{"vulnerability": "cve-2024-5791", "sightings": [{"uuid": "0c9d7103-88bd-4c49-9aee-ea6d2e93ef27", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-57911", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/2341", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-57911\n\ud83d\udd39 Description: In the Linux kernel, the following vulnerability has been resolved:\n\niio: dummy: iio_simply_dummy_buffer: fix information leak in triggered buffer\n\nThe 'data' array is allocated via kmalloc() and it is used to push data\nto user space from a triggered buffer, but it does not set values for\ninactive channels, as it only uses iio_for_each_active_channel()\nto assign new values.\n\nUse kzalloc for the memory allocation to avoid pushing uninitialized\ninformation to userspace.\n\ud83d\udccf Published: 2025-01-19T11:52:33.806Z\n\ud83d\udccf Modified: 2025-01-19T11:52:33.806Z\n\ud83d\udd17 References:\n1. https://git.kernel.org/stable/c/b0642d9c871aea1f28eb02cd84d60434df594f67\n2. https://git.kernel.org/stable/c/74058395b2c63c8a438cf199d09094b640f8c7f4\n3. https://git.kernel.org/stable/c/ea703cda36da0dacb9a2fd876370003197d8a019\n4. https://git.kernel.org/stable/c/333be433ee908a53f283beb95585dfc14c8ffb46", "creation_timestamp": "2025-01-19T11:58:36.000000Z"}, {"uuid": "26292aaa-4d7c-4085-9bc9-8b6d9b3095a6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-57912", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/2340", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-57912\n\ud83d\udd39 Description: In the Linux kernel, the following vulnerability has been resolved:\n\niio: pressure: zpa2326: fix information leak in triggered buffer\n\nThe 'sample' local struct is used to push data to user space from a\ntriggered buffer, but it has a hole between the temperature and the\ntimestamp (u32 pressure, u16 temperature, GAP, u64 timestamp).\nThis hole is never initialized.\n\nInitialize the struct to zero before using it to avoid pushing\nuninitialized information to userspace.\n\ud83d\udccf Published: 2025-01-19T11:52:34.490Z\n\ud83d\udccf Modified: 2025-01-19T11:52:34.490Z\n\ud83d\udd17 References:\n1. https://git.kernel.org/stable/c/b7849f62e61242e0e02c776e1109eb81e59c567c\n2. https://git.kernel.org/stable/c/fefb88a4da961a0b9c2473cbdcfce1a942fcfa9a\n3. https://git.kernel.org/stable/c/979a0db76ceda8fe1f2f85a116bfe97620ebbadf\n4. https://git.kernel.org/stable/c/6007d10c5262f6f71479627c1216899ea7f09073", "creation_timestamp": "2025-01-19T11:58:35.000000Z"}, {"uuid": "74ef2242-7bfd-4598-85bc-d4066fa7556e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-57915", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/2339", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-57915\n\ud83d\udd39 Description: In the Linux kernel, the following vulnerability has been resolved:\n\nusb: gadget: u_serial: Disable ep before setting port to null to fix the crash caused by port being null\n\nConsidering that in some extreme cases, when performing the\nunbinding operation, gserial_disconnect has cleared gser->ioport,\nwhich triggers gadget reconfiguration, and then calls gs_read_complete,\nresulting in access to a null pointer. Therefore, ep is disabled before\ngserial_disconnect sets port to null to prevent this from happening.\n\nCall trace:\n gs_read_complete+0x58/0x240\n usb_gadget_giveback_request+0x40/0x160\n dwc3_remove_requests+0x170/0x484\n dwc3_ep0_out_start+0xb0/0x1d4\n __dwc3_gadget_start+0x25c/0x720\n kretprobe_trampoline.cfi_jt+0x0/0x8\n kretprobe_trampoline.cfi_jt+0x0/0x8\n udc_bind_to_driver+0x1d8/0x300\n usb_gadget_probe_driver+0xa8/0x1dc\n gadget_dev_desc_UDC_store+0x13c/0x188\n configfs_write_iter+0x160/0x1f4\n vfs_write+0x2d0/0x40c\n ksys_write+0x7c/0xf0\n __arm64_sys_write+0x20/0x30\n invoke_syscall+0x60/0x150\n el0_svc_common+0x8c/0xf8\n do_el0_svc+0x28/0xa0\n el0_svc+0x24/0x84\n\ud83d\udccf Published: 2025-01-19T11:52:36.460Z\n\ud83d\udccf Modified: 2025-01-19T11:52:36.460Z\n\ud83d\udd17 