[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2024-50047":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-04T08:53:30.047Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":20,"aliases":21,"duplicate_of":9,"upstream":22,"downstream":23,"duplicates":154,"related":155,"reserved_at":9,"published_at":190,"modified_at":191,"state":192,"summary":193,"references_raw":202,"kevs":237,"epss":238,"epss_history":241,"metrics":506,"affected":512},"CVE-2024-50047","In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix UAF in async decryption\n\nDoing an async decryption (large read) crashes with a\nslab-use-after-free way down in the crypto API.\n\nReproducer:\n    # mount.cifs -o ...,seal,esize=1 //srv/share /mnt\n    # dd if=/mnt/largefile of=/dev/null\n    ...\n    [  194.196391] ==================================================================\n    [  194.196844] BUG: KASAN: slab-use-after-free in gf128mul_4k_lle+0xc1/0x110\n    [  194.197269] Read of size 8 at addr ffff888112bd0448 by task kworker/u77:2/899\n    [  194.197707]\n    [  194.197818] CPU: 12 UID: 0 PID: 899 Comm: kworker/u77:2 Not tainted 6.11.0-lku-00028-gfca3ca14a17a-dirty #43\n    [  194.198400] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.16.2-3-gd478f380-prebuilt.qemu.org 04/01/2014\n    [  194.199046] Workqueue: smb3decryptd smb2_decrypt_offload [cifs]\n    [  194.200032] Call Trace:\n    [  194.200191]  \u003CTASK>\n    [  194.200327]  dump_stack_lvl+0x4e/0x70\n    [  194.200558]  ? gf128mul_4k_lle+0xc1/0x110\n    [  194.200809]  print_report+0x174/0x505\n    [  194.201040]  ? __pfx__raw_spin_lock_irqsave+0x10/0x10\n    [  194.201352]  ? srso_return_thunk+0x5/0x5f\n    [  194.201604]  ? __virt_addr_valid+0xdf/0x1c0\n    [  194.201868]  ? gf128mul_4k_lle+0xc1/0x110\n    [  194.202128]  kasan_report+0xc8/0x150\n    [  194.202361]  ? gf128mul_4k_lle+0xc1/0x110\n    [  194.202616]  gf128mul_4k_lle+0xc1/0x110\n    [  194.202863]  ghash_update+0x184/0x210\n    [  194.203103]  shash_ahash_update+0x184/0x2a0\n    [  194.203377]  ? __pfx_shash_ahash_update+0x10/0x10\n    [  194.203651]  ? srso_return_thunk+0x5/0x5f\n    [  194.203877]  ? crypto_gcm_init_common+0x1ba/0x340\n    [  194.204142]  gcm_hash_assoc_remain_continue+0x10a/0x140\n    [  194.204434]  crypt_message+0xec1/0x10a0 [cifs]\n    [  194.206489]  ? __pfx_crypt_message+0x10/0x10 [cifs]\n    [  194.208507]  ? srso_return_thunk+0x5/0x5f\n    [  194.209205]  ? srso_return_thunk+0x5/0x5f\n    [  194.209925]  ? srso_return_thunk+0x5/0x5f\n    [  194.210443]  ? srso_return_thunk+0x5/0x5f\n    [  194.211037]  decrypt_raw_data+0x15f/0x250 [cifs]\n    [  194.212906]  ? __pfx_decrypt_raw_data+0x10/0x10 [cifs]\n    [  194.214670]  ? srso_return_thunk+0x5/0x5f\n    [  194.215193]  smb2_decrypt_offload+0x12a/0x6c0 [cifs]\n\nThis is because TFM is being used in parallel.\n\nFix this by allocating a new AEAD TFM for async decryption, but keep\nthe existing one for synchronous READ cases (similar to what is done\nin smb3_calc_signature()).\n\nAlso remove the calls to aead_request_set_callback() and\ncrypto_wait_req() since it's always going to be a synchronous operation.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-416","Use After Free","The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory \"belongs\" to the code that operates on the new