[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2024-40972":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-04T08:53:30.047Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":39,"aliases":40,"duplicate_of":9,"upstream":41,"downstream":42,"duplicates":87,"related":88,"reserved_at":9,"published_at":97,"modified_at":98,"state":99,"summary":100,"references_raw":109,"kevs":132,"epss":133,"epss_history":136,"metrics":383,"affected":389},"CVE-2024-40972","In the Linux kernel, the following vulnerability has been resolved:\n\next4: do not create EA inode under buffer lock\n\next4_xattr_set_entry() creates new EA inodes while holding buffer lock\non the external xattr block. This is problematic as it nests all the\nallocation locking (which acquires locks on other buffers) under the\nbuffer lock. This can even deadlock when the filesystem is corrupted and\ne.g. quota file is setup to contain xattr block as data block. Move the\nallocation of EA inode out of ext4_xattr_set_entry() into the callers.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":9,"capec":18},"CWE-667","Improper Locking","The product does not properly acquire or release a lock on a resource, leading to unexpected resource state changes and behaviors.","weakness","Draft","Class",[19,31,35],{"id":20,"name":21,"techniques":22},"CAPEC-25","Forced Deadlock",[23],{"id":24,"name":25,"tactics":26,"countermeasures":30},"T1499.004","Application or System Exploitation",[27],{"id":28,"name":29},"TA0105","Impact",[],{"id":32,"name":33,"techniques":34},"CAPEC-26","Leveraging Race Conditions",[],{"id":36,"name":37,"techniques":38},"CAPEC-27","Leveraging Race Conditions via Symbolic Links",[],[],[],[],[43,45,47,49,51,53,55,57,59,61,63,65,67,69,71,73,75,77,79,81,83,85],{"_key":44},"SUSE-SU-2024:2802-1",{"_key":46},"SUSE-SU-2024:2894-1",{"_key":48},"SUSE-SU-2024:2896-1",{"_key":50},"SUSE-SU-2024:2939-1",{"_key":52},"SUSE-SU-2024:2947-1",{"_key":54},"SUSE-SU-2024:2973-1",{"_key":56},"DLA-4008-1",{"_key":58},"DSA-5782-1",{"_key":60},"SUSE-SU-2025:20008-1",{"_key":62},"SUSE-SU-2025:20028-1",{"_key":64},"DEBIAN-CVE-2024-40972",{"_key":66},"RHSA-2024:7000",{"_key":68},"RHSA-2024:7001",{"_key":70},"RHSA-2024:8617",{"_key":72},"UBUNTU-CVE-2024-40972",{"_key":74},"USN-6999-1",{"_key":76},"USN-6999-2",{"_key":78},"USN-7004-1",{"_key":80},"USN-7005-1",{"_key":82},"USN-7005-2",{"_key":84},"USN-7008-1",{"_key":86},"USN-7029-1",[],[89,90,91,92,93,94,95,96],{"_key":44},{"_key":46},{"_key":48},{"_key":50},{"_key":52},{"_key":54},{"_key":60},{"_key":62},"2024-07-12T12:32:10.102Z","2026-05-11T20:23:24.497Z","Modified",{"cisa_kev":101,"cisa_ransomware":101,"cisa_vendor":9,"epss_severity":102,"epss_score":103,"severity":104,"severity_score":105,"severity_version":106,"severity_source":107,"severity_vector":108,"severity_status":99},false,"low",0.00009,"medium",5.5,"v3.1","nvd","CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",[110,116,120,124,128],{"url":111,"sources":112,"tags":114},"https://git.kernel.org/stable/c/0752e7fb549d90c33b4d4186f11cfd25a556d1dd",[113,107],"cve.org",[115],"Patch",{"url":117,"sources":118,"tags":119},"https://git.kernel.org/stable/c/737fb7853acd5bc8984f6f42e4bfba3334be8ae1",[113,107],[115],{"url":121,"sources":122,"tags":123},"https://git.kernel.org/stable/c/111103907234bffd0a34fba070ad9367de058752",[113,107],[115],{"url":125,"sources":126,"tags":127},"https://git.kernel.org/stable/c/0a46ef234756dca04623b7591e8ebb3440622f0b",[113,107],[115],{"url":129,"sources":130,"tags":131},"https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html",[113,107],[],[],{"date":134,"score":103,"percentile":135},"2026-06-03",0.00928,[137,141,144,147,150,153,155,158,161,164,167,170,173,176,178,182,185,188,191,194,197,199,201,204,207,209,212,215,218,221,224,227,230,232,235,238,241,244,247,250,252,254,257,259,261,264,266,268,271,273,275,277,280,283,285,288,291,294,297,300,303,306,309,312,315,317,320,323,326,328,330,332,334,336,339,341,344,346,348,351,354