[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2024-35896":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-04T14:53:31.930Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":23,"aliases":24,"duplicate_of":9,"upstream":25,"downstream":26,"duplicates":123,"related":124,"reserved_at":9,"published_at":136,"modified_at":137,"state":138,"summary":139,"references_raw":148,"kevs":189,"epss":190,"epss_history":193,"metrics":439,"affected":445},"CVE-2024-35896","In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: validate user input for expected length\n\nI got multiple syzbot reports showing old bugs exposed\nby BPF after commit 20f2505fb436 (\"bpf: Try to avoid kzalloc\nin cgroup/{s,g}etsockopt\")\n\nsetsockopt() @optlen argument should be taken into account\nbefore copying data.\n\n BUG: KASAN: slab-out-of-bounds in copy_from_sockptr_offset include/linux/sockptr.h:49 [inline]\n BUG: KASAN: slab-out-of-bounds in copy_from_sockptr include/linux/sockptr.h:55 [inline]\n BUG: KASAN: slab-out-of-bounds in do_replace net/ipv4/netfilter/ip_tables.c:1111 [inline]\n BUG: KASAN: slab-out-of-bounds in do_ipt_set_ctl+0x902/0x3dd0 net/ipv4/netfilter/ip_tables.c:1627\nRead of size 96 at addr ffff88802cd73da0 by task syz-executor.4/7238\n\nCPU: 1 PID: 7238 Comm: syz-executor.4 Not tainted 6.9.0-rc2-next-20240403-syzkaller #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024\nCall Trace:\n \u003CTASK>\n  __dump_stack lib/dump_stack.c:88 [inline]\n  dump_stack_lvl+0x241/0x360 lib/dump_stack.c:114\n  print_address_description mm/kasan/report.c:377 [inline]\n  print_report+0x169/0x550 mm/kasan/report.c:488\n  kasan_report+0x143/0x180 mm/kasan/report.c:601\n  kasan_check_range+0x282/0x290 mm/kasan/generic.c:189\n  __asan_memcpy+0x29/0x70 mm/kasan/shadow.c:105\n  copy_from_sockptr_offset include/linux/sockptr.h:49 [inline]\n  copy_from_sockptr include/linux/sockptr.h:55 [inline]\n  do_replace net/ipv4/netfilter/ip_tables.c:1111 [inline]\n  do_ipt_set_ctl+0x902/0x3dd0 net/ipv4/netfilter/ip_tables.c:1627\n  nf_setsockopt+0x295/0x2c0 net/netfilter/nf_sockopt.c:101\n  do_sock_setsockopt+0x3af/0x720 net/socket.c:2311\n  __sys_setsockopt+0x1ae/0x250 net/socket.c:2334\n  __do_sys_setsockopt net/socket.c:2343 [inline]\n  __se_sys_setsockopt net/socket.c:2340 [inline]\n  __x64_sys_setsockopt+0xb5/0xd0 net/socket.c:2340\n do_syscall_64+0xfb/0x240\n entry_SYSCALL_64_after_hwframe+0x72/0x7a\nRIP: 0033:0x7fd22067dde9\nCode: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003C48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007fd21f9ff0c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000036\nRAX: ffffffffffffffda RBX: 00007fd2207abf80 RCX: 00007fd22067dde9\nRDX: 0000000000000040 RSI: 0000000000000000 RDI: 0000000000000003\nRBP: 00007fd2206ca47a R08: 0000000000000001 R09: 0000000000000000\nR10: 0000000020000880 R11: 0000000000000246 R12: 0000000000000000\nR13: 000000000000000b R14: 00007fd2207abf80 R15: 00007ffd2d0170d8\n \u003C/TASK>\n\nAllocated by task 7238:\n  kasan_save_stack mm/kasan/common.c:47 [inline]\n  kasan_save_track+0x3f/0x80 mm/kasan/common.c:68\n  poison_kmalloc_redzone mm/kasan/common.c:370 [inline]\n  __kasan_kmalloc+0x98/0xb0 mm/kasan/common.c:387\n  kasan_kmalloc include/linux/kasan.h:211 [inline]\n  __do_kmalloc_node mm/slub.c:4069 [inline]\n  __kmalloc_noprof+0x200/0x410 mm/slub.c:4082\n  kmalloc_noprof include/linux/slab.h:664 [inline]\n  __cgroup_bpf_run_filter_setsockopt+0xd47/0x1050 kernel/bpf/cgroup.c:1869\n  do_sock_setsockopt+0x6b4/0x720 net/socket.c:2293\n  __sys_setsockopt+0x1ae/0x250 