pointer.","weakness","Stable","Variant","High",[],[],[],[],[24,26,28,30,32,34,36,38,40,42,44,46,48,50,52,54,56,58,60,62,64,66,68,70,72,74,76,78,80,82,84,86,88,90,92,94,96,98,100,102,104,106,108,110,112,114,116,118,120,122,124,126,128,130,132,134,136,138,140,142,144,146,148,150,152],{"_key":25},"SUSE-SU-2024:4081-1",{"_key":27},"SUSE-SU-2024:4082-1",{"_key":29},"SUSE-SU-2024:4100-1",{"_key":31},"SUSE-SU-2024:4103-1",{"_key":33},"SUSE-SU-2024:4131-1",{"_key":35},"SUSE-SU-2024:4140-1",{"_key":37},"SUSE-SU-2024:4364-1",{"_key":39},"SUSE-SU-2024:4387-1",{"_key":41},"SUSE-SU-2025:0034-1",{"_key":43},"SUSE-SU-2025:0289-1",{"_key":45},"SUSE-SU-2024:3983-1",{"_key":47},"SUSE-SU-2024:3984-1",{"_key":49},"SUSE-SU-2024:3985-1",{"_key":51},"SUSE-SU-2024:3986-1",{"_key":53},"SUSE-SU-2024:4318-1",{"_key":55},"SUSE-SU-2025:0117-1",{"_key":57},"SUSE-SU-2025:0153-1",{"_key":59},"SUSE-SU-2025:0154-1",{"_key":61},"OPENSUSE-SU-2024:14500-1",{"_key":63},"OPENSUSE-SU-2025:14705-1",{"_key":65},"DLA-4076-1",{"_key":67},"DLA-4178-1",{"_key":69},"DSA-5860-1",{"_key":71},"SUSE-SU-2025:20163-1",{"_key":73},"SUSE-SU-2025:20164-1",{"_key":75},"SUSE-SU-2025:20165-1",{"_key":77},"SUSE-SU-2025:20166-1",{"_key":79},"SUSE-SU-2025:20246-1",{"_key":81},"SUSE-SU-2025:20247-1",{"_key":83},"SUSE-SU-2025:20248-1",{"_key":85},"SUSE-SU-2025:20249-1",{"_key":87},"MGASA-2024-0344",{"_key":89},"MGASA-2024-0345",{"_key":91},"LSN-0118-1",{"_key":93},"DEBIAN-CVE-2024-50047",{"_key":95},"RHSA-2025:6966",{"_key":97},"LSN-0113-1",{"_key":99},"LSN-0115-1",{"_key":101},"UBUNTU-CVE-2024-50047",{"_key":103},"USN-7608-1",{"_key":105},"USN-7608-2",{"_key":107},"USN-7608-3",{"_key":109},"USN-7608-4",{"_key":111},"USN-7608-5",{"_key":113},"USN-7608-6",{"_key":115},"USN-7608-7",{"_key":117},"USN-7655-1",{"_key":119},"USN-7671-1",{"_key":121},"USN-7671-2",{"_key":123},"USN-7671-3",{"_key":125},"USN-7686-1",{"_key":127},"USN-7712-1",{"_key":129},"USN-7712-2",{"_key":131},"USN-7310-1",{"_key":133},"USN-7383-1",{"_key":135},"USN-7383-2",{"_key":137},"USN-7384-1",{"_key":139},"USN-7384-2",{"_key":141},"USN-7385-1",{"_key":143},"USN-7386-1",{"_key":145},"USN-7403-1",{"_key":147},"USN-7451-1",{"_key":149},"USN-7468-1",{"_key":151},"USN-7523-1",{"_key":153},"USN-7524-1",[],[156,157,158,159,160,161,162,163,164,165,166,168,170,171,172,173,174,175,176,177,178,179,180,181,182,183,184,185,186,187,188,189],{"_key":25},{"_key":27},{"_key":29},{"_key":31},{"_key":33},{"_key":35},{"_key":37},{"_key":39},{"_key":41},{"_key":43},{"_key":167},"USN-7276-1",{"_key":169},"USN-7277-1",{"_key":45},{"_key":47},{"_key":49},{"_key":51},{"_key":53},{"_key":55},{"_key":57},{"_key":59},{"_key":61},{"_key":63},{"_key":71},{"_key":73},{"_key":75},{"_key":77},{"_key":79},{"_key":81},{"_key":83},{"_key":85},{"_key":87},{"_key":89},"2024-10-21T19:39:44.430Z","2026-05-11T20:44:28.155Z","Modified",{"cisa_kev":194,"cisa_ransomware":194,"cisa_vendor":9,"epss_severity":195,"epss_score":196,"severity":197,"severity_score":198,"severity_version":199,"severity_source":200,"severity_vector":201,"severity_status":192},false,"low",0.00019,"high",7.8,"v3.1","nvd","CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",[203,208,212,216,221,225,229,233],{"url":204,"sources":205,"tags":207},"https://git.kernel.org/stable/c/8f14a476abba13144df5434871a7225fd29af633",[206,200],"cve.org",[],{"url":209,"sources":210,"tags":211},"https://git.kernel.org/stable/c/ef51c0d544b1518b35364480317ab6d3468f205d",[206,200],[],{"url":213,"sources":214,"tags":215},"https://git.kernel.org/stable/c/bce966530fd5542bbb422cb45ecb775f7a1a6bc3",[206,200],[],{"url":217,"sources":218,"tags":219},"https://git.kernel.org/stable/c/0809fb86ad13b29e1d6d491364fc7ea4fb545995",[206,200],[220],"Patch",{"url":222,"sources":223,"tags":224},"https://git.kernel.org/stable/c/538c26d9bf70c90edc460d18c81008a4e555925a",[206,200],[220],{"url":226,"sources":227,"tags":228},"https://git.kernel.org/stable/c/b0abcd65ec545701b8793e12bc27dc98042b151a",[206,200],[220],{"url":230,"sources":231,"tags":232},"https://lists.debian.org/debian-lts-announce/2025/05/msg00030.html",[206,200],[],{"url":234,"sources":235,"tags":236},"https://lists.debian.org/debian-lts-announce/2025/03/msg00001.html",[206,200],[],[],{"date":239,"score":196,"percentile":240},"2026-06-03",0.05202,[242,246,249,252,255,258,261,264,267,269,272,275,278,281