,357,360,363,365,368,371,374,377,380],{"date":138,"score":139,"percentile":140},"2025-11-04",0.0001,0.00717,{"date":142,"score":139,"percentile":143},"2025-11-05",0.0072,{"date":145,"score":139,"percentile":146},"2025-11-06",0.00722,{"date":148,"score":139,"percentile":149},"2025-11-07",0.00723,{"date":151,"score":139,"percentile":152},"2025-11-08",0.00721,{"date":154,"score":139,"percentile":152},"2025-11-09",{"date":156,"score":139,"percentile":157},"2025-11-10",0.00716,{"date":159,"score":103,"percentile":160},"2025-11-11",0.00579,{"date":162,"score":103,"percentile":163},"2025-11-12",0.00575,{"date":165,"score":103,"percentile":166},"2025-11-13",0.00574,{"date":168,"score":103,"percentile":169},"2025-11-14",0.00577,{"date":171,"score":103,"percentile":172},"2025-11-15",0.00581,{"date":174,"score":103,"percentile":175},"2025-11-16",0.0058,{"date":177,"score":103,"percentile":169},"2025-11-17",{"date":179,"score":180,"percentile":181},"2025-11-18",0.00054,0.12151,{"date":183,"score":180,"percentile":184},"2025-11-19",0.1217,{"date":186,"score":180,"percentile":187},"2025-11-20",0.12186,{"date":189,"score":103,"percentile":190},"2025-11-21",0.00589,{"date":192,"score":103,"percentile":193},"2025-11-22",0.00587,{"date":195,"score":103,"percentile":196},"2025-11-23",0.00585,{"date":198,"score":103,"percentile":172},"2025-11-24",{"date":200,"score":103,"percentile":160},"2025-11-25",{"date":202,"score":103,"percentile":203},"2025-11-26",0.00573,{"date":205,"score":103,"percentile":206},"2025-11-27",0.00572,{"date":208,"score":103,"percentile":169},"2025-11-28",{"date":210,"score":103,"percentile":211},"2025-11-29",0.0059,{"date":213,"score":103,"percentile":214},"2025-11-30",0.00592,{"date":216,"score":103,"percentile":217},"2025-12-01",0.00595,{"date":219,"score":103,"percentile":220},"2025-12-02",0.00593,{"date":222,"score":103,"percentile":223},"2025-12-03",0.00596,{"date":225,"score":103,"percentile":226},"2025-12-04",0.00597,{"date":228,"score":103,"percentile":229},"2025-12-05",0.00604,{"date":231,"score":103,"percentile":229},"2025-12-06",{"date":233,"score":103,"percentile":234},"2025-12-07",0.00603,{"date":236,"score":103,"percentile":237},"2025-12-08",0.00607,{"date":239,"score":103,"percentile":240},"2025-12-09",0.0062,{"date":242,"score":103,"percentile":243},"2025-12-10",0.00631,{"date":245,"score":103,"percentile":246},"2025-12-11",0.00629,{"date":248,"score":103,"percentile":249},"2025-12-12",0.0063,{"date":251,"score":103,"percentile":246},"2025-12-13",{"date":253,"score":103,"percentile":249},"2025-12-14",{"date":255,"score":103,"percentile":256},"2025-12-15",0.00626,{"date":258,"score":103,"percentile":246},"2025-12-16",{"date":260,"score":103,"percentile":243},"2025-12-17",{"date":262,"score":103,"percentile":263},"2025-12-18",0.00628,{"date":265,"score":103,"percentile":246},"2025-12-19",{"date":267,"score":103,"percentile":263},"2025-12-20",{"date":269,"score":103,"percentile":270},"2025-12-21",0.00627,{"date":272,"score":103,"percentile":263},"2025-12-22",{"date":274,"score":103,"percentile":246},"2025-12-23",{"date":276,"score":103,"percentile":243},"2025-12-24",{"date":278,"score":139,"percentile":279},"2025-12-25",0.00753,{"date":281,"score":139,"percentile":282},"2025-12-26",0.00756,{"date":284,"score":139,"percentile":279},"2025-12-27",{"date":286,"score":139,"percentile":287},"2025-12-28",0.00751,{"date":289,"score":139,"percentile":290},"2025-12-29",0.00748,{"date":292,"score":139,"percentile":293},"2025-12-30",0.00747,{"date":295,"score":139,"percentile":296},"2025-12-31",0.00743,{"date":298,"score":139,"percentile":299},"2026-01-01",0.00749,{"date":301,"score":103,"percentile":302},"2026-01-02",0.00643,{"date":304,"score":103,"percentile":305},"2026-01-03",0.00644,{"date":307,"score":103,"percentile":308},"2026-01-04",0.00633,{"date":310,"score":103,"percentile":311},"2026-01-05",0.00635,{"date":313,"score":103,"percentile":314},"2026-01-06",0.00637,{"date":316,"score":103,"percentile