[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2024-49865":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-04T08:53:30.047Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":20,"aliases":21,"duplicate_of":9,"upstream":22,"downstream":23,"duplicates":56,"related":57,"reserved_at":9,"published_at":64,"modified_at":65,"state":66,"summary":67,"references_raw":76,"kevs":87,"epss":88,"epss_history":91,"metrics":363,"affected":369},"CVE-2024-49865","In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/xe/vm: move xa_alloc to prevent UAF\n\nEvil user can guess the next id of the vm before the ioctl completes and\nthen call vm destroy ioctl to trigger UAF since create ioctl is still\nreferencing the same vm. Move the xa_alloc all the way to the end to\nprevent this.\n\nv2:\n - Rebase\n\n(cherry picked from commit dcfd3971327f3ee92765154baebbaece833d3ca9)",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-416","Use After Free","The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory \"belongs\" to the code that operates on the new pointer.","weakness","Stable","Variant","High",[],[],[],[],[24,26,28,30,32,34,36,38,40,42,44,46,48,50,52,54],{"_key":25},"OPENSUSE-SU-2024:14500-1",{"_key":27},"OPENSUSE-SU-2025:14705-1",{"_key":29},"UBUNTU-CVE-2024-49865",{"_key":31},"DEBIAN-CVE-2024-49865",{"_key":33},"USN-7310-1",{"_key":35},"USN-7383-1",{"_key":37},"USN-7383-2",{"_key":39},"USN-7384-1",{"_key":41},"USN-7384-2",{"_key":43},"USN-7385-1",{"_key":45},"USN-7386-1",{"_key":47},"USN-7403-1",{"_key":49},"USN-7451-1",{"_key":51},"USN-7468-1",{"_key":53},"USN-7523-1",{"_key":55},"USN-7524-1",[],[58,60,62,63],{"_key":59},"USN-7276-1",{"_key":61},"USN-7277-1",{"_key":25},{"_key":27},"2024-10-21T18:01:08.620Z","2026-05-11T20:40:43.645Z","Analyzed",{"cisa_kev":68,"cisa_ransomware":68,"cisa_vendor":9,"epss_severity":69,"epss_score":70,"severity":71,"severity_score":72,"severity_version":73,"severity_source":74,"severity_vector":75,"severity_status":66},false,"low",0.00029,"high",7.8,"v3.1","nvd","CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",[77,83],{"url":78,"sources":79,"tags":81},"https://git.kernel.org/stable/c/09cf8901fc0225898311b375cfcc67bae37ed5da",[80,74],"cve.org",[82],"Patch",{"url":84,"sources":85,"tags":86},"https://git.kernel.org/stable/c/74231870cf4976f69e83aa24f48edb16619f652f",[80,74],[82],[],{"date":89,"score":70,"percentile":90},"2026-06-03",0.08715,[92,96,99,102,105,108,111,114,117,120,123,126,129,132,135,139,142,145,148,151,153,156,159,162,165,168,172,175,178,181,184,187,191,194,197,200,203,206,209,212,215,218,221,224,227,230,234,237,240,243,246,249,252,255,258,261,264,267,270,273,275,278,281,284,287,290,293,296,299,301,304,307,310,313,315,318,321,324,327,330,333,336,339,342,345,348,351,354,357,360],{"date":93,"score":94,"percentile":95},"2025-11-04",0.00049,0.15142,{"date":97,"score":94,"percentile":98},"2025-11-05",0.15172,{"date":100,"score":94,"percentile":101},"2025-11-06",0.15268,{"date":103,"score":94,"percentile":104},"2025-11-07",0.15291,{"date":106,"score":94,"percentile":107},"2025-11-08",0.153,{"date":109,"score":94,"percentile":110},"2025-11-09",0.15273,{"date":112,"score":94,"percentile":113},"2025-11-10",0.15231,{"date":115,"score":94,"percentile":116},"2025-11-11",0.15253,{"date":118,"score":94,"percentile":119},"2025-11-12",0.15299