net/socket.c:2334\n  __do_sys_setsockopt net/socket.c:2343 [inline]\n  __se_sys_setsockopt net/socket.c:2340 [inline]\n  __x64_sys_setsockopt+0xb5/0xd0 net/socket.c:2340\n do_syscall_64+0xfb/0x240\n entry_SYSCALL_64_after_hwframe+0x72/0x7a\n\nThe buggy address belongs to the object at ffff88802cd73da0\n which belongs to the cache kmalloc-8 of size 8\nThe buggy address is located 0 bytes inside of\n allocated 1-byte region [ffff88802cd73da0, ffff88802cd73da1)\n\nThe buggy address belongs to the physical page:\npage: refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff88802cd73020 pfn:0x2cd73\nflags: 0xfff80000000000(node=0|zone=1|lastcpupid=0xfff)\npage_type: 0xffffefff(slab)\nraw: 00fff80000000000 ffff888015041280 dead000000000100 dead000000000122\nraw: ffff88802cd73020 000000008080007f 00000001ffffefff 00\n---truncated---",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":9,"capec":18},"CWE-125","Out-of-bounds Read","The product reads data past the end, or before the beginning, of the intended buffer.","weakness","Draft","Base",[19],{"id":20,"name":21,"techniques":22},"CAPEC-540","Overread Buffers",[],[],[],[],[27,29,31,33,35,37,39,41,43,45,47,49,51,53,55,57,59,61,63,65,67,69,71,73,75,77,79,81,83,85,87,89,91,93,95,97,99,101,103,105,107,109,111,113,115,117,119,121],{"_key":28},"SUSE-SU-2024:2571-1",{"_key":30},"SUSE-SU-2024:2360-1",{"_key":32},"SUSE-SU-2024:2381-1",{"_key":34},"SUSE-SU-2024:2561-1",{"_key":36},"SUSE-SU-2024:2372-1",{"_key":38},"SUSE-SU-2024:2394-1",{"_key":40},"SUSE-SU-2024:2896-1",{"_key":42},"SUSE-SU-2024:2939-1",{"_key":44},"SUSE-SU-2024:2973-1",{"_key":46},"DLA-3842-1",{"_key":48},"SUSE-SU-2025:20008-1",{"_key":50},"SUSE-SU-2025:20028-1",{"_key":52},"DEBIAN-CVE-2024-35896",{"_key":54},"RHSA-2024:5101",{"_key":56},"RHSA-2024:5102",{"_key":58},"RHSA-2024:5928",{"_key":60},"RHSA-2024:5066",{"_key":62},"RHSA-2024:5067",{"_key":64},"UBUNTU-CVE-2024-35896",{"_key":66},"USN-7332-1",{"_key":68},"USN-7332-2",{"_key":70},"USN-7332-3",{"_key":72},"USN-7342-1",{"_key":74},"USN-7344-1",{"_key":76},"USN-7344-2",{"_key":78},"USN-6893-1",{"_key":80},"USN-6893-2",{"_key":82},"USN-6893-3",{"_key":84},"USN-6898-1",{"_key":86},"USN-6898-2",{"_key":88},"USN-6898-3",{"_key":90},"USN-6898-4",{"_key":92},"USN-6917-1",{"_key":94},"USN-6918-1",{"_key":96},"USN-6919-1",{"_key":98},"USN-6927-1",{"_key":100},"USN-7019-1",{"_key":102},"USN-7293-1",{"_key":104},"USN-7294-1",{"_key":106},"USN-7294-2",{"_key":108},"USN-7294-3",{"_key":110},"USN-7294-4",{"_key":112},"USN-7295-1",{"_key":114},"USN-7393-1",{"_key":116},"USN-7401-1",{"_key":118},"USN-7413-1",{"_key":120},"USN-7539-1",{"_key":122},"USN-7540-1",[],[125,126,127,128,129,130,131,132,133,134,135],{"_key":28},{"_key":30},{"_key":32},{"_key":34},{"_key":36},{"_key":38},{"_key":40},{"_key":42},{"_key":44},{"_key":48},{"_key":50},"2024-05-19T08:34:51.034Z","2026-05-12T11:52:31.965Z","Modified",{"cisa_kev":140,"cisa_ransomware":140,"cisa_vendor":9,"epss_severity":141,"epss_score":142,"severity":143,"severity_score":144,"severity_version":145,"severity_source":146,"severity_vector":147,"severity_status":138},false,"low",0.0002,"high",7.1,"v3.1","nvd","CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",[149,155,159,163,167,171,175,181,185],{"url":150,"sources":151,"tags":153},"https://git.kernel.org/stable/c/0f038242b77ddfc505bf4163d4904c1abd2e74d6",[152,146],"cve.org",[154],"Patch",{"url":156,"sources":157,"tags":158},"https://git.kernel.org/stable/c/440e948cf0eff32cfe322dcbca3f2525354b159b",[152,146],[154],{"url":160,"sources":161,"tags":162},"https://git.kernel.org/