References:\n1. https://git.kernel.org/stable/c/3d730e8758c75b68a0152ee1ac48a270ea6725b4\n2. https://git.kernel.org/stable/c/0c50f00cc29948184af05bda31392fff5821f4f3\n3. https://git.kernel.org/stable/c/8e122d780a0f19aefd700dbd0b0e3ed3af0ae97f\n4. https://git.kernel.org/stable/c/13014969cbf07f18d62ceea40bd8ca8ec9d36cec", "creation_timestamp": "2025-01-19T11:58:33.000000Z"}, {"uuid": "0bba6f20-5b53-4899-97b3-f4fd4b2c37a4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-57916", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/2338", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-57916\n\ud83d\udd39 Description: In the Linux kernel, the following vulnerability has been resolved:\n\nmisc: microchip: pci1xxxx: Resolve kernel panic during GPIO IRQ handling\n\nResolve kernel panic caused by improper handling of IRQs while\naccessing GPIO values. This is done by replacing generic_handle_irq with\nhandle_nested_irq.\n\ud83d\udccf Published: 2025-01-19T11:52:37.128Z\n\ud83d\udccf Modified: 2025-01-19T11:52:37.128Z\n\ud83d\udd17 References:\n1. https://git.kernel.org/stable/c/79aef6187e16b2d32307c8ff610e9e04f7f86e1f\n2. https://git.kernel.org/stable/c/25692750c0259c5b65afec467d97201a485e8a00\n3. https://git.kernel.org/stable/c/47d3749ec0cb56b7b98917c190a8c10cb54216fd\n4. https://git.kernel.org/stable/c/194f9f94a5169547d682e9bbcc5ae6d18a564735", "creation_timestamp": "2025-01-19T11:58:33.000000Z"}, {"uuid": "339a134f-6587-4c94-863a-250180aefed8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-57917", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/2337", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-57917\n\ud83d\udd39 Description: In the Linux kernel, the following vulnerability has been resolved:\n\ntopology: Keep the cpumask unchanged when printing cpumap\n\nDuring fuzz testing, the following warning was discovered:\n\n different return values (15 and 11) from vsnprintf(\"%*pbl\n \", ...)\n\n test:keyward is WARNING in kvasprintf\n WARNING: CPU: 55 PID: 1168477 at lib/kasprintf.c:30 kvasprintf+0x121/0x130\n Call Trace:\n kvasprintf+0x121/0x130\n kasprintf+0xa6/0xe0\n bitmap_print_to_buf+0x89/0x100\n core_siblings_list_read+0x7e/0xb0\n kernfs_file_read_iter+0x15b/0x270\n new_sync_read+0x153/0x260\n vfs_read+0x215/0x290\n ksys_read+0xb9/0x160\n do_syscall_64+0x56/0x100\n entry_SYSCALL_64_after_hwframe+0x78/0xe2\n\nThe call trace shows that kvasprintf() reported this warning during the\nprinting of core_siblings_list. kvasprintf() has several steps:\n\n (1) First, calculate the length of the resulting formatted string.\n\n (2) Allocate a buffer based on the returned length.\n\n (3) Then, perform the actual string formatting.\n\n (4) Check whether the lengths of the formatted strings returned in\n steps (1) and (2) are consistent.\n\nIf the core_cpumask is modified between steps (1) and (3), the lengths\nobtained in these two steps may not match. Indeed our test includes cpu\nhotplugging, which should modify core_cpumask while printing.\n\nTo fix this issue, cache the cpumask into a temporary variable before\ncalling cpumap_print_{list, cpumask}_to_buf(), to keep it unchanged\nduring the printing process.\n\ud83d\udccf Published: 2025-01-19T11:52:37.866Z\n\ud83d\udccf Modified: 2025-01-19T11:52:37.866Z\n\ud83d\udd17 References:\n1. https://git.kernel.org/stable/c/ca47e933a900492d89dcf5db18a99c28bd4a742d\n2. https://git.kernel.org/stable/c/b02cf1d27e460ab2b3e1c8c9ce472d562cad2e8d\n3. https://git.kernel.org/stable/c/360596e7fe319a5db1b5fb34a3952862ae53c924\n4. https://git.kernel.org/stable/c/cbd399f78e23ad4492c174fc5e6b3676dba74a52", "creation_timestamp": "2025-01-19T11:58:32.000000Z"}, {"uuid": "82c1d261-23f2-49c9-8e42-5bab8206c8ec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-57910", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/2342", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-57910\n\ud83d\udd39 Description: In the Linux kernel, the following vulnerability has been resolved:\n\niio: light: vcnl4035: fix information leak in triggered buffer\n\nThe 'buffer' local array is used to push data to userspace from a\ntriggered buffer, but it does not set an initial value for the single\ndata element, which is an u16 aligned to 8 bytes. That leaves at least\n4 bytes uninitialized even after writing an integer value with\nregmap_read().\n\nInitialize the array to zero before using it to avoid pushing\nuninitialized information to userspace.