[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2024-41014":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-04T08:53:30.047Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":23,"aliases":24,"duplicate_of":9,"upstream":25,"downstream":26,"duplicates":107,"related":108,"reserved_at":9,"published_at":120,"modified_at":121,"state":122,"summary":123,"references_raw":132,"kevs":152,"epss":153,"epss_history":156,"metrics":410,"affected":416},"CVE-2024-41014","In the Linux kernel, the following vulnerability has been resolved:\n\nxfs: add bounds checking to xlog_recover_process_data\n\nThere is a lack of verification of the space occupied by fixed members\nof xlog_op_header in the xlog_recover_process_data.\n\nWe can create a crafted image to trigger an out of bounds read by\nfollowing these steps:\n    1) Mount an image of xfs, and do some file operations to leave records\n    2) Before umounting, copy the image for subsequent steps to simulate\n       abnormal exit. Because umount will ensure that tail_blk and\n       head_blk are the same, which will result in the inability to enter\n       xlog_recover_process_data\n    3) Write a tool to parse and modify the copied image in step 2\n    4) Make the end of the xlog_op_header entries only 1 byte away from\n       xlog_rec_header->h_size\n    5) xlog_rec_header->h_num_logops++\n    6) Modify xlog_rec_header->h_crc\n\nFix:\nAdd a check to make sure there is sufficient space to access fixed members\nof xlog_op_header.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":9,"capec":18},"CWE-125","Out-of-bounds Read","The product reads data past the end, or before the beginning, of the intended buffer.","weakness","Draft","Base",[19],{"id":20,"name":21,"techniques":22},"CAPEC-540","Overread Buffers",[],[],[],[],[27,29,31,33,35,37,39,41,43,45,47,49,51,53,55,57,59,61,63,65,67,69,71,73,75,77,79,81,83,85,87,89,91,93,95,97,99,101,103,105],{"_key":28},"SUSE-SU-2024:2802-1",{"_key":30},"SUSE-SU-2024:2894-1",{"_key":32},"SUSE-SU-2024:2892-1",{"_key":34},"SUSE-SU-2024:2901-1",{"_key":36},"SUSE-SU-2024:2940-1",{"_key":38},"SUSE-SU-2024:2896-1",{"_key":40},"SUSE-SU-2024:2939-1",{"_key":42},"SUSE-SU-2024:2947-1",{"_key":44},"SUSE-SU-2024:2973-1",{"_key":46},"DLA-4076-1",{"_key":48},"SUSE-SU-2025:20008-1",{"_key":50},"SUSE-SU-2025:20028-1",{"_key":52},"DEBIAN-CVE-2024-41014",{"_key":54},"RHSA-2024:10262",{"_key":56},"RHSA-2024:10772",{"_key":58},"RHSA-2024:10773",{"_key":60},"RHSA-2024:6297",{"_key":62},"RHSA-2024:7000",{"_key":64},"RHSA-2024:7001",{"_key":66},"RHSA-2024:8617",{"_key":68},"USN-8096-1",{"_key":70},"USN-8096-2",{"_key":72},"USN-8096-3",{"_key":74},"USN-8096-4",{"_key":76},"USN-8096-5",{"_key":78},"USN-8116-1",{"_key":80},"USN-8141-1",{"_key":82},"USN-8163-1",{"_key":84},"USN-8163-2",{"_key":86},"USN-8243-1",{"_key":88},"UBUNTU-CVE-2024-41014",{"_key":90},"USN-7449-1",{"_key":92},"USN-7449-2",{"_key":94},"USN-7450-1",{"_key":96},"USN-7451-1",{"_key":98},"USN-7452-1",{"_key":100},"USN-7453-1",{"_key":102},"USN-7468-1",{"_key":104},"USN-7523-1",{"_key":106},"USN-7524-1",[],[109,110,111,112,113,114,115,116,117,118,119],{"_key":28},{"_key":30},{"_key":32},{"_key":34},{"_key":36},{"_key":38},{"_key":40},{"_key":42},{"_key":44},{"_key":48},{"_key":50},"2024-07-29T06:37:00.826Z","2026-05-11T20:24:29.717Z","Modified",{"cisa_kev":124,"cisa_ransomware":124,"cisa_vendor":9,"epss_severity":125,"epss_score":126,"severity":127,"severity_score":128,"severity_version":129,"severity_source":130,"severity_vector":131,"severity_status":122},false,"low",0.00015,"high",7.1,"v3.1","nvd","CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",[133,140,144,148],{"url":134,"sources":135,"tags":137},"https://git.kernel.org/stable/c/d1e3efe783365db59da88f08a2e0bfe1cc95b143",[136,130],"cve.org",[138,139],"Mailing