,{"date":121,"score":94,"percentile":122},"2025-11-13",0.15325,{"date":124,"score":94,"percentile":125},"2025-11-14",0.15326,{"date":127,"score":94,"percentile":128},"2025-11-15",0.15284,{"date":130,"score":94,"percentile":131},"2025-11-16",0.15266,{"date":133,"score":94,"percentile":134},"2025-11-17",0.15225,{"date":136,"score":137,"percentile":138},"2025-11-18",0.00068,0.16928,{"date":140,"score":137,"percentile":141},"2025-11-19",0.16946,{"date":143,"score":137,"percentile":144},"2025-11-20",0.16919,{"date":146,"score":94,"percentile":147},"2025-11-21",0.1526,{"date":149,"score":94,"percentile":150},"2025-11-22",0.15264,{"date":152,"score":94,"percentile":116},"2025-11-23",{"date":154,"score":94,"percentile":155},"2025-11-24",0.15217,{"date":157,"score":94,"percentile":158},"2025-11-25",0.1521,{"date":160,"score":94,"percentile":161},"2025-11-26",0.15198,{"date":163,"score":94,"percentile":164},"2025-11-27",0.15206,{"date":166,"score":94,"percentile":167},"2025-11-28",0.15186,{"date":169,"score":170,"percentile":171},"2025-11-29",0.00082,0.24294,{"date":173,"score":170,"percentile":174},"2025-11-30",0.24268,{"date":176,"score":170,"percentile":177},"2025-12-01",0.24313,{"date":179,"score":170,"percentile":180},"2025-12-02",0.24331,{"date":182,"score":170,"percentile":183},"2025-12-03",0.24342,{"date":185,"score":170,"percentile":186},"2025-12-04",0.24269,{"date":188,"score":189,"percentile":190},"2025-12-05",0.00034,0.09241,{"date":192,"score":189,"percentile":193},"2025-12-06",0.09257,{"date":195,"score":189,"percentile":196},"2025-12-07",0.09263,{"date":198,"score":189,"percentile":199},"2025-12-08",0.09269,{"date":201,"score":189,"percentile":202},"2025-12-09",0.09328,{"date":204,"score":189,"percentile":205},"2025-12-10",0.09408,{"date":207,"score":189,"percentile":208},"2025-12-11",0.09446,{"date":210,"score":189,"percentile":211},"2025-12-12",0.09472,{"date":213,"score":189,"percentile":214},"2025-12-13",0.09481,{"date":216,"score":189,"percentile":217},"2025-12-14",0.09473,{"date":219,"score":189,"percentile":220},"2025-12-15",0.09389,{"date":222,"score":189,"percentile":223},"2025-12-16",0.09374,{"date":225,"score":189,"percentile":226},"2025-12-17",0.09463,{"date":228,"score":189,"percentile":229},"2025-12-18",0.09516,{"date":231,"score":232,"percentile":233},"2025-12-19",0.0003,0.08268,{"date":235,"score":232,"percentile":236},"2025-12-20",0.0826,{"date":238,"score":232,"percentile":239},"2025-12-21",0.08196,{"date":241,"score":232,"percentile":242},"2025-12-22",0.0815,{"date":244,"score":232,"percentile":245},"2025-12-23",0.08167,{"date":247,"score":232,"percentile":248},"2025-12-24",0.08185,{"date":250,"score":232,"percentile":251},"2025-12-25",0.08262,{"date":253,"score":70,"percentile":254},"2025-12-26",0.07731,{"date":256,"score":70,"percentile":257},"2025-12-27",0.07719,{"date":259,"score":70,"percentile":260},"2025-12-28",0.07734,{"date":262,"score":70,"percentile":263},"2025-12-29",0.07714,{"date":265,"score":70,"percentile":266},"2025-12-30",0.07684,{"date":268,"score":70,"percentile":269},"2025-12-31",0.07715,{"date":271,"score":70,"percentile":272},"2026-01-01",0.07783,{"date":274,"score":70,"percentile":272},"2026-01-02",{"date":276,"score":70,"percentile":277},"2026-01-03",0.07788,{"date":279,"score":70,"percentile":280},"2026-01-04",0.07718,{"date":282