stable/c/18aae2cb87e5faa9c5bd865260ceadac60d5a6c5",[152,146],[154],{"url":164,"sources":165,"tags":166},"https://git.kernel.org/stable/c/81d51b9b7c95e791ba3c1a2dd77920a9d3b3f525",[152,146],[154],{"url":168,"sources":169,"tags":170},"https://git.kernel.org/stable/c/58f2bfb789e6bd3bc24a2c9c1580f3c67aec3018",[152,146],[154],{"url":172,"sources":173,"tags":174},"https://git.kernel.org/stable/c/0c83842df40f86e529db6842231154772c20edcc",[152,146],[154],{"url":176,"sources":177,"tags":178},"https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html",[152,146],[179,180],"X Transferred","Mailing List",{"url":182,"sources":183,"tags":184},"https://security.netapp.com/advisory/ntap-20250321-0004/",[152,146],[],{"url":186,"sources":187,"tags":188},"https://cert-portal.siemens.com/productcert/html/ssa-265688.html",[152,146],[],[],{"date":191,"score":142,"percentile":192},"2026-06-04",0.05813,[194,198,201,204,207,210,213,216,219,222,225,228,231,233,236,240,243,246,249,252,255,258,261,264,267,270,273,276,279,281,283,286,289,292,294,297,300,303,306,308,311,314,316,318,320,323,325,327,330,333,335,338,340,342,345,348,351,353,355,358,361,364,367,369,371,373,376,379,382,384,387,389,391,394,397,400,403,406,409,412,414,417,419,421,423,425,427,430,433,436],{"date":195,"score":196,"percentile":197},"2025-11-04",0.00012,0.0106,{"date":199,"score":196,"percentile":200},"2025-11-05",0.01075,{"date":202,"score":196,"percentile":203},"2025-11-06",0.01086,{"date":205,"score":196,"percentile":206},"2025-11-07",0.01088,{"date":208,"score":196,"percentile":209},"2025-11-08",0.0109,{"date":211,"score":196,"percentile":212},"2025-11-09",0.01089,{"date":214,"score":196,"percentile":215},"2025-11-10",0.0108,{"date":217,"score":196,"percentile":218},"2025-11-11",0.01083,{"date":220,"score":196,"percentile":221},"2025-11-12",0.01082,{"date":223,"score":196,"percentile":224},"2025-11-13",0.01085,{"date":226,"score":196,"percentile":227},"2025-11-14",0.011,{"date":229,"score":196,"percentile":230},"2025-11-15",0.01115,{"date":232,"score":196,"percentile":230},"2025-11-16",{"date":234,"score":196,"percentile":235},"2025-11-17",0.01108,{"date":237,"score":238,"percentile":239},"2025-11-18",0.00079,0.1964,{"date":241,"score":238,"percentile":242},"2025-11-19",0.19659,{"date":244,"score":238,"percentile":245},"2025-11-20",0.19642,{"date":247,"score":196,"percentile":248},"2025-11-21",0.01158,{"date":250,"score":196,"percentile":251},"2025-11-22",0.01155,{"date":253,"score":196,"percentile":254},"2025-11-23",0.01146,{"date":256,"score":196,"percentile":257},"2025-11-24",0.01141,{"date":259,"score":196,"percentile":260},"2025-11-25",0.01133,{"date":262,"score":196,"percentile":263},"2025-11-26",0.01068,{"date":265,"score":196,"percentile":266},"2025-11-27",0.01066,{"date":268,"score":196,"percentile":269},"2025-11-28",0.01072,{"date":271,"score":196,"percentile":272},"2025-11-29",0.01105,{"date":274,"score":196,"percentile":275},"2025-11-30",0.01112,{"date":277,"score":196,"percentile":278},"2025-12-01",0.01147,{"date":280,"score":196,"percentile":257},"2025-12-02",{"date":282,"score":196,"percentile":254},"2025-12-03",{"date":284,"score":196,"percentile":285},"2025-12-04",0.01116,{"date":287,"score":196,"percentile":288},"2025-12-05",0.01128,{"date":290,"score":196,"percentile":291},"2025-12-06",0.01129,{"date":293,"score":196,"percentile":291},"2025-12-07",{"date":295,"score":196,"percentile":296},"2025-12-08",0.01132,{"date":298,"score":196,"percentile":299},"2025-12-09",0.01145,{"date":301,"score":196,"percentile":302},"2025-12-10",0.01157,{"date":304,"score