[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2024-26597":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-04T08:53:30.047Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":23,"aliases":24,"duplicate_of":9,"upstream":25,"downstream":26,"duplicates":63,"related":64,"reserved_at":9,"published_at":70,"modified_at":71,"state":72,"summary":73,"references_raw":82,"kevs":126,"epss":127,"epss_history":130,"metrics":375,"affected":381},"CVE-2024-26597","In the Linux kernel, the following vulnerability has been resolved:\n\nnet: qualcomm: rmnet: fix global oob in rmnet_policy\n\nThe variable rmnet_link_ops assign a *bigger* maxtype which leads to a\nglobal out-of-bounds read when parsing the netlink attributes. See bug\ntrace below:\n\n==================================================================\nBUG: KASAN: global-out-of-bounds in validate_nla lib/nlattr.c:386 [inline]\nBUG: KASAN: global-out-of-bounds in __nla_validate_parse+0x24af/0x2750 lib/nlattr.c:600\nRead of size 1 at addr ffffffff92c438d0 by task syz-executor.6/84207\n\nCPU: 0 PID: 84207 Comm: syz-executor.6 Tainted: G                 N 6.1.0 #3\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.13.0-1ubuntu1.1 04/01/2014\nCall Trace:\n \u003CTASK>\n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0x8b/0xb3 lib/dump_stack.c:106\n print_address_description mm/kasan/report.c:284 [inline]\n print_report+0x172/0x475 mm/kasan/report.c:395\n kasan_report+0xbb/0x1c0 mm/kasan/report.c:495\n validate_nla lib/nlattr.c:386 [inline]\n __nla_validate_parse+0x24af/0x2750 lib/nlattr.c:600\n __nla_parse+0x3e/0x50 lib/nlattr.c:697\n nla_parse_nested_deprecated include/net/netlink.h:1248 [inline]\n __rtnl_newlink+0x50a/0x1880 net/core/rtnetlink.c:3485\n rtnl_newlink+0x64/0xa0 net/core/rtnetlink.c:3594\n rtnetlink_rcv_msg+0x43c/0xd70 net/core/rtnetlink.c:6091\n netlink_rcv_skb+0x14f/0x410 net/netlink/af_netlink.c:2540\n netlink_unicast_kernel net/netlink/af_netlink.c:1319 [inline]\n netlink_unicast+0x54e/0x800 net/netlink/af_netlink.c:1345\n netlink_sendmsg+0x930/0xe50 net/netlink/af_netlink.c:1921\n sock_sendmsg_nosec net/socket.c:714 [inline]\n sock_sendmsg+0x154/0x190 net/socket.c:734\n ____sys_sendmsg+0x6df/0x840 net/socket.c:2482\n ___sys_sendmsg+0x110/0x1b0 net/socket.c:2536\n __sys_sendmsg+0xf3/0x1c0 net/socket.c:2565\n do_syscall_x64 arch/x86/entry/common.c:50 [inline]\n do_syscall_64+0x3b/0x90 arch/x86/entry/common.c:80\n entry_SYSCALL_64_after_hwframe+0x63/0xcd\nRIP: 0033:0x7fdcf2072359\nCode: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003C48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007fdcf13e3168 EFLAGS: 00000246 ORIG_RAX: 000000000000002e\nRAX: ffffffffffffffda RBX: 00007fdcf219ff80 RCX: 00007fdcf2072359\nRDX: 0000000000000000 RSI: 0000000020000200 RDI: 0000000000000003\nRBP: 00007fdcf20bd493 R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000\nR13: 00007fffbb8d7bdf R14: 00007fdcf13e3300 R15: 0000000000022000\n \u003C/TASK>\n\nThe buggy address belongs to the variable:\n rmnet_policy+0x30/0xe0\n\nThe buggy address belongs to the physical page:\npage:0000000065bdeb3c refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x155243\nflags: 0x200000000001000(reserved|node=0|zone=2)\nraw: 0200000000001000 ffffea00055490c8 ffffea00055490c8 0000000000000000\nraw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000\npage