List","Patch",{"url":141,"sources":142,"tags":143},"https://git.kernel.org/stable/c/7cd9f0a33e738cd58876f1bc8d6c1aa5bc4fc8c1",[136,130],[138,139],{"url":145,"sources":146,"tags":147},"https://git.kernel.org/stable/c/fb63435b7c7dc112b1ae1baea5486e0a6e27b196",[136,130],[138,139],{"url":149,"sources":150,"tags":151},"https://lists.debian.org/debian-lts-announce/2025/03/msg00001.html",[136,130],[],[],{"date":154,"score":126,"percentile":155},"2026-06-03",0.0352,[157,161,164,167,170,173,176,179,182,185,188,191,194,197,200,204,207,210,213,216,219,222,225,228,230,233,235,238,241,244,247,249,252,255,258,260,263,266,269,272,275,278,281,283,286,288,291,294,297,300,302,305,308,311,314,316,319,321,324,327,330,332,334,336,339,342,344,347,350,353,356,359,362,364,367,370,373,376,378,381,383,385,387,390,393,396,398,401,404,407],{"date":158,"score":159,"percentile":160},"2025-11-04",0.00014,0.01785,{"date":162,"score":159,"percentile":163},"2025-11-05",0.0181,{"date":165,"score":159,"percentile":166},"2025-11-06",0.01828,{"date":168,"score":159,"percentile":169},"2025-11-07",0.01835,{"date":171,"score":159,"percentile":172},"2025-11-08",0.01836,{"date":174,"score":159,"percentile":175},"2025-11-09",0.01837,{"date":177,"score":159,"percentile":178},"2025-11-10",0.01821,{"date":180,"score":159,"percentile":181},"2025-11-11",0.0183,{"date":183,"score":159,"percentile":184},"2025-11-12",0.01841,{"date":186,"score":159,"percentile":187},"2025-11-13",0.01858,{"date":189,"score":159,"percentile":190},"2025-11-14",0.0186,{"date":192,"score":159,"percentile":193},"2025-11-15",0.0188,{"date":195,"score":159,"percentile":196},"2025-11-16",0.01883,{"date":198,"score":159,"percentile":199},"2025-11-17",0.01872,{"date":201,"score":202,"percentile":203},"2025-11-18",0.00074,0.18493,{"date":205,"score":202,"percentile":206},"2025-11-19",0.18513,{"date":208,"score":202,"percentile":209},"2025-11-20",0.18495,{"date":211,"score":159,"percentile":212},"2025-11-21",0.01933,{"date":214,"score":159,"percentile":215},"2025-11-22",0.01931,{"date":217,"score":159,"percentile":218},"2025-11-23",0.01928,{"date":220,"score":159,"percentile":221},"2025-11-24",0.01915,{"date":223,"score":159,"percentile":224},"2025-11-25",0.01909,{"date":226,"score":159,"percentile":227},"2025-11-26",0.01871,{"date":229,"score":159,"percentile":227},"2025-11-27",{"date":231,"score":159,"percentile":232},"2025-11-28",0.01868,{"date":234,"score":159,"percentile":221},"2025-11-29",{"date":236,"score":159,"percentile":237},"2025-11-30",0.01923,{"date":239,"score":159,"percentile":240},"2025-12-01",0.01958,{"date":242,"score":159,"percentile":243},"2025-12-02",0.01957,{"date":245,"score":159,"percentile":246},"2025-12-03",0.01966,{"date":248,"score":159,"percentile":215},"2025-12-04",{"date":250,"score":159,"percentile":251},"2025-12-05",0.01945,{"date":253,"score":159,"percentile":254},"2025-12-06",0.01949,{"date":256,"score":159,"percentile":257},"2025-12-07",0.01946,{"date":259,"score":159,"percentile":257},"2025-12-08",{"date":261,"score":159,"percentile":262},"2025-12-09",0.01963,{"date":264,"score":159,"percentile":265},"2025-12-10",0.01991,{"date":267,"score":159,"percentile":268},"2025-12-11",0.01986,{"date":270,"score":159,"percentile":271},"2025-12-12",0.01992,{"date":273,"score":159,"percentile":274},"2025-12-13",0.01974,{"date":276,"score":159,"percentile":277},"2025-12-14",0.01977,{"date":279,"score":159,"percentile":280},"2025-12-15",0.01969,{"date":282,"score":159,"percentile":246},"2025-12-16",{"date":284,"score":159,"percentile":285},"2025-12-17",0.0198,{"date":287,"score":159,"percentile":277},"2025-12-18",{"date":289,"score":159,"percentile":290},"2025-12-19",0.01978,{"date":292,"score":159,"percentile":293},"2025-12-20",0.01979,{"date":295,"score":159,"percentile":296},"2025-12-21",0.0199,{"date":298,"score":159,"percentile":299},"2025-12-22",0.01988,{"date":301,"score":159,"percentile":299},"2025-12-23",{"date":303,"score":159,"percentile":304},"2025-12-24",0.01996,{"date":306,"score":159,"percentile":307},"2025-12-25",0.02003,{"date":309,"score":159,"percentile":310},"2025-12-26",0.02004,{"date":312,"score":126,"percentile":313},"2025-12-27",0.02572,{"date":315,"score":159,"percentile":310},"2025-12-28",{"date":317,"score":159,"percentile":318},"2025-12-29",0.01995,{"date":320,"score":159,"percentile":296},"2025-12-30",{"date":322,"score":159,"percentile":323},"2025-12-31",0.01987,{"date":325,"score":159