\n\ud83d\udccf Published: 2025-01-19T11:52:33.140Z\n\ud83d\udccf Modified: 2025-01-19T11:52:33.140Z\n\ud83d\udd17 References:\n1. https://git.kernel.org/stable/c/47d245be86492974db3aeb048609542167f56518\n2. https://git.kernel.org/stable/c/a15ea87d4337479c9446b5d71616f4668337afed\n3. https://git.kernel.org/stable/c/f6fb1c59776b4263634c472a5be8204c906ffc2c\n4. https://git.kernel.org/stable/c/47b43e53c0a0edf5578d5d12f5fc71c019649279", "creation_timestamp": "2025-01-19T11:58:40.000000Z"}, {"uuid": "2f9e2b0e-0a1e-434b-abdd-8cf87a29ae37", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-57911", "type": "seen", "source": "https://t.me/cvedetector/15857", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-57911 - VMware iio Information Leak Vulnerability\", \n \"Content\": \"CVE ID : CVE-2024-57911 \nPublished : Jan. 19, 2025, 12:15 p.m. | 36\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved: \n \niio: dummy: iio_simply_dummy_buffer: fix information leak in triggered buffer \n \nThe 'data' array is allocated via kmalloc() and it is used to push data \nto user space from a triggered buffer, but it does not set values for \ninactive channels, as it only uses iio_for_each_active_channel() \nto assign new values. \n \nUse kzalloc for the memory allocation to avoid pushing uninitialized \ninformation to userspace. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"19 Jan 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-19T13:58:32.000000Z"}, {"uuid": "e97c9cbb-74bb-4696-ad17-c3d765d94761", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-57912", "type": "seen", "source": "Telegram/zIDfRG2961OZaOSBhpyplHb8kRuQjZnOjJUAiEJAGZEZcle1", "content": "", "creation_timestamp": "2025-02-18T21:11:31.000000Z"}, {"uuid": "777a09fb-a58f-4321-85bd-b1fdfe46096b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-57915", "type": "seen", "source": "https://t.me/cvedetector/15862", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-57915 - \"Linux usb gadget: Null Pointer Vulnerability in u_serial\"\", \n \"Content\": \"CVE ID : CVE-2024-57915 \nPublished : Jan. 19, 2025, 12:15 p.m. | 36\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved: \n \nusb: gadget: u_serial: Disable ep before setting port to null to fix the crash caused by port being null \n \nConsidering that in some extreme cases, when performing the \nunbinding operation, gserial_disconnect has cleared gser->ioport, \nwhich triggers gadget reconfiguration, and then calls gs_read_complete, \nresulting in access to a null pointer. Therefore, ep is disabled before \ngserial_disconnect sets port to null to prevent this from happening. \n \nCall trace: \n gs_read_complete+0x58/0x240 \n usb_gadget_giveback_request+0x40/0x160 \n dwc3_remove_requests+0x170/0x484 \n dwc3_ep0_out_start+0xb0/0x1d4 \n __dwc3_gadget_start+0x25c/0x720 \n kretprobe_trampoline.cfi_jt+0x0/0x8 \n kretprobe_trampoline.cfi_jt+0x0/0x8 \n udc_bind_to_driver+0x1d8/0x300 \n usb_gadget_probe_driver+0xa8/0x1dc \n gadget_dev_desc_UDC_store+0x13c/0x188 \n configfs_write_iter+0x160/0x1f4 \n vfs_write+0x2d0/0x40c \n ksys_write+0x7c/0xf0 \n __arm64_sys_write+0x20/0x30 \n invoke_syscall+0x60/0x150 \n el0_svc_common+0x8c/0xf8 \n do_el0_svc+0x28/0xa0 \n el0_svc+0x24/0x84 \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"19 Jan 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-19T13:58:39.000000Z"}, {"uuid": "37067152-3ce0-458e-94d6-fd5e3c1f5a8c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-57918", "type": "seen", "source": "https://t.me/cvedetector/15864", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-57918 - AMD amdgpu DC Driver Page Fault Vulnerability\", \n \"Content\": \"CVE ID : CVE-2024-57918 \nPublished : Jan. 19, 2025, 12:15 p.m. | 36\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved: \n \ndrm/amd/display: fix page fault due to max surface definition mismatch \n \nDC driver is using two different values to define the maximum number of \nsurfaces: MAX_SURFACES and MAX_SURFACE_NUM. Consolidate MAX_SURFACES as \nthe unique definition for surface updates across DC. \n \nIt fixes page fault faced by Cosmic users on AMD display versions that \nsupport