":196,"percentile":305},"2025-12-11",0.01149,{"date":307,"score":196,"percentile":254},"2025-12-12",{"date":309,"score":196,"percentile":310},"2025-12-13",0.01135,{"date":312,"score":196,"percentile":313},"2025-12-14",0.01131,{"date":315,"score":196,"percentile":288},"2025-12-15",{"date":317,"score":196,"percentile":296},"2025-12-16",{"date":319,"score":196,"percentile":260},"2025-12-17",{"date":321,"score":196,"percentile":322},"2025-12-18",0.01126,{"date":324,"score":196,"percentile":313},"2025-12-19",{"date":326,"score":196,"percentile":291},"2025-12-20",{"date":328,"score":196,"percentile":329},"2025-12-21",0.01138,{"date":331,"score":196,"percentile":332},"2025-12-22",0.01139,{"date":334,"score":196,"percentile":329},"2025-12-23",{"date":336,"score":196,"percentile":337},"2025-12-24",0.0114,{"date":339,"score":196,"percentile":299},"2025-12-25",{"date":341,"score":196,"percentile":278},"2025-12-26",{"date":343,"score":196,"percentile":344},"2025-12-27",0.01148,{"date":346,"score":196,"percentile":347},"2025-12-28",0.01143,{"date":349,"score":196,"percentile":350},"2025-12-29",0.01136,{"date":352,"score":196,"percentile":296},"2025-12-30",{"date":354,"score":196,"percentile":296},"2025-12-31",{"date":356,"score":196,"percentile":357},"2026-01-01",0.0116,{"date":359,"score":196,"percentile":360},"2026-01-02",0.01156,{"date":362,"score":196,"percentile":363},"2026-01-03",0.01159,{"date":365,"score":196,"percentile":366},"2026-01-04",0.01123,{"date":368,"score":196,"percentile":291},"2026-01-05",{"date":370,"score":196,"percentile":322},"2026-01-06",{"date":372,"score":196,"percentile":322},"2026-01-07",{"date":374,"score":196,"percentile":375},"2026-01-08",0.01137,{"date":377,"score":196,"percentile":378},"2026-01-09",0.01154,{"date":380,"score":196,"percentile":381},"2026-01-10",0.01162,{"date":383,"score":196,"percentile":363},"2026-01-11",{"date":385,"score":196,"percentile":386},"2026-01-12",0.01165,{"date":388,"score":196,"percentile":381},"2026-01-13",{"date":390,"score":196,"percentile":363},"2026-01-14",{"date":392,"score":196,"percentile":393},"2026-01-15",0.01173,{"date":395,"score":196,"percentile":396},"2026-01-16",0.01177,{"date":398,"score":196,"percentile":399},"2026-01-17",0.01179,{"date":401,"score":196,"percentile":402},"2026-01-18",0.01192,{"date":404,"score":196,"percentile":405},"2026-01-19",0.01189,{"date":407,"score":196,"percentile":408},"2026-01-20",0.01174,{"date":410,"score":196,"percentile":411},"2026-01-21",0.01171,{"date":413,"score":196,"percentile":393},"2026-01-22",{"date":415,"score":196,"percentile":416},"2026-01-23",0.01188,{"date":418,"score":196,"percentile":405},"2026-01-24",{"date":420,"score":196,"percentile":405},"2026-01-25",{"date":422,"score":196,"percentile":416},"2026-01-26",{"date":424,"score":196,"percentile":399},"2026-01-27",{"date":426,"score":196,"percentile":396},"2026-01-28",{"date":428,"score":196,"percentile":429},"2026-01-29",0.01183,{"date":431,"score":196,"percentile":432},"2026-01-30",0.01185,{"date":434,"score":196,"percentile":435},"2026-01-31",0.01202,{"date":437,"score":196,"percentile":438},"2026-02-01",0.01232,[440],{"source":146,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":441,"cvss_v4_0":9},{"baseScore":144,"baseSeverity":442,"vectorString":147,"impactScore":443,"exploitabilityScore":444},"HIGH",8.7,4.6,[446,455,484],{"ecosystem":9,"name":447,"vendor":448,"product":449,"cpe_part":450,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":451},"debian