dumped because: kasan: bad access detected\n\nMemory state around the buggy address:\n ffffffff92c43780: f9 f9 f9 f9 00 00 00 02 f9 f9 f9 f9 00 00 00 07\n ffffffff92c43800: f9 f9 f9 f9 00 00 00 05 f9 f9 f9 f9 06 f9 f9 f9\n>ffffffff92c43880: f9 f9 f9 f9 00 00 00 00 00 00 f9 f9 f9 f9 f9 f9\n                                                 ^\n ffffffff92c43900: 00 00 00 00 00 00 00 00 07 f9 f9 f9 f9 f9 f9 f9\n ffffffff92c43980: 00 00 00 07 f9 f9 f9 f9 00 00 00 05 f9 f9 f9 f9\n\nAccording to the comment of `nla_parse_nested_deprecated`, the maxtype\nshould be len(destination array) - 1. Hence use `IFLA_RMNET_MAX` here.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":9,"capec":18},"CWE-125","Out-of-bounds Read","The product reads data past the end, or before the beginning, of the intended buffer.","weakness","Draft","Base",[19],{"id":20,"name":21,"techniques":22},"CAPEC-540","Overread Buffers",[],[],[],[],[27,29,31,33,35,37,39,41,43,45,47,49,51,53,55,57,59,61],{"_key":28},"SUSE-SU-2024:2008-1",{"_key":30},"SUSE-SU-2024:2019-1",{"_key":32},"SUSE-SU-2024:2190-1",{"_key":34},"DLA-3840-1",{"_key":36},"DLA-3841-1",{"_key":38},"DEBIAN-CVE-2024-26597",{"_key":40},"LSN-0103-1",{"_key":42},"LSN-0104-1",{"_key":44},"UBUNTU-CVE-2024-26597",{"_key":46},"USN-6726-1",{"_key":48},"USN-6726-2",{"_key":50},"USN-6726-3",{"_key":52},"USN-6688-1",{"_key":54},"USN-6707-1",{"_key":56},"USN-6707-3",{"_key":58},"USN-6707-4",{"_key":60},"USN-6725-1",{"_key":62},"USN-6725-2",[],[65,67,68,69],{"_key":66},"USN-6707-2",{"_key":28},{"_key":30},{"_key":32},"2024-02-23T14:46:26.042Z","2026-05-11T20:00:29.906Z","Modified",{"cisa_kev":74,"cisa_ransomware":74,"cisa_vendor":9,"epss_severity":75,"epss_score":76,"severity":77,"severity_score":78,"severity_version":79,"severity_source":80,"severity_vector":81,"severity_status":72},false,"low",0.00012,"high",7.1,"v3.1","nvd","CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",[83,89,93,97,101,105,109,113,117,122],{"url":84,"sources":85,"tags":87},"https://git.kernel.org/stable/c/093dab655808207f7a9f54cf156240aeafc70590",[86,80],"cve.org",[88],"Patch",{"url":90,"sources":91,"tags":92},"https://git.kernel.org/stable/c/02467ab8b404d80429107588e0f3425cf5fcd2e5",[86,80],[88],{"url":94,"sources":95,"tags":96},"https://git.kernel.org/stable/c/2295c22348faf795e1ccdf618f6eb7afdb2f7447",[86,80],[88],{"url":98,"sources":99,"tags":100},"https://git.kernel.org/stable/c/3b5254862258b595662a0ccca6e9eeb88d6e7468",[86,80],[88],{"url":102,"sources":103,"tags":104},"https://git.kernel.org/stable/c/ee1dc3bf86f2df777038506b139371a9add02534",[86,80],[88],{"url":106,"sources":107,"tags":108},"https://git.kernel.org/stable/c/c4734535034672f59f2652e1e0058c490da62a5c",[86,80],[88],{"url":110,"sources":111,"tags":112},"https://git.kernel.org/stable/c/17d06a5c44d8fd2e8e61bac295b09153496f87e1",[86,80],[88],{"url":114,"sources":115,"tags":116},"https://git.kernel.org/stable/c/b33fb5b801c6db408b774a68e7c8722796b59ecc",[86,80],[88],{"url":118,"sources":119,"tags":120},"https://lists.debian.org/debian-lts-announce/2024/06/msg00016.html",[86,80],[121],"X