two overlay planes, since the introduction of cursor overlay \nmode. \n \n[Nov26 21:33] BUG: unable to handle page fault for address: 0000000051d0f08b \n[ +0.000015] #PF: supervisor read access in kernel mode \n[ +0.000006] #PF: error_code(0x0000) - not-present page \n[ +0.000005] PGD 0 P4D 0 \n[ +0.000007] Oops: Oops: 0000 [#1] PREEMPT SMP NOPTI \n[ +0.000006] CPU: 4 PID: 71 Comm: kworker/u32:6 Not tainted 6.10.0+ #300 \n[ +0.000006] Hardware name: Valve Jupiter/Jupiter, BIOS F7A0131 01/30/2024 \n[ +0.000007] Workqueue: events_unbound commit_work [drm_kms_helper] \n[ +0.000040] RIP: 0010:copy_stream_update_to_stream.isra.0+0x30d/0x750 [amdgpu] \n[ +0.000847] Code: 8b 10 49 89 94 24 f8 00 00 00 48 8b 50 08 49 89 94 24 00 01 00 00 8b 40 10 41 89 84 24 08 01 00 00 49 8b 45 78 48 85 c0 74 0b <0fb6 00 41 88 84 24 90 64 00 00 49 8b 45 60 48 85 c0 74 3b 48 8b \n[ +0.000010] RSP: 0018:ffffc203802f79a0 EFLAGS: 00010206 \n[ +0.000009] RAX: 0000000051d0f08b RBX: 0000000000000004 RCX: ffff9f964f0a8070 \n[ +0.000004] RDX: ffff9f9710f90e40 RSI: ffff9f96600c8000 RDI: ffff9f964f000000 \n[ +0.000004] RBP: ffffc203802f79f8 R08: 0000000000000000 R09: 0000000000000000 \n[ +0.000005] R10: 0000000000000000 R11: 0000000000000000 R12: ffff9f96600c8000 \n[ +0.000004] R13: ffff9f9710f90e40 R14: ffff9f964f000000 R15: ffff9f96600c8000 \n[ +0.000004] FS: 0000000000000000(0000) GS:ffff9f9970000000(0000) knlGS:0000000000000000 \n[ +0.000005] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 \n[ +0.000005] CR2: 0000000051d0f08b CR3: 00000002e6a20000 CR4: 0000000000350ef0 \n[ +0.000005] Call Trace: \n[ +0.000011] \n[ +0.000010] ? __die_body.cold+0x19/0x27 \n[ +0.000012] ? page_fault_oops+0x15a/0x2d0 \n[ +0.000014] ? exc_page_fault+0x7e/0x180 \n[ +0.000009] ? asm_exc_page_fault+0x26/0x30 \n[ +0.000013] ? copy_stream_update_to_stream.isra.0+0x30d/0x750 [amdgpu] \n[ +0.000739] ? dc_commit_state_no_check+0xd6c/0xe70 [amdgpu] \n[ +0.000470] update_planes_and_stream_state+0x49b/0x4f0 [amdgpu] \n[ +0.000450] ? srso_return_thunk+0x5/0x5f \n[ +0.000009] ? commit_minimal_transition_state+0x239/0x3d0 [amdgpu] \n[ +0.000446] update_planes_and_stream_v2+0x24a/0x590 [amdgpu] \n[ +0.000464] ? srso_return_thunk+0x5/0x5f \n[ +0.000009] ? sort+0x31/0x50 \n[ +0.000007] ? amdgpu_dm_atomic_commit_tail+0x159f/0x3a30 [amdgpu] \n[ +0.000508] ? srso_return_thunk+0x5/0x5f \n[ +0.000009] ? amdgpu_crtc_get_scanout_position+0x28/0x40 [amdgpu] \n[ +0.000377] ? srso_return_thunk+0x5/0x5f \n[ +0.000009] ? drm_crtc_vblank_helper_get_vblank_timestamp_internal+0x160/0x390 [drm] \n[ +0.000058] ? srso_return_thunk+0x5/0x5f \n[ +0.000005] ? dma_fence_default_wait+0x8c/0x260 \n[ +0.000010] ? srso_return_thunk+0x5/0x5f \n[ +0.000005] ? wait_for_completion_timeout+0x13b/0x170 \n[ +0.000006] ? srso_return_thunk+0x5/0x5f \n[ +0.000005] ? dma_fence_wait_timeout+0x108/0x140 \n[ +0.000010] ? commit_tail+0x94/0x130 [drm_kms_helper] \n[ +0.000024] ? process_one_work+0x177/0x330 \n[ +0.000008] ? worker_thread+0x266/0x3a0 \n[ +0.000006] ? __pfx_worker_thread+0x10/0x10 \n[ +0.000004] ? kthread+0xd2/0x100 \n[ +0.000006] ? __pfx_kthread+0x10/0x10 \n[ +0.000006] ? ret_from_fork+0x34/0x50 \n[ +0.000004] ? __pfx_kthread+0x10/0x10 \n[ +0.000005] ? ret_from_fork_asm+0x1a/0x30 \n[ +0.000011] \n \n(cherry picked from commit 1c86c81a86c6[...]", "creation_timestamp": "2025-01-19T13:59:18.000000Z"}, {"uuid": "fc718ec2-0ca2-4f70-9f08-7f96f312db82", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-57916", "type": "seen", "source": "https://t.me/cvedetector/15863", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-57916 - Microchip Linux PCI1xxxx GPIO Nested IRQ Handling Vulnerability\", \n \"Content\": \"CVE ID : CVE-2024-57916 \nPublished : Jan. 19, 2025, 12:15 p.m. | 36\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved: \n \nmisc: microchip: pci1xxxx: Resolve kernel panic during GPIO IRQ handling \n \nResolve kernel panic caused by improper handling of IRQs while \naccessing GPIO values. This is done by replacing generic_handle_irq with \nhandle_nested_irq. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"19 Jan 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-19T13:58:40.000000Z"}, {"uuid": "4adf8e41-57a8-47db-88d3-a90fe601d9bd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-57914", "type": "seen", "source": "https://t.me/cvedetector/15860", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-57914 - Linux Kernel USB Type-C Tcpci NULL Pointer Dereference Vulnerability\", \n \"Content\": \"CVE ID : CVE-2024-57914 \nPublished : Jan. 19, 2025, 12:15 p.m. | 36\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved: \n \nusb: typec: tcpci: fix NULL pointer issue on shared irq case \n \nThe tcpci_irq() may meet below NULL pointer dereference issue: \n \n[ 2.641851] Unable to handle kernel NULL pointer dereference at virtual address 0000000000000010 \n[ 2.641951] status 0x1, 0x37f \n[ 2.650659] Mem abort info: \n[ 2.656490] ESR = 0x0000000096000004 \n[ 2.660230] EC = 0x25: DABT (current EL), IL = 32 bits \n[ 2.665532] SET = 0, FnV = 0 \n[ 2.668579] EA = 0, S1PTW = 0 \n[ 2.671715] FSC = 0x04: level 0 translation fault \n[ 2.676584] Data abort info: \n[ 2.679459] ISV = 0, ISS = 0x00000004, ISS2 = 0x00000000 \n[ 2.684936] CM = 0, WnR = 0, TnD = 0, TagAccess = 0 \n[ 2.689980] GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0 \n[ 2.695284] [0000000000000010] user address but active_mm is swapper \n[ 2.701632] Internal error: Oops: 0000000096000004 [#1] PREEMPT SMP \n[ 2.707883] Modules linked in: \n[ 2.710936] CPU: 1 UID: 0 PID: 87 Comm: irq/111-2-0051 Not tainted 6.12.0-rc6-06316-g7f63786ad3d1-dirty #4 \n[ 2.720570] Hardware name: NXP i.MX93 11X11 EVK board (DT) \n[ 2.726040] pstate: 60400009 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) \n[ 2.732989] pc : tcpci_irq+0x38/0x318 \n[ 2.736647] lr : _tcpci_irq+0x14/0x20 \n[ 2.740295] sp : ffff80008324bd30 \n[ 2.743597] x29: ffff80008324bd70 x28: ffff800080107894 x27: ffff800082198f70 \n[ 2.750721] x26: ffff0000050e6680 x25: ffff000004d172ac x24: ffff0000050f0000 \n[ 2.757845] x23: ffff000004d17200 x22: 0000000000000001 x21: ffff0000050f0000 \n[ 2.764969] x20: ffff000004d17200 x19: 0000000000000000 x18: 0000000000000001 \n[ 2.772093] x17: 0000000000000000 x16: ffff80008183d8a0 x15: ffff00007fbab040 \n[ 2.779217] x14: ffff00007fb918c0 x13: 0000000000000000 x12: 000000000000017a \n[ 2.786341] x11: 0000000000000001 x10: 0000000000000a90 x9 : ffff80008324bd00 \n[ 2.793465] x8 : ffff0000050f0af0 x7 : ffff00007fbaa840 x6 : 0000000000000031 \n[ 2.800589] x5 : 000000000000017a x4 : 0000000000000002 x3 : 0000000000000002 \n[ 2.807713] x2 : ffff80008324bd3a x1 : 0000000000000010 x0 : 0000000000000000 \n[ 2.814838] Call trace: \n[ 2.817273] tcpci_irq+0x38/0x318 \n[ 2.820583] _tcpci_irq+0x14/0x20 \n[ 2.823885] irq_thread_fn+0x2c/0xa8 \n[ 2.827456] irq_thread+0x16c/0x2f4 \n[ 2.830940] kthread+0x110/0x114 \n[ 2.834164] ret_from_fork+0x10/0x20 \n[ 2.837738] Code: f9426420 f9001fe0 d2800000 52800201 (f9400a60) \n \nThis may happen on shared irq case. Such as two Type-C ports share one \nirq. After the first port finished tcpci_register_port(), it may trigger \ninterrupt. However, if the interrupt comes by chance the 2nd port finishes \ndevm_request_threaded_irq(), the 2nd port interrupt handler will run at \nfirst. Then the above issue happens due to tcpci is still a NULL pointer \nin tcpci_irq() when dereference to regmap. \n \n devm_request_threaded_irq() <--irq); \n tcpci_register_port() \n \nThis will restore the logic to the state before commit (77e85107a771 \"usb: \ntypec: tcpci: support edge irq\"). \n \nHowever, moving tcpci_register_port() earlier creates a problem when use \nedge irq because tcpci_init() will be called before \ndevm_request_threaded_irq(). The tcpci_init() writes the ALERT_MASK to \nthe hardware to tell it to start generating interrupts but we're not ready \nto deal with them yet, then the ALERT events may be missed and ALERT line \nwill not recover to high level forever. To avoid the issue, this will also \nset ALERT_MASK register after devm_request_threaded_irq() return. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection[...]", "creation_timestamp": "2025-01-19T13:58:37.000000Z"}, {"uuid": "c0e4f4ca-ae8e-498a-9d03-a167b40e021c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-57913", "type": "seen", "source": "https://t.me/cvedetector/15859", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-57913 - Linux USB gadget functionfs remote denial of service (DoS) Windows Panic\", \n \"Content\": \"CVE ID : CVE-2024-57913 \nPublished : Jan. 19, 2025, 12:15 p.m. | 36\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved: \n \nusb: gadget: f_fs: Remove WARN_ON in functionfs_bind \n \nThis commit addresses an issue related to below kernel panic where \npanic_on_warn is enabled. It is caused by the unnecessary use of WARN_ON \nin functionsfs_bind, which easily leads to the following scenarios. \n \n1.adb_write in adbd 2. UDC write via configfs \n ================= ===================== \n \n->usb_ffs_open_thread() ->UDC write \n ->open_functionfs() ->configfs_write_iter() \n ->adb_open() ->gadget_dev_desc_UDC_store() \n ->adb_write() ->usb_gadget_register_driver_owner \n ->driver_register() \n->StartMonitor() ->bus_add_driver() \n ->adb_read() ->gadget_bind_driver() \n ->configfs_composite_bind() \n ->usb_add_function() \n->open_functionfs() ->ffs_func_bind() \n ->adb_open() ->functionfs_bind() \n state !=FFS_ACTIVE> \n \nThe adb_open, adb_read, and adb_write operations are invoked from the \ndaemon, but trying to bind the function is a process that is invoked by \nUDC write through configfs, which opens up the possibility of a race \ncondition between the two paths. In this race scenario, the kernel panic \noccurs due to the WARN_ON from functionfs_bind when panic_on_warn is \nenabled. This commit fixes the kernel panic by removing the unnecessary \nWARN_ON. \n \nKernel panic - not syncing: kernel: panic_on_warn set ... \n[ 14.542395] Call trace: \n[ 14.542464] ffs_func_bind+0x1c8/0x14a8 \n[ 14.542468] usb_add_function+0xcc/0x1f0 \n[ 14.542473] configfs_composite_bind+0x468/0x588 \n[ 14.542478] gadget_bind_driver+0x108/0x27c \n[ 14.542483] really_probe+0x190/0x374 \n[ 14.542488] __driver_probe_device+0xa0/0x12c \n[ 14.542492] driver_probe_device+0x3c/0x220 \n[ 14.542498] __driver_attach+0x11c/0x1fc \n[ 14.542502] bus_for_each_dev+0x104/0x160 \n[ 14.542506] driver_attach+0x24/0x34 \n[ 14.542510] bus_add_driver+0x154/0x270 \n[ 14.542514] driver_register+0x68/0x104 \n[ 14.542518] usb_gadget_register_driver_owner+0x48/0xf4 \n[ 14.542523] gadget_dev_desc_UDC_store+0xf8/0x144 \n[ 14.542526] configfs_write_iter+0xf0/0x138 \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"19 Jan 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-19T13:58:36.000000Z"}, {"uuid": "d5a78647-e51e-4705-9473-dd35ad00bc45", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-57912", "type": "seen", "source": "https://t.me/cvedetector/15858", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-57912 - Oracle Linux Information Leaks Buffer\", \n \"Content\": \"CVE ID : CVE-2024-57912 \nPublished : Jan. 19, 2025, 12:15 p.m. | 36\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved: \n \niio: pressure: zpa2326: fix information leak in triggered buffer \n \nThe 'sample' local struct is used to push data to user space from a \ntriggered buffer, but it has a hole between the temperature and the \ntimestamp (u32 pressure, u16 temperature, GAP, u64 timestamp). \nThis hole is never initialized. \n \nInitialize the struct to zero before using it to avoid pushing \nuninitialized information to userspace. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"19 Jan 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-19T13:58:32.000000Z"}, {"uuid": "8726202b-ffca-49a7-aa15-33236b53a7cb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-57910", "type": "seen", "source": "https://t.me/cvedetector/15856", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-57910 - Linux IIO Light VCNL4035 Uninitialized Information Leak\", \n \"Content\": \"CVE ID : CVE-2024-57910 \nPublished : Jan. 19, 2025, 12:15 p.m. | 36\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved: \n \niio: light: vcnl4035: fix information leak in triggered buffer \n \nThe 'buffer' local array is used to push data to userspace from a \ntriggered buffer, but it does not set an initial value for the single \ndata element, which is an u16 aligned to 8 bytes. That leaves at least \n4 bytes uninitialized even after writing an integer value with \nregmap_read(). \n \nInitialize the array to zero before using it to avoid pushing \nuninitialized information to userspace. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"19 Jan 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-19T13:58:31.000000Z"}, {"uuid": "09e73ac4-8541-4443-865a-12f414d6d244", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-57919", "type": "seen", "source": "https://t.me/cvedetector/15853", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-57919 - AMDGPU Divide Error Vulnerability\", \n \"Content\": \"CVE ID : CVE-2024-57919 \nPublished : Jan. 19, 2025, 12:15 p.m. | 36\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved: \n \ndrm/amd/display: fix divide error in DM plane scale calcs \n \ndm_get_plane_scale doesn't take into account plane scaled size equal to \nzero, leading to a kernel oops due to division by zero. Fix by setting \nout-scale size as zero when the dst size is zero, similar to what is \ndone by drm_calc_scale(). This issue started with the introduction of \ncursor ovelay mode that uses this function to assess cursor mode changes \nvia dm_crtc_get_cursor_mode() before checking plane state. \n \n[Dec17 17:14] Oops: divide error: 0000 [#1] PREEMPT SMP NOPTI \n[ +0.000018] CPU: 5 PID: 1660 Comm: surface-DP-1 Not tainted 6.10.0+ #231 \n[ +0.000007] Hardware name: Valve Jupiter/Jupiter, BIOS F7A0131 01/30/2024 \n[ +0.000004] RIP: 0010:dm_get_plane_scale+0x3f/0x60 [amdgpu] \n[ +0.000553] Code: 44 0f b7 41 3a 44 0f b7 49 3e 83 e0 0f 48 0f a3 c2 73 21 69 41 28 e8 03 00 00 31 d2 41 f7 f1 31 d2 89 06 69 41 2c e8 03 00 00 <41f7 f0 89 07 e9 d7 d8 7e e9 44 89 c8 45 89 c1 41 89 c0 eb d4 66 \n[ +0.000005] RSP: 0018:ffffa8df0de6b8a0 EFLAGS: 00010246 \n[ +0.000006] RAX: 00000000000003e8 RBX: ffff9ac65c1f6e00 RCX: ffff9ac65d055500 \n[ +0.000003] RDX: 0000000000000000 RSI: ffffa8df0de6b8b0 RDI: ffffa8df0de6b8b4 \n[ +0.000004] RBP: ffff9ac64e7a5800 R08: 0000000000000000 R09: 0000000000000a00 \n[ +0.000003] R10: 00000000000000ff R11: 0000000000000054 R12: ffff9ac6d0700010 \n[ +0.000003] R13: ffff9ac65d054f00 R14: ffff9ac65d055500 R15: ffff9ac64e7a60a0 \n[ +0.000004] FS: 00007f869ea00640(0000) GS:ffff9ac970080000(0000) knlGS:0000000000000000 \n[ +0.000004] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 \n[ +0.000003] CR2: 000055ca701becd0 CR3: 000000010e7f2000 CR4: 0000000000350ef0 \n[ +0.000004] Call Trace: \n[ +0.000007] \n[ +0.000006] ? __die_body.cold+0x19/0x27 \n[ +0.000009] ? die+0x2e/0x50 \n[ +0.000007] ? do_trap+0xca/0x110 \n[ +0.000007] ? do_error_trap+0x6a/0x90 \n[ +0.000006] ? dm_get_plane_scale+0x3f/0x60 [amdgpu] \n[ +0.000504] ? exc_divide_error+0x38/0x50 \n[ +0.000005] ? dm_get_plane_scale+0x3f/0x60 [amdgpu] \n[ +0.000488] ? asm_exc_divide_error+0x1a/0x20 \n[ +0.000011] ? dm_get_plane_scale+0x3f/0x60 [amdgpu] \n[ +0.000593] dm_crtc_get_cursor_mode+0x33f/0x430 [amdgpu] \n[ +0.000562] amdgpu_dm_atomic_check+0x2ef/0x1770 [amdgpu] \n[ +0.000501] drm_atomic_check_only+0x5e1/0xa30 [drm] \n[ +0.000047] drm_mode_atomic_ioctl+0x832/0xcb0 [drm] \n[ +0.000050] ? __pfx_drm_mode_atomic_ioctl+0x10/0x10 [drm] \n[ +0.000047] drm_ioctl_kernel+0xb3/0x100 [drm] \n[ +0.000062] drm_ioctl+0x27a/0x4f0 [drm] \n[ +0.000049] ? __pfx_drm_mode_atomic_ioctl+0x10/0x10 [drm] \n[ +0.000055] amdgpu_drm_ioctl+0x4e/0x90 [amdgpu] \n[ +0.000360] __x64_sys_ioctl+0x97/0xd0 \n[ +0.000010] do_syscall_64+0x82/0x190 \n[ +0.000008] ? __pfx_drm_mode_createblob_ioctl+0x10/0x10 [drm] \n[ +0.000044] ? srso_return_thunk+0x5/0x5f \n[ +0.000006] ? drm_ioctl_kernel+0xb3/0x100 [drm] \n[ +0.000040] ? srso_return_thunk+0x5/0x5f \n[ +0.000005] ? __check_object_size+0x50/0x220 \n[ +0.000007] ? srso_return_thunk+0x5/0x5f \n[ +0.000005] ? srso_return_thunk+0x5/0x5f \n[ +0.000005] ? drm_ioctl+0x2a4/0x4f0 [drm] \n[ +0.000039] ? __pfx_drm_mode_createblob_ioctl+0x10/0x10 [drm] \n[ +0.000043] ? srso_return_thunk+0x5/0x5f \n[ +0.000005] ? srso_return_thunk+0x5/0x5f \n[ +0.000005] ? __pm_runtime_suspend+0x69/0xc0 \n[ +0.000006] ? srso_return_thunk+0x5/0x5f \n[ +0.000005] ? amdgpu_drm_ioctl+0x71/0x90 [amdgpu] \n[ +0.000366] ? srso_return_thunk+0x5/0x5f \n[ +0.000006] ? syscall_exit_to_user_mode+0x77/0x210 \n[ +0.000007] ? srso_return_thunk+0x5/0x5f \n[ +0.000005] ? do_syscall_64+0x8e/0x190 \n[ +0.000006] ? srso_return_thunk+0x5/0x5f \n[ +0.000006] ? do_syscall_64+0x8e/0x190 \n[ +0.00[...]", "creation_timestamp": "2025-01-19T13:58:28.000000Z"}, {"uuid": "591fcde6-3957-486d-81f0-ca98a11f0334", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-57910", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lg3shjxiii2e", "content": "", "creation_timestamp": "2025-01-19T12:15:54.930332Z"}, {"uuid": "89d5dd83-0729-4979-92ea-d0cea21c1fe0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-57911", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lg3shmqcky2b", "content": "", "creation_timestamp": "2025-01-19T12:15:57.943001Z"}, {"uuid": "80bdeee4-f72d-4c62-b196-66046cf864df", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-57912", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lg3shpf7ma2f", "content": "", "creation_timestamp": "2025-01-19T12:16:01.155129Z"}, {"uuid": "30d62ecd-a929-4203-8e18-50f469888b51", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-57913", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lg3shrgeh42j", "content": "", "creation_timestamp": "2025-01-19T12:16:02.834587Z"}, {"uuid": "f237a6e3-2cac-448b-8fd9-ff07f53f5ebd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-57914", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lg3shtos742p", "content": "", "creation_timestamp": "2025-01-19T12:16:05.364808Z"}, {"uuid": "02ecf9b9-6282-4551-85d4-035de02e3fee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-57915", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lg3shvrocj2s", "content": "", "creation_timestamp": "2025-01-19T12:16:07.492204Z"}, {"uuid": "f1c83b75-3d85-4751-8adf-d015a504ab09", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-57916", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lg3shygigy2f", "content": "", "creation_timestamp": "2025-01-19T12:16:10.138384Z"}, {"uuid": "03412b26-af1f-4e8b-b44c-def528d98529", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-57917", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lg3si2kl2t2t", "content": "", "creation_timestamp": "2025-01-19T12:16:12.481346Z"}, {"uuid": "cb8f5c6a-dbad-4faf-83eb-98f6c8333fb8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-57918", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lg3si4nugl2n", "content": "", "creation_timestamp": "2025-01-19T12:16:14.647153Z"}, {"uuid": "a2f8456d-19d8-4f2d-beb8-ec17cc6161f5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-57919", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lg3si6v2mv2f", "content": "", "creation_timestamp": "2025-01-19T12:16:16.963610Z"}, {"uuid": "3717e4df-13c1-4cc8-81d6-a5696e7ccfcf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-57918", "type": "seen", "source": "https://infosec.exchange/users/vuldb/statuses/113855034400687613", "content": "", "creation_timestamp": "2025-01-19T12:32:34.034639Z"}, {"uuid": "b529c511-7e13-466d-923c-af31f28c8f77", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-57913", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lg3ulnxynh2g", "content": "", "creation_timestamp": "2025-01-19T12:54:01.175174Z"}, {"uuid": "98d5f589-fa4f-4abe-90a1-d5a6848579c1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-57911", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lg3und5ge62q", "content": "", "creation_timestamp": "2025-01-19T12:54:56.611041Z"}, {"uuid": "a84924a5-03e6-4e65-a0e6-b0fdc9c83ecc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-57912", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lg3undtvo42u", "content": "", "creation_timestamp": "2025-01-19T12:54:58.564267Z"}, {"uuid": "f2384592-70a3-40a9-89ad-6efa5cb4272b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-57910", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lg3undy7pt2e", "content": "", "creation_timestamp": "2025-01-19T12:54:59.187368Z"}, {"uuid": "ab6411dd-7330-4cac-9a70-04b559d6a4e3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-57915", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lg3unedqlx2g", "content": "", "creation_timestamp": "2025-01-19T12:55:00.833600Z"}]}