":311},"2026-01-07",{"date":318,"score":103,"percentile":319},"2026-01-08",0.00639,{"date":321,"score":103,"percentile":322},"2026-01-09",0.00645,{"date":324,"score":103,"percentile":325},"2026-01-10",0.00647,{"date":327,"score":103,"percentile":325},"2026-01-11",{"date":329,"score":103,"percentile":325},"2026-01-12",{"date":331,"score":103,"percentile":322},"2026-01-13",{"date":333,"score":103,"percentile":305},"2026-01-14",{"date":335,"score":103,"percentile":325},"2026-01-15",{"date":337,"score":103,"percentile":338},"2026-01-16",0.00646,{"date":340,"score":103,"percentile":338},"2026-01-17",{"date":342,"score":103,"percentile":343},"2026-01-18",0.00651,{"date":345,"score":103,"percentile":325},"2026-01-19",{"date":347,"score":103,"percentile":302},"2026-01-20",{"date":349,"score":103,"percentile":350},"2026-01-21",0.00641,{"date":352,"score":103,"percentile":353},"2026-01-22",0.00642,{"date":355,"score":103,"percentile":356},"2026-01-23",0.0065,{"date":358,"score":103,"percentile":359},"2026-01-24",0.00654,{"date":361,"score":103,"percentile":362},"2026-01-25",0.00655,{"date":364,"score":103,"percentile":362},"2026-01-26",{"date":366,"score":103,"percentile":367},"2026-01-27",0.00659,{"date":369,"score":103,"percentile":370},"2026-01-28",0.00657,{"date":372,"score":103,"percentile":373},"2026-01-29",0.00661,{"date":375,"score":103,"percentile":376},"2026-01-30",0.00673,{"date":378,"score":103,"percentile":379},"2026-01-31",0.00678,{"date":381,"score":103,"percentile":382},"2026-02-01",0.00681,[384],{"source":107,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":385,"cvss_v4_0":9},{"baseScore":105,"baseSeverity":386,"vectorString":108,"impactScore":387,"exploitabilityScore":388},"MEDIUM",6,4.6,[390,413],{"ecosystem":9,"name":391,"vendor":392,"product":392,"cpe_part":393,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":394},"Linux","linux","a",[395,402,405,408,411],{"version":396,"is_range":397,"range_type":113,"version_start":398,"version_start_type":399,"version_end":400,"version_end_type":401,"fixed_in":9},">= e50e5129f384ae282adebfb561189cdb19b81cee, \u003C 0752e7fb549d90c33b4d4186f11cfd25a556d1dd",true,"e50e5129f384ae282adebfb561189cdb19b81cee","including","0752e7fb549d90c33b4d4186f11cfd25a556d1dd","excluding",{"version":403,"is_range":397,"range_type":113,"version_start":398,"version_start_type":399,"version_end":404,"version_end_type":401,"fixed_in":9},">= e50e5129f384ae282adebfb561189cdb19b81cee, \u003C 737fb7853acd5bc8984f6f42e4bfba3334be8ae1","737fb7853acd5bc8984f6f42e4bfba3334be8ae1",{"version":406,"is_range":397,"range_type":113,"version_start":398,"version_start_type":399,"version_end":407,"version_end_type":401,"fixed_in":9},">= e50e5129f384ae282adebfb561189cdb19b81cee, \u003C 111103907234bffd0a34fba070ad9367de058752","111103907234bffd0a34fba070ad9367de058752",{"version":409,"is_range":397,"range_type":113,"version_start":398,"version_start_type":399,"version_end":410,"version_end_type":401,"fixed_in":9},">= e50e5129f384ae282adebfb561189cdb19b81cee, \u003C 0a46ef234756dca04623b7591e8ebb3440622f0b","0a46ef234756dca04623b7591e8ebb3440622f0b",{"version":412,"is_range":101,"range_type":113,"version_start":412,"version_start_type":399,"version_end":412,"version_end_type":399,"fixed_in":9},"4.13",{"ecosystem":9,"name":414,"vendor":392,"product":415,"cpe_part":416,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":417},"linux kernel","linux_kernel","o",[418,422,426],{"version":419,"is_range":397,"range_type":420,"version_start":9,"version_start_type":9,"version_end":421,"version_end_type":401,"fixed_in":9},"lt6.1.107","cpe","6.1.107",{"version":423,"is_range":397,"range_type":420,"version_start":424,"version_start_type":399,"version_end":425,"version_end_type":401,"fixed_in":9},"gte6.2_lt6.6.47","6.2","6.6.47",{"version":427,"is_range":397,"range_type":420,"version_start":428,"version_start_type":399,"version_end":429,"version_end_type":401,"fixed_in":9},"gte6.7_lt6.9.7","6.7","6.9.7"]