Transferred",{"url":123,"sources":124,"tags":125},"https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html",[86,80],[121],[],{"date":128,"score":76,"percentile":129},"2026-06-03",0.01671,[131,134,137,140,143,146,148,151,154,156,159,162,165,167,170,174,177,180,183,186,189,192,195,198,201,204,207,210,212,215,218,220,222,225,227,230,233,236,239,242,244,247,250,252,254,257,259,261,264,267,270,272,275,277,279,282,284,286,288,290,292,295,297,299,302,304,306,309,312,314,317,320,322,325,328,331,334,337,340,343,346,349,352,355,358,360,363,366,369,372],{"date":132,"score":76,"percentile":133},"2025-11-04",0.011,{"date":135,"score":76,"percentile":136},"2025-11-05",0.01115,{"date":138,"score":76,"percentile":139},"2025-11-06",0.01125,{"date":141,"score":76,"percentile":142},"2025-11-07",0.01128,{"date":144,"score":76,"percentile":145},"2025-11-08",0.0113,{"date":147,"score":76,"percentile":145},"2025-11-09",{"date":149,"score":76,"percentile":150},"2025-11-10",0.0112,{"date":152,"score":76,"percentile":153},"2025-11-11",0.01123,{"date":155,"score":76,"percentile":153},"2025-11-12",{"date":157,"score":76,"percentile":158},"2025-11-13",0.01127,{"date":160,"score":76,"percentile":161},"2025-11-14",0.01142,{"date":163,"score":76,"percentile":164},"2025-11-15",0.01158,{"date":166,"score":76,"percentile":164},"2025-11-16",{"date":168,"score":76,"percentile":169},"2025-11-17",0.01151,{"date":171,"score":172,"percentile":173},"2025-11-18",0.00087,0.21153,{"date":175,"score":172,"percentile":176},"2025-11-19",0.21162,{"date":178,"score":172,"percentile":179},"2025-11-20",0.21135,{"date":181,"score":76,"percentile":182},"2025-11-21",0.01201,{"date":184,"score":76,"percentile":185},"2025-11-22",0.01196,{"date":187,"score":76,"percentile":188},"2025-11-23",0.01187,{"date":190,"score":76,"percentile":191},"2025-11-24",0.0118,{"date":193,"score":76,"percentile":194},"2025-11-25",0.01173,{"date":196,"score":76,"percentile":197},"2025-11-26",0.01108,{"date":199,"score":76,"percentile":200},"2025-11-27",0.01106,{"date":202,"score":76,"percentile":203},"2025-11-28",0.01113,{"date":205,"score":76,"percentile":206},"2025-11-29",0.01147,{"date":208,"score":76,"percentile":209},"2025-11-30",0.01156,{"date":211,"score":76,"percentile":188},"2025-12-01",{"date":213,"score":76,"percentile":214},"2025-12-02",0.01181,{"date":216,"score":76,"percentile":217},"2025-12-03",0.01186,{"date":219,"score":76,"percentile":164},"2025-12-04",{"date":221,"score":76,"percentile":194},"2025-12-05",{"date":223,"score":76,"percentile":224},"2025-12-06",0.01174,{"date":226,"score":76,"percentile":224},"2025-12-07",{"date":228,"score":76,"percentile":229},"2025-12-08",0.01177,{"date":231,"score":76,"percentile":232},"2025-12-09",0.0119,{"date":234,"score":76,"percentile":235},"2025-12-10",0.01204,{"date":237,"score":76,"percentile":238},"2025-12-11",0.01195,{"date":240,"score":76,"percentile":241},"2025-12-12",0.01193,{"date":243,"score":76,"percentile":214},"2025-12-13",{"date":245,"score":76,"percentile":246},"2025-12-14",0.01178,{"date":248,"score":76,"percentile":249},"2025-12-15",0.01175,{"date":251,"score":76,"percentile":246},"2025-12-16",{"date":253,"score":76,"percentile":246},"2025-12-17",{"date":255,"score":76,"percentile":256},"2025-12-18",0.01169,{"date":258,"score":76,"percentile":224},"2025-12-19",{"date":260,"score":76,"percentile":194},"2025-12-20",{"date":262,"score":76,"percentile":263},"2025-12-21",0.01182,{"date":265,"score":76,"percentile":266},"2025-12-22",0.01184,{"date":268,"score":76,"percentile":269},"2025-12-23",0.01183,{"date":271,"score":76,"percentile":188},"