Z"}, {"uuid": "f80c0ee7-a50f-4842-bb9e-babbe20923a1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-5670", "type": "published-proof-of-concept", "source": "https://t.me/HackingInsights/8021", "content": "\u200aCVE-2024-5670 (CVSS 9.8): Critical Vulnerability Exposes Softnext Email Systems to Attack\n\nhttps://securityonline.info/cve-2024-5670-cvss-9-8-critical-vulnerability-exposes-softnext-email-systems-to-attack/", "creation_timestamp": "2024-07-31T10:57:47.000000Z"}, {"uuid": "bae167dc-5c09-49ff-b2d4-d93eac2f6b7e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-5670", "type": "seen", "source": "https://t.me/GrayHatsHack/8433", "content": "\u26a1CVE-2024-5670 (CVSS 9.8): Critical Vulnerability Exposes Softnext Email Systems to Attack.\n\n#CyberBulletin", "creation_timestamp": "2024-07-31T17:44:52.000000Z"}, {"uuid": "94a223aa-8943-458c-9f8c-11f2f32fd5ad", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56704", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-226-07", "content": "", "creation_timestamp": "2025-08-14T10:00:00.000000Z"}, {"uuid": "b21b5e99-f91d-4e87-afb5-95d08e32d7ac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56700", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-226-07", "content": "", "creation_timestamp": "2025-08-14T10:00:00.000000Z"}, {"uuid": "cc0bc6e7-8b9f-479d-a2df-e8795511d0c1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56701", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-226-07", "content": "", "creation_timestamp": "2025-08-14T10:00:00.000000Z"}, {"uuid": "7e70c095-7ac3-40c2-afde-e5597a1a00a6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56703", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/816dcc8e-f25a-4895-9b59-1bbd9caeccb8", "content": "", "creation_timestamp": "2025-12-03T14:14:49.267740Z"}, {"uuid": "24e0c7e4-7ad6-40f6-9234-dd9ed080244d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56701", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/816dcc8e-f25a-4895-9b59-1bbd9caeccb8", "content": "", "creation_timestamp": "2025-12-03T14:14:49.267740Z"}, {"uuid": "1af11ae8-a007-4567-a210-12d31784be6e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56709", "type": "seen", "source": "https://t.me/cvedetector/13871", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-56709 - \"Linux Kernel io_uring Task Work \u2013 Deadlock Prevention\"\", \n  \"Content\": \"CVE ID : CVE-2024-56709 \nPublished : Dec. 29, 2024, 9:15 a.m. | 24\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved:  \n  \nio_uring: check if iowq is killed before queuing  \n  \ntask work can be executed after the task has gone through io_uring  \ntermination, whether it's the final task_work run or the fallback path.  \nIn this case, task work will find ->io_wq being already killed and  \nnull'ed, which is a problem if it then tries to forward the request to  \nio_queue_iowq(). Make io_queue_iowq() fail requests in this case.  \n  \nNote that it also checks PF_KTHREAD, because the user can first close  \na DEFER_TASKRUN ring and shortly after kill the task, in which case  \n->iowq check would race. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"29 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-29T10:41:23.000000Z"}, {"uuid": "b20ec052-4a39-4ed6-a8e4-8731becf4a9b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56700", "type": "seen", "source": "https://t.me/cvedetector/13832", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-56700 - Linux Kernel WL128x Atomicity Violation\", \n  \"Content\": \"CVE ID : CVE-2024-56700 \nPublished : Dec. 28, 2024, 10:15 a.m. | 44\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved:  \n  \nmedia: wl128x: Fix atomicity violation in fmc_send_cmd()  \n  \nAtomicity violation occurs when the fmc_send_cmd() function is executed  \nsimultaneously with the modification of the fmdev->resp_skb value.  \nConsider a scenario where, after passing the validity check within the  \nfunction, a non-null fmdev->resp_skb variable is assigned a null value.  \nThis results in an invalid fmdev->resp_skb variable passing the validity  \ncheck. As seen in the later part of the function, skb = fmdev->resp_skb;  \nwhen the invalid fmdev->resp_skb passes the check, a null pointer  \ndereference error may occur at line 478, evt_hdr = (void *)skb->data;  \n  \nTo address this issue, it is recommended to include the validity check of  \nfmdev->resp_skb within the locked section of the function. This  \nmodification ensures that the value of fmdev->resp_skb does not change  \nduring the validation process, thereby maintaining its validity.  \n  \nThis possible bug is found by an experimental static analysis tool  \ndeveloped by our team. This tool analyzes the locking APIs  \nto extract function pairs that can be concurrently executed, and then  \nanalyzes the instructions in the paired functions to identify possible  \nconcurrency bugs including data races and atomicity violations. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"28 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-28T12:05:56.000000Z"}, {"uuid": "b002b1bf-cad6-40df-8aed-6a490ef01540", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56702", "type": "seen", "source": "https://t.me/cvedetector/13834", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-56702 - Linux Kernel BPF PTR_MAYBE_NULL Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-56702 \nPublished : Dec. 28, 2024, 10:15 a.m. | 44\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved:  \n  \nbpf: Mark raw_tp arguments with PTR_MAYBE_NULL  \n  \nArguments to a raw tracepoint are tagged as trusted, which carries the  \nsemantics that the pointer will be non-NULL.  However, in certain cases,  \na raw tracepoint argument may end up being NULL. More context about this  \nissue is available in [0].  \n  \nThus, there is a discrepancy between the reality, that raw_tp arguments  \ncan actually be NULL, and the verifier's knowledge, that they are never  \nNULL, causing explicit NULL checks to be deleted, and accesses to such  \npointers potentially crashing the kernel.  \n  \nTo fix this, mark raw_tp arguments as PTR_MAYBE_NULL, and then special  \ncase the dereference and pointer arithmetic to permit it, and allow  \npassing them into helpers/kfuncs; these exceptions are made for raw_tp  \nprograms only. Ensure that we don't do this when ref_obj_id > 0, as in  \nthat case this is an acquired object and doesn't need such adjustment.  \n  \nThe reason we do mask_raw_tp_trusted_reg logic is because other will  \nrecheck in places whether the register is a trusted_reg, and then  \nconsider our register as untrusted when detecting the presence of the  \nPTR_MAYBE_NULL flag.  \n  \nTo allow safe dereference, we enable PROBE_MEM marking when we see loads  \ninto trusted pointers with PTR_MAYBE_NULL.  \n  \nWhile trusted raw_tp arguments can also be passed into helpers or kfuncs  \nwhere such broken assumption may cause issues, a future patch set will  \ntackle their case separately, as PTR_TO_BTF_ID (without PTR_TRUSTED) can  \nalready be passed into helpers and causes similar problems. Thus, they  \nare left alone for now.  \n  \nIt is possible that these checks also permit passing non-raw_tp args  \nthat are trusted PTR_TO_BTF_ID with null marking. In such a case,  \nallowing dereference when pointer is NULL expands allowed behavior, so  \nwon't regress existing programs, and the case of passing these into  \nhelpers is the same as above and will be dealt with later.  \n  \nAlso update the failure case in tp_btf_nullable selftest to capture the  \nnew behavior, as the verifier will no longer cause an error when  \ndirectly dereference a raw tracepoint argument marked as __nullable.  \n  \n  [0]:  \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"28 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-28T12:06:00.000000Z"}, {"uuid": "ba63719a-2d25-425f-85f7-8a5ab782f890", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56701", "type": "seen", "source": "https://t.me/cvedetector/13833", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-56701 - IBM pSeries POWER9 DTL Access Lock Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-56701 \nPublished : Dec. 28, 2024, 10:15 a.m. | 44\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved:  \n  \npowerpc/pseries: Fix dtl_access_lock to be a rw_semaphore  \n  \nThe dtl_access_lock needs to be a rw_sempahore, a sleeping lock, because  \nthe code calls kmalloc() while holding it, which can sleep:  \n  \n  # echo 1 > /proc/powerpc/vcpudispatch_stats  \n  BUG: sleeping function called from invalid context at include/linux/sched/mm.h:337  \n  in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 199, name: sh  \n  preempt_count: 1, expected: 0  \n  3 locks held by sh/199:  \n   #0: c00000000a0743f8 (sb_writers#3){.