,"score":70,"percentile":283},"2026-01-05",0.07667,{"date":285,"score":70,"percentile":286},"2026-01-06",0.07659,{"date":288,"score":70,"percentile":289},"2026-01-07",0.07691,{"date":291,"score":70,"percentile":292},"2026-01-08",0.07767,{"date":294,"score":70,"percentile":295},"2026-01-09",0.07777,{"date":297,"score":70,"percentile":298},"2026-01-10",0.078,{"date":300,"score":70,"percentile":277},"2026-01-11",{"date":302,"score":70,"percentile":303},"2026-01-12",0.07763,{"date":305,"score":70,"percentile":306},"2026-01-13",0.07737,{"date":308,"score":70,"percentile":309},"2026-01-14",0.07771,{"date":311,"score":70,"percentile":312},"2026-01-15",0.07769,{"date":314,"score":70,"percentile":277},"2026-01-16",{"date":316,"score":70,"percentile":317},"2026-01-17",0.07799,{"date":319,"score":70,"percentile":320},"2026-01-18",0.0778,{"date":322,"score":70,"percentile":323},"2026-01-19",0.07747,{"date":325,"score":70,"percentile":326},"2026-01-20",0.07707,{"date":328,"score":70,"percentile":329},"2026-01-21",0.07692,{"date":331,"score":70,"percentile":332},"2026-01-22",0.07677,{"date":334,"score":70,"percentile":335},"2026-01-23",0.07773,{"date":337,"score":70,"percentile":338},"2026-01-24",0.0782,{"date":340,"score":70,"percentile":341},"2026-01-25",0.07803,{"date":343,"score":70,"percentile":344},"2026-01-26",0.07768,{"date":346,"score":70,"percentile":347},"2026-01-27",0.07755,{"date":349,"score":70,"percentile":350},"2026-01-28",0.0772,{"date":352,"score":70,"percentile":353},"2026-01-29",0.07698,{"date":355,"score":70,"percentile":356},"2026-01-30",0.07709,{"date":358,"score":70,"percentile":359},"2026-01-31",0.07728,{"date":361,"score":70,"percentile":362},"2026-02-01",0.07756,[364],{"source":74,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":365,"cvss_v4_0":9},{"baseScore":72,"baseSeverity":366,"vectorString":75,"impactScore":367,"exploitabilityScore":368},"HIGH",9.8,4.6,[370,387],{"ecosystem":9,"name":371,"vendor":372,"product":372,"cpe_part":373,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":374},"Linux","linux","a",[375,382,385],{"version":376,"is_range":377,"range_type":80,"version_start":378,"version_start_type":379,"version_end":380,"version_end_type":381,"fixed_in":9},">= dd08ebf6c3525a7ea2186e636df064ea47281987, \u003C 09cf8901fc0225898311b375cfcc67bae37ed5da",true,"dd08ebf6c3525a7ea2186e636df064ea47281987","including","09cf8901fc0225898311b375cfcc67bae37ed5da","excluding",{"version":383,"is_range":377,"range_type":80,"version_start":378,"version_start_type":379,"version_end":384,"version_end_type":381,"fixed_in":9},">= dd08ebf6c3525a7ea2186e636df064ea47281987, \u003C 74231870cf4976f69e83aa24f48edb16619f652f","74231870cf4976f69e83aa24f48edb16619f652f",{"version":386,"is_range":68,"range_type":80,"version_start":386,"version_start_type":379,"version_end":386,"version_end_type":379,"fixed_in":9},"6.8",{"ecosystem":9,"name":388,"vendor":372,"product":389,"cpe_part":390,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":391},"linux kernel","linux_kernel","o",[392,396],{"version":393,"is_range":377,"range_type":394,"version_start":386,"version_start_type":379,"version_end":395,"version_end_type":381,"fixed_in":9},"gte6.8_lt6.11.3","cpe","6.11.3",{"version":397,"is_range":68,"range_type":394,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"6.12:rc1"]