2025-12-24",{"date":273,"score":76,"percentile":274},"2025-12-25",0.01191,{"date":276,"score":76,"percentile":241},"2025-12-26",{"date":278,"score":76,"percentile":232},"2025-12-27",{"date":280,"score":76,"percentile":281},"2025-12-28",0.01189,{"date":283,"score":76,"percentile":263},"2025-12-29",{"date":285,"score":76,"percentile":246},"2025-12-30",{"date":287,"score":76,"percentile":229},"2025-12-31",{"date":289,"score":76,"percentile":235},"2026-01-01",{"date":291,"score":76,"percentile":182},"2026-01-02",{"date":293,"score":76,"percentile":294},"2026-01-03",0.01203,{"date":296,"score":76,"percentile":256},"2026-01-04",{"date":298,"score":76,"percentile":229},"2026-01-05",{"date":300,"score":76,"percentile":301},"2026-01-06",0.01172,{"date":303,"score":76,"percentile":224},"2026-01-07",{"date":305,"score":76,"percentile":269},"2026-01-08",{"date":307,"score":76,"percentile":308},"2026-01-09",0.012,{"date":310,"score":76,"percentile":311},"2026-01-10",0.01206,{"date":313,"score":76,"percentile":294},"2026-01-11",{"date":315,"score":76,"percentile":316},"2026-01-12",0.01209,{"date":318,"score":76,"percentile":319},"2026-01-13",0.01205,{"date":321,"score":76,"percentile":294},"2026-01-14",{"date":323,"score":76,"percentile":324},"2026-01-15",0.01216,{"date":326,"score":76,"percentile":327},"2026-01-16",0.01221,{"date":329,"score":76,"percentile":330},"2026-01-17",0.01223,{"date":332,"score":76,"percentile":333},"2026-01-18",0.01236,{"date":335,"score":76,"percentile":336},"2026-01-19",0.01232,{"date":338,"score":76,"percentile":339},"2026-01-20",0.01219,{"date":341,"score":76,"percentile":342},"2026-01-21",0.01217,{"date":344,"score":76,"percentile":345},"2026-01-22",0.01218,{"date":347,"score":76,"percentile":348},"2026-01-23",0.0123,{"date":350,"score":76,"percentile":351},"2026-01-24",0.01234,{"date":353,"score":76,"percentile":354},"2026-01-25",0.01233,{"date":356,"score":76,"percentile":357},"2026-01-26",0.01231,{"date":359,"score":76,"percentile":327},"2026-01-27",{"date":361,"score":76,"percentile":362},"2026-01-28",0.0122,{"date":364,"score":76,"percentile":365},"2026-01-29",0.01226,{"date":367,"score":76,"percentile":368},"2026-01-30",0.01227,{"date":370,"score":76,"percentile":371},"2026-01-31",0.01243,{"date":373,"score":76,"percentile":374},"2026-02-01",0.01268,[376],{"source":80,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":377,"cvss_v4_0":9},{"baseScore":78,"baseSeverity":378,"vectorString":81,"impactScore":379,"exploitabilityScore":380},"HIGH",8.7,4.6,[382,417],{"ecosystem":9,"name":383,"vendor":384,"product":384,"cpe_part":385,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":386},"Linux","linux","a",[387,394,397,400,403,406,409,412,415],{"version":388,"is_range":389,"range_type":86,"version_start":390,"version_start_type":391,"version_end":392,"version_end_type":393,"fixed_in":9},">= 14452ca3b5ce304fb2fea96dbc9ca1e4e7978551, \u003C 093dab655808207f7a9f54cf156240aeafc70590",true,"14452ca3b5ce304fb2fea96dbc9ca1e4e7978551","including","093dab655808207f7a9f54cf156240aeafc70590","excluding",{"version":395,"is_range":389,"range_type":86,"version_start":390,"version_start_type":391,"version_end":396,"version_end_type":393,"fixed_in":9},">= 14452ca3b5ce304fb2fea96dbc9ca1e4e7978551, \u003C 