+.+}-{0:0}, at: vfs_write+0x324/0x438  \n   #1: c0000000028c7058 (dtl_enable_mutex){+.+.}-{3:3}, at: vcpudispatch_stats_write+0xd4/0x5f4  \n   #2: c0000000028c70b8 (dtl_access_lock){+.+.}-{2:2}, at: vcpudispatch_stats_write+0x220/0x5f4  \n  CPU: 0 PID: 199 Comm: sh Not tainted 6.10.0-rc4 #152  \n  Hardware name: IBM pSeries (emulated by qemu) POWER9 (raw) 0x4e1202 0xf000005 of:SLOF,HEAD hv:linux,kvm pSeries  \n  Call Trace:  \n    dump_stack_lvl+0x130/0x148 (unreliable)  \n    __might_resched+0x174/0x410  \n    kmem_cache_alloc_noprof+0x340/0x3d0  \n    alloc_dtl_buffers+0x124/0x1ac  \n    vcpudispatch_stats_write+0x2a8/0x5f4  \n    proc_reg_write+0xf4/0x150  \n    vfs_write+0xfc/0x438  \n    ksys_write+0x88/0x148  \n    system_call_exception+0x1c4/0x5a0  \n    system_call_common+0xf4/0x258 \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"28 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-28T12:05:57.000000Z"}, {"uuid": "5c5a0bf7-7856-4ea2-ae52-65cc5e59d228", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56704", "type": "seen", "source": "https://t.me/cvedetector/13830", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-56704 - Apache Linux Xen Device IRQ Free Double-Freed Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-56704 \nPublished : Dec. 28, 2024, 10:15 a.m. | 44\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved:  \n  \n9p/xen: fix release of IRQ  \n  \nKernel logs indicate an IRQ was double-freed.  \n  \nPass correct device ID during IRQ release.  \n  \n[Dominique: remove confusing variable reset to 0] \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"28 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-28T12:05:55.000000Z"}, {"uuid": "85bfe0ab-7b32-4752-a326-2f2c3e3ebe2a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56703", "type": "published-proof-of-concept", "source": "https://t.me/cvedetector/13828", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-56703 - Linux Kernel IPv6 Fib6 Select Path Soft Lockup\", \n  \"Content\": \"CVE ID : CVE-2024-56703 \nPublished : Dec. 28, 2024, 10:15 a.m. | 44\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved:  \n  \nipv6: Fix soft lockups in fib6_select_path under high next hop churn  \n  \nSoft lockups have been observed on a cluster of Linux-based edge routers  \nlocated in a highly dynamic environment. Using the `bird` service, these  \nrouters continuously update BGP-advertised routes due to frequently  \nchanging nexthop destinations, while also managing significant IPv6  \ntraffic. The lockups occur during the traversal of the multipath  \ncircular linked-list in the `fib6_select_path` function, particularly  \nwhile iterating through the siblings in the list. The issue typically  \narises when the nodes of the linked list are unexpectedly deleted  \nconcurrently on a different core\u2014indicated by their 'next' and  \n'previous' elements pointing back to the node itself and their reference  \ncount dropping to zero. This results in an infinite loop, leading to a  \nsoft lockup that triggers a system panic via the watchdog timer.  \n  \nApply RCU primitives in the problematic code sections to resolve the  \nissue. Where necessary, update the references to fib6_siblings to  \nannotate or use the RCU APIs.  \n  \nInclude a test script that reproduces the issue. The script  \nperiodically updates the routing table while generating a heavy load  \nof outgoing IPv6 traffic through multiple iperf3 clients. It  \nconsistently induces infinite soft lockups within a couple of minutes.  \n  \nKernel log:  \n  \n 0 [ffffbd13003e8d30] machine_kexec at ffffffff8ceaf3eb  \n 1 [ffffbd13003e8d90] __crash_kexec at ffffffff8d0120e3  \n 2 [ffffbd13003e8e58] panic at ffffffff8cef65d4  \n 3 [ffffbd13003e8ed8] watchdog_timer_fn at ffffffff8d05cb03  \n 4 [ffffbd13003e8f08] __hrtimer_run_queues at ffffffff8cfec62f  \n 5 [ffffbd13003e8f70] hrtimer_interrupt at ffffffff8cfed756  \n 6 [ffffbd13003e8fd0] __sysvec_apic_timer_interrupt at ffffffff8cea01af  \n 7 [ffffbd13003e8ff0] sysvec_apic_timer_interrupt at ffffffff8df1b83d  \n--  --  \n 8 [ffffbd13003d3708] asm_sysvec_apic_timer_interrupt at ffffffff8e000ecb  \n    [exception RIP: fib6_select_path+299]  \n    RIP: ffffffff8ddafe7b  RSP: ffffbd13003d37b8  RFLAGS: 00000287  \n    RAX: ffff975850b43600  RBX: ffff975850b40200  RCX: 0000000000000000  \n    RDX: 000000003fffffff  RSI: 0000000051d383e4  RDI: ffff975850b43618  \n    RBP: ffffbd13003d3800   R8: 0000000000000000   R9: ffff975850b40200  \n    R10: 0000000000000000  R11: 0000000000000000  R12: ffffbd13003d3830  \n    R13: ffff975850b436a8  R14: ffff975850b43600  R15: 0000000000000007  \n    ORIG_RAX: ffffffffffffffff  CS: 0010  SS: 0018  \n 9 [ffffbd13003d3808] ip6_pol_route at ffffffff8ddb030c  \n10 [ffffbd13003d3888] ip6_pol_route_input at ffffffff8ddb068c  \n11 [ffffbd13003d3898] fib6_rule_lookup at ffffffff8ddf02b5  \n12 [ffffbd13003d3928] ip6_route_input at ffffffff8ddb0f47  \n13 [ffffbd13003d3a18] ip6_rcv_finish_core.constprop.0 at ffffffff8dd950d0  \n14 [ffffbd13003d3a30] ip6_list_rcv_finish.constprop.0 at ffffffff8dd96274  \n15 [ffffbd13003d3a98] ip6_sublist_rcv at ffffffff8dd96474  \n16 [ffffbd13003d3af8] ipv6_list_rcv at ffffffff8dd96615  \n17 [ffffbd13003d3b60] __netif_receive_skb_list_core at ffffffff8dc16fec  \n18 [ffffbd13003d3be0] netif_receive_skb_list_internal at ffffffff8dc176b3  \n19 [ffffbd13003d3c50] napi_gro_receive at ffffffff8dc565b9  \n20 [ffffbd13003d3c80] ice_receive_skb at ffffffffc087e4f5 [ice]  \n21 [ffffbd13003d3c90] ice_clean_rx_irq at ffffffffc0881b80 [ice]  \n22 [ffffbd13003d3d20] ice_napi_poll at ffffffffc088232f [ice]  \n23 [ffffbd13003d3d80] __napi_poll at ffffffff8dc18000  \n24 [ffffbd13003d3db8] net_rx_action at ffffffff8dc18581  \n25 [ffffbd13003d3e40] __do_softirq at ffffffff8df352e9  \n26 [ffffbd13003d3eb0] run_ksoftirqd at ffffffff8ceffe47  \n27 [ffffbd13003d3ec0] smpboot_thread_fn at ffffffff8cf36a30  \n28 [ffffbd13003d3ee8] kthread at fffff[...]", "creation_timestamp": "2024-12-28T12:05:50.000000Z"}, {"uuid": "51846b55-8cbe-4c33-bfda-744e99f247d7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56705", "type": "seen", "source": "https://t.me/cvedetector/13826", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-56705 - Atomisp Rgb Data Allocation Denial of Service Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-56705 \nPublished : Dec. 28, 2024, 10:15 a.m. | 44\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved:  \n  \nmedia: atomisp: Add check for rgby_data memory allocation failure  \n  \nIn ia_css_3a_statistics_allocate(), there is no check on the allocation  \nresult of the rgby_data memory. If rgby_data is not successfully  \nallocated, it may trigger the assert(host_stats->rgby_data) assertion in  \nia_css_s3a_hmem_decode(). Adding a check to fix this potential issue. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"28 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-28T12:05:48.000000Z"}, {"uuid": "56770d8f-befe-4ed0-a08f-69845d2de13a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56707", "type": "seen", "source": "https://t.me/cvedetector/13825", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-56707 - Cavium Networks Octeontx2 Linux Kernel Uninitialized Pointer Vuln\", \n  \"Content\": \"CVE ID : CVE-2024-56707 \nPublished : Dec. 28, 2024, 10:15 a.m. | 44\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved:  \n  \nocteontx2-pf: handle otx2_mbox_get_rsp errors in otx2_dmac_flt.c  \n  \nAdd error pointer checks after calling otx2_mbox_get_rsp(). \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"28 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-28T12:05:48.000000Z"}, {"uuid": "14415425-21dd-49cd-9e35-29baf8f82a48", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56708", "type": "seen", "source": "https://t.me/cvedetector/13824", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-56708 - Intel EDAC Memory Corruption Double Free Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-56708 \nPublished : Dec. 28, 2024, 10:15 a.m. | 44\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved:  \n  \nEDAC/igen6: Avoid segmentation fault on module unload  \n  \nThe segmentation fault happens because:  \n  \nDuring modprobe:  \n1. In igen6_probe(), igen6_pvt will be allocated with kzalloc()  \n2. In igen6_register_mci(), mci->pvt_info will point to  \n   &igen6_pvt->imc[mc]  \n  \nDuring rmmod:  \n1. In mci_release() in edac_mc.c, it will kfree(mci->pvt_info)  \n2. In igen6_remove(), it will kfree(igen6_pvt);  \n  \nFix this issue by setting mci->pvt_info to NULL to avoid the double  \nkfree. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"28 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-28T12:05:47.000000Z"}, {"uuid": "70845fe6-8dd5-4501-8d0d-bbdbb1efe348", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-5670", "type": "seen", "source": "https://t.me/cvedetector/1797", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-5670 - Softnext Mail SQR Expert and Mail Archiving Expert Remote Command Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-5670 \nPublished : July 29, 2024, 3:15 a.m. | 38\u00a0minutes ago \nDescription : The web services of Softnext's products, Mail SQR Expert and Mail Archiving Expert do not properly validate user input, allowing unauthenticated remote attackers to inject arbitrary OS commands and execute them on the remote server. \nSeverity: 9.8 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"29 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-29T06:15:20.000000Z"}, {"uuid": "0d5a5974-5bef-4edb-8503-fbdf22f90e21", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-5670", "type": "seen", "source": "https://t.me/GrayHatsHack/7121", "content": "\u26a1CVE-2024-5670 (CVSS 9.8): Critical Vulnerability Exposes Softnext Email Systems to Attack.\n\n#CyberBulletin", "creation_timestamp": "2024-07-31T17:44:52.000000Z"}, {"uuid": "2530e882-7b62-4d4c-b0e7-828a07cdd205", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56701", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3leebjm5nrs2l", "content": "", "creation_timestamp": "2024-12-28T10:16:25.268867Z"}, {"uuid": "367b46c6-002e-4af2-9a2c-6ea05537692d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56705", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3leebjvenhh2c", "content": "", "creation_timestamp": "2024-12-28T10:16:35.031770Z"}, {"uuid": "f9a543b1-67ff-475a-b6db-1d14722862bb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56700", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3leebjk3bj52k", "content": "", "creation_timestamp": "2024-12-28T10:16:23.447798Z"}, {"uuid": "18b175b7-cfa7-4125-824b-75ee39a3e10a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56702", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3leebjokj7z2f", "content": "", "creation_timestamp": "2024-12-28T10:16:27.635536Z"}, {"uuid": "c602e683-86e6-447a-98b2-89bcac49b6bc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56703", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3leebjr5fw725", "content": "", "creation_timestamp": "2024-12-28T10:16:30.604696Z"}, {"uuid": "647c0305-70e7-41eb-bf60-1bb5adc4d3bf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56704", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3leebjtaw4p2m", "content": "", "creation_timestamp": "2024-12-28T10:16:32.662535Z"}, {"uuid": "f7e6e112-2c29-42f0-af21-fd441a8d2c97", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56706", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3leebjxgdw425", "content": "", "creation_timestamp": "2024-12-28T10:16:37.029930Z"}, {"uuid": "42cbb78f-0cd7-4e72-9846-22b6ec46aa77", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56707", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3leebk26xeu22", "content": "", "creation_timestamp": "2024-12-28T10:16:39.920691Z"}, {"uuid": "88ee47b0-1387-4ce1-9301-92776e2c9df9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56708", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3leebk4gnih25", "content": "", "creation_timestamp": "2024-12-28T10:16:42.575204Z"}, {"uuid": "512455e9-4d5f-4bf2-80c4-d79e71209e31", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56700", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113730191718005783", "content": "", "creation_timestamp": "2024-12-28T11:23:26.097296Z"}, {"uuid": "81eb0312-10e8-4bd3-8e91-82d2b7ab7887", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56701", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113730191751771062", "content": "", "creation_timestamp": "2024-12-28T11:23:26.599625Z"}, {"uuid": "6a472df1-4bae-4004-af0b-ec5ffbb4f8d6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56706", "type": "seen", "source": "https://t.me/cvedetector/13827", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-56706 - IBM s390 CPUM SF Mutex Deadlock\", \n  \"Content\": \"CVE ID : CVE-2024-56706 \nPublished : Dec. 28, 2024, 10:15 a.m. | 44\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved:  \n  \ns390/cpum_sf: Fix and protect memory allocation of SDBs with mutex  \n  \nReservation of the PMU hardware is done at first event creation  \nand is protected by a pair of mutex_lock() and mutex_unlock().  \nAfter reservation of the PMU hardware the memory  \nrequired for the PMUs the event is to be installed on is  \nallocated by allocate_buffers() and alloc_sampling_buffer().  \nThis done outside of the mutex protection.  \nWithout mutex protection two or more concurrent invocations of  \nperf_event_init() may run in parallel.  \nThis can lead to allocation of Sample Data Blocks (SDBs)  \nmultiple times for the same PMU.  \nPrevent this and protect memory allocation of SDBs by  \nmutex. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"28 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-28T12:05:49.000000Z"}, {"uuid": "d82684e0-e521-4f95-9633-6e0038d53f78", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-5670", "type": "seen", "source": "https://t.me/CyberBulletin/230", "content": "\u26a1CVE-2024-5670 (CVSS 9.8): Critical Vulnerability Exposes Softnext Email Systems to Attack.\n\n#CyberBulletin", "creation_timestamp": "2024-07-31T17:34:43.000000Z"}, {"uuid": "fb244e53-fa4a-4ca6-bc78-b3b71fb3e0f4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56702", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113730191767038459", "content": "", "creation_timestamp": "2024-12-28T11:23:26.967557Z"}, {"uuid": "f0f74d94-95a7-4d4f-9431-8b11a29a3b11", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56703", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113730191781640542", "content": "", "creation_timestamp": "2024-12-28T11:23:27.175975Z"}, {"uuid": "9e71850e-9e4e-429f-b7e5-01c676ebb1b5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56704", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113730250799387227", "content": "", "creation_timestamp": "2024-12-28T11:38:27.468664Z"}, {"uuid": "ee530c30-2a53-4dee-a937-c79054599363", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56705", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113730250813341697", "content": "", "creation_timestamp": "2024-12-28T11:38:28.020763Z"}, {"uuid": "d3c695c1-477f-4bc0-b1c0-586f08f51675", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56707", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113730250862418907", "content": "", "creation_timestamp": "2024-12-28T11:38:28.475080Z"}, {"uuid": "153c9e74-fb8e-4e18-a621-6291a10a8b67", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56706", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113730250846716601", "content": "", "creation_timestamp": "2024-12-28T11:38:28.638711Z"}, {"uuid": "7f9d66a7-70ae-4c96-aeb7-9eb39671cf13", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56708", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113730309866647893", "content": "", "creation_timestamp": "2024-12-28T11:53:28.896536Z"}, {"uuid": "f7028d46-b9c4-43ae-86e1-7658ca45b203", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56708", "type": "seen", "source": "https://infosec.exchange/users/vuldb/statuses/113730870514196193", "content": "", "creation_timestamp": "2024-12-28T14:16:03.512083Z"}, {"uuid": "05626448-0f3b-4f35-98a3-9f375ed8e5d9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56709", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113735233649687880", "content": "", "creation_timestamp": "2024-12-29T08:45:39.822460Z"}, {"uuid": "8bdca0f9-78b5-49d7-a588-4ddeb6deb729", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56709", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3legolj6z432c", "content": "", "creation_timestamp": "2024-12-29T09:15:27.354335Z"}]}