linux","debian","debian_linux","o",[452],{"version":453,"is_range":140,"range_type":454,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"10.0","cpe",{"ecosystem":9,"name":456,"vendor":457,"product":457,"cpe_part":458,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":459},"Linux","linux","a",[460,467,470,473,476,479,482],{"version":461,"is_range":462,"range_type":152,"version_start":463,"version_start_type":464,"version_end":465,"version_end_type":466,"fixed_in":9},">= 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2, \u003C 0f038242b77ddfc505bf4163d4904c1abd2e74d6",true,"1da177e4c3f41524e886b7f1b8a0c1fc7321cac2","including","0f038242b77ddfc505bf4163d4904c1abd2e74d6","excluding",{"version":468,"is_range":462,"range_type":152,"version_start":463,"version_start_type":464,"version_end":469,"version_end_type":466,"fixed_in":9},">= 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2, \u003C 440e948cf0eff32cfe322dcbca3f2525354b159b","440e948cf0eff32cfe322dcbca3f2525354b159b",{"version":471,"is_range":462,"range_type":152,"version_start":463,"version_start_type":464,"version_end":472,"version_end_type":466,"fixed_in":9},">= 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2, \u003C 18aae2cb87e5faa9c5bd865260ceadac60d5a6c5","18aae2cb87e5faa9c5bd865260ceadac60d5a6c5",{"version":474,"is_range":462,"range_type":152,"version_start":463,"version_start_type":464,"version_end":475,"version_end_type":466,"fixed_in":9},">= 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2, \u003C 81d51b9b7c95e791ba3c1a2dd77920a9d3b3f525","81d51b9b7c95e791ba3c1a2dd77920a9d3b3f525",{"version":477,"is_range":462,"range_type":152,"version_start":463,"version_start_type":464,"version_end":478,"version_end_type":466,"fixed_in":9},">= 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2, \u003C 58f2bfb789e6bd3bc24a2c9c1580f3c67aec3018","58f2bfb789e6bd3bc24a2c9c1580f3c67aec3018",{"version":480,"is_range":462,"range_type":152,"version_start":463,"version_start_type":464,"version_end":481,"version_end_type":466,"fixed_in":9},">= 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2, \u003C 0c83842df40f86e529db6842231154772c20edcc","0c83842df40f86e529db6842231154772c20edcc",{"version":483,"is_range":140,"range_type":152,"version_start":483,"version_start_type":464,"version_end":483,"version_end_type":464,"fixed_in":9},"2.6.12",{"ecosystem":9,"name":485,"vendor":457,"product":486,"cpe_part":450,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":487},"linux kernel","linux_kernel",[488,491,495,499,503,507,509],{"version":489,"is_range":462,"range_type":454,"version_start":483,"version_start_type":464,"version_end":490,"version_end_type":466,"fixed_in":9},"gte2.6.12_lt5.10.215","5.10.215",{"version":492,"is_range":462,"range_type":454,"version_start":493,"version_start_type":464,"version_end":494,"version_end_type":466,"fixed_in":9},"gte5.11_lt5.15.154","5.11","5.15.154",{"version":496,"is_range":462,"range_type":454,"version_start":497,"version_start_type":464,"version_end":498,"version_end_type":466,"fixed_in":9},"gte5.16_lt6.1.85","5.16","6.1.85",{"version":500,"is_range":462,"range_type":454,"version_start":501,"version_start_type":464,"version_end":502,"version_end_type":466,"fixed_in":9},"gte6.2_lt6.6.26","6.2","6.6.26",{"version":504,"is_range":462,"range_type":454,"version_start":505,"version_start_type":464,"version_end":506,"version_end_type":466,"fixed_in":9},"gte6.7_lt6.8.5","6.7","6.8.5",{"version":508,"is_range":140,"range_type":454,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"6.9:rc1",{"version":510,"is_range":140,"range_type":454,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"6.9:rc2"]