02467ab8b404d80429107588e0f3425cf5fcd2e5","02467ab8b404d80429107588e0f3425cf5fcd2e5",{"version":398,"is_range":389,"range_type":86,"version_start":390,"version_start_type":391,"version_end":399,"version_end_type":393,"fixed_in":9},">= 14452ca3b5ce304fb2fea96dbc9ca1e4e7978551, \u003C 2295c22348faf795e1ccdf618f6eb7afdb2f7447","2295c22348faf795e1ccdf618f6eb7afdb2f7447",{"version":401,"is_range":389,"range_type":86,"version_start":390,"version_start_type":391,"version_end":402,"version_end_type":393,"fixed_in":9},">= 14452ca3b5ce304fb2fea96dbc9ca1e4e7978551, \u003C 3b5254862258b595662a0ccca6e9eeb88d6e7468","3b5254862258b595662a0ccca6e9eeb88d6e7468",{"version":404,"is_range":389,"range_type":86,"version_start":390,"version_start_type":391,"version_end":405,"version_end_type":393,"fixed_in":9},">= 14452ca3b5ce304fb2fea96dbc9ca1e4e7978551, \u003C ee1dc3bf86f2df777038506b139371a9add02534","ee1dc3bf86f2df777038506b139371a9add02534",{"version":407,"is_range":389,"range_type":86,"version_start":390,"version_start_type":391,"version_end":408,"version_end_type":393,"fixed_in":9},">= 14452ca3b5ce304fb2fea96dbc9ca1e4e7978551, \u003C c4734535034672f59f2652e1e0058c490da62a5c","c4734535034672f59f2652e1e0058c490da62a5c",{"version":410,"is_range":389,"range_type":86,"version_start":390,"version_start_type":391,"version_end":411,"version_end_type":393,"fixed_in":9},">= 14452ca3b5ce304fb2fea96dbc9ca1e4e7978551, \u003C 17d06a5c44d8fd2e8e61bac295b09153496f87e1","17d06a5c44d8fd2e8e61bac295b09153496f87e1",{"version":413,"is_range":389,"range_type":86,"version_start":390,"version_start_type":391,"version_end":414,"version_end_type":393,"fixed_in":9},">= 14452ca3b5ce304fb2fea96dbc9ca1e4e7978551, \u003C b33fb5b801c6db408b774a68e7c8722796b59ecc","b33fb5b801c6db408b774a68e7c8722796b59ecc",{"version":416,"is_range":74,"range_type":86,"version_start":416,"version_start_type":391,"version_end":416,"version_end_type":391,"fixed_in":9},"4.17",{"ecosystem":9,"name":418,"vendor":384,"product":419,"cpe_part":420,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":421},"linux kernel","linux_kernel","o",[422,427,431,435,439,443,447],{"version":423,"is_range":389,"range_type":424,"version_start":425,"version_start_type":391,"version_end":426,"version_end_type":393,"fixed_in":9},"gte4.17.0_lt4.19.306","cpe","4.17.0","4.19.306",{"version":428,"is_range":389,"range_type":424,"version_start":429,"version_start_type":391,"version_end":430,"version_end_type":393,"fixed_in":9},"gte4.20.0_lt5.4.268","4.20.0","5.4.268",{"version":432,"is_range":389,"range_type":424,"version_start":433,"version_start_type":391,"version_end":434,"version_end_type":393,"fixed_in":9},"gte5.5.0_lt5.10.209","5.5.0","5.10.209",{"version":436,"is_range":389,"range_type":424,"version_start":437,"version_start_type":391,"version_end":438,"version_end_type":393,"fixed_in":9},"gte5.11.0_lt5.15.148","5.11.0","5.15.148",{"version":440,"is_range":389,"range_type":424,"version_start":441,"version_start_type":391,"version_end":442,"version_end_type":393,"fixed_in":9},"gte5.16.0_lt6.1.75","5.16.0","6.1.75",{"version":444,"is_range":389,"range_type":424,"version_start":445,"version_start_type":391,"version_end":446,"version_end_type":393,"fixed_in":9},"gte6.2.0_lt6.6.14","6.2.0","6.6.14",{"version":448,"is_range":389,"range_type":424,"version_start":449,"version_start_type":391,"version_end":450,"version_end_type":393,"fixed_in":9},"gte6.7.0_lt6.7.2","6.7.0","6.7.2"]