,"percentile":326},"2026-01-01",0.02012,{"date":328,"score":159,"percentile":329},"2026-01-02",0.02006,{"date":331,"score":159,"percentile":326},"2026-01-03",{"date":333,"score":159,"percentile":274},"2026-01-04",{"date":335,"score":159,"percentile":293},"2026-01-05",{"date":337,"score":159,"percentile":338},"2026-01-06",0.01976,{"date":340,"score":159,"percentile":341},"2026-01-07",0.01994,{"date":343,"score":159,"percentile":326},"2026-01-08",{"date":345,"score":159,"percentile":346},"2026-01-09",0.02028,{"date":348,"score":159,"percentile":349},"2026-01-10",0.02043,{"date":351,"score":159,"percentile":352},"2026-01-11",0.02031,{"date":354,"score":159,"percentile":355},"2026-01-12",0.0203,{"date":357,"score":159,"percentile":358},"2026-01-13",0.02021,{"date":360,"score":159,"percentile":361},"2026-01-14",0.02029,{"date":363,"score":159,"percentile":358},"2026-01-15",{"date":365,"score":159,"percentile":366},"2026-01-16",0.02024,{"date":368,"score":159,"percentile":369},"2026-01-17",0.02026,{"date":371,"score":159,"percentile":372},"2026-01-18",0.02036,{"date":374,"score":159,"percentile":375},"2026-01-19",0.02025,{"date":377,"score":159,"percentile":326},"2026-01-20",{"date":379,"score":159,"percentile":380},"2026-01-21",0.02009,{"date":382,"score":159,"percentile":307},"2026-01-22",{"date":384,"score":159,"percentile":326},"2026-01-23",{"date":386,"score":159,"percentile":369},"2026-01-24",{"date":388,"score":159,"percentile":389},"2026-01-25",0.02019,{"date":391,"score":159,"percentile":392},"2026-01-26",0.02018,{"date":394,"score":159,"percentile":395},"2026-01-27",0.02016,{"date":397,"score":159,"percentile":392},"2026-01-28",{"date":399,"score":159,"percentile":400},"2026-01-29",0.02035,{"date":402,"score":159,"percentile":403},"2026-01-30",0.02037,{"date":405,"score":159,"percentile":406},"2026-01-31",0.02057,{"date":408,"score":159,"percentile":409},"2026-02-01",0.02086,[411],{"source":130,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":412,"cvss_v4_0":9},{"baseScore":128,"baseSeverity":413,"vectorString":131,"impactScore":414,"exploitabilityScore":415},"HIGH",8.7,4.6,[417,437],{"ecosystem":9,"name":418,"vendor":419,"product":419,"cpe_part":420,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":421},"Linux","linux","a",[422,429,432,435],{"version":423,"is_range":424,"range_type":136,"version_start":425,"version_start_type":426,"version_end":427,"version_end_type":428,"fixed_in":9},">= 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2, \u003C d1e3efe783365db59da88f08a2e0bfe1cc95b143",true,"1da177e4c3f41524e886b7f1b8a0c1fc7321cac2","including","d1e3efe783365db59da88f08a2e0bfe1cc95b143","excluding",{"version":430,"is_range":424,"range_type":136,"version_start":425,"version_start_type":426,"version_end":431,"version_end_type":428,"fixed_in":9},">= 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2, \u003C 7cd9f0a33e738cd58876f1bc8d6c1aa5bc4fc8c1","7cd9f0a33e738cd58876f1bc8d6c1aa5bc4fc8c1",{"version":433,"is_range":424,"range_type":136,"version_start":425,"version_start_type":426,"version_end":434,"version_end_type":428,"fixed_in":9},">= 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2, \u003C fb63435b7c7dc112b1ae1baea5486e0a6e27b196","fb63435b7c7dc112b1ae1baea5486e0a6e27b196",{"version":436,"is_range":124,"range_type":136,"version_start":436,"version_start_type":426,"version_end":436,"version_end_type":426,"fixed_in":9},"2.6.12",{"ecosystem":9,"name":438,"vendor":419,"product":439,"cpe_part":440,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":441},"linux kernel","linux_kernel","o",[442,446,450],{"version":443,"is_range":424,"range_type":444,"version_start":9,"version_start_type":9,"version_end":445,"version_end_type":428,"fixed_in":9},"lt6.1.120","cpe","6.1.120",{"version":447,"is_range":424,"range_type":444,"version_start":448,"version_start_type":426,"version_end":449,"version_end_type":428,"fixed_in":9},"gte6.2_lt6.6.64","6.2","6.6.64",{"version":451,"is_range":424,"range_type":444,"version_start":452,"version_start_type":426,"version_end":453,"version_end_type":428,"fixed_in":9},"gte6.7_lt6.11","6.7","6.11"]