,284,288,291,294,297,300,303,306,309,311,314,317,320,323,326,329,332,335,338,341,344,347,350,353,356,359,362,365,368,371,374,377,380,382,385,388,391,393,396,399,403,406,409,412,415,418,421,424,427,430,433,436,439,442,445,448,451,453,456,459,462,464,467,470,473,476,479,482,485,488,491,493,496,498,501,504],{"date":243,"score":244,"percentile":245},"2025-11-04",0.00046,0.13786,{"date":247,"score":244,"percentile":248},"2025-11-05",0.13814,{"date":250,"score":244,"percentile":251},"2025-11-06",0.13904,{"date":253,"score":244,"percentile":254},"2025-11-07",0.13914,{"date":256,"score":244,"percentile":257},"2025-11-08",0.1392,{"date":259,"score":244,"percentile":260},"2025-11-09",0.1389,{"date":262,"score":244,"percentile":263},"2025-11-10",0.13862,{"date":265,"score":244,"percentile":266},"2025-11-11",0.13885,{"date":268,"score":244,"percentile":260},"2025-11-12",{"date":270,"score":244,"percentile":271},"2025-11-13",0.13917,{"date":273,"score":244,"percentile":274},"2025-11-14",0.13943,{"date":276,"score":244,"percentile":277},"2025-11-15",0.13911,{"date":279,"score":244,"percentile":280},"2025-11-16",0.13907,{"date":282,"score":244,"percentile":283},"2025-11-17",0.13877,{"date":285,"score":286,"percentile":287},"2025-11-18",0.00071,0.17706,{"date":289,"score":286,"percentile":290},"2025-11-19",0.17728,{"date":292,"score":286,"percentile":293},"2025-11-20",0.17702,{"date":295,"score":244,"percentile":296},"2025-11-21",0.13903,{"date":298,"score":244,"percentile":299},"2025-11-22",0.13896,{"date":301,"score":244,"percentile":302},"2025-11-23",0.13881,{"date":304,"score":244,"percentile":305},"2025-11-24",0.13844,{"date":307,"score":244,"percentile":308},"2025-11-25",0.13846,{"date":310,"score":244,"percentile":305},"2025-11-26",{"date":312,"score":244,"percentile":313},"2025-11-27",0.13843,{"date":315,"score":244,"percentile":316},"2025-11-28",0.13823,{"date":318,"score":196,"percentile":319},"2025-11-29",0.03814,{"date":321,"score":196,"percentile":322},"2025-11-30",0.03827,{"date":324,"score":196,"percentile":325},"2025-12-01",0.03925,{"date":327,"score":196,"percentile":328},"2025-12-02",0.03943,{"date":330,"score":196,"percentile":331},"2025-12-03",0.03956,{"date":333,"score":196,"percentile":334},"2025-12-04",0.03896,{"date":336,"score":196,"percentile":337},"2025-12-05",0.03959,{"date":339,"score":196,"percentile":340},"2025-12-06",0.03974,{"date":342,"score":196,"percentile":343},"2025-12-07",0.03977,{"date":345,"score":196,"percentile":346},"2025-12-08",0.03987,{"date":348,"score":196,"percentile":349},"2025-12-09",0.0404,{"date":351,"score":196,"percentile":352},"2025-12-10",0.04078,{"date":354,"score":196,"percentile":355},"2025-12-11",0.04071,{"date":357,"score":196,"percentile":358},"2025-12-12",0.04083,{"date":360,"score":196,"percentile":361},"2025-12-13",0.04109,{"date":363,"score":196,"percentile":364},"2025-12-14",0.04094,{"date":366,"score":196,"percentile":367},"2025-12-15",0.04046,{"date":369,"score":196,"percentile":370},"2025-12-16",0.04059,{"date":372,"score":196,"percentile":373},"2025-12-17",0.04112,{"date":375,"score":196,"percentile":376},"2025-12-18",0.04144,{"date":378,"score":196,"percentile":379},"2025-12-19",0.04124,{"date":381,"score":196,"percentile":379},"2025-12-20",{"date":383,"score":196,"percentile":384},"2025-12-21",0.04151,{"date":386,"score":196,"percentile":387},"2025-12-22",0.04097,{"date":389,"score":196,"percentile":390},"2025-12-23",0.04106,{"date":392,"score":196,"percentile":379},"2025-12-24",{"date":394,"score":196,"percentile":395},"2025-12-25",0.04169,{"date":397,"score":196,"percentile":398},"2025-12-26",0.04168,{"date":400,"score":401,"percentile":402},"2025-12-27",0.0002,0.0475,{"date":404,"score":196,"percentile":405},"2025-12-28",0.04171,{"date":407,"score":196,"percentile":408},"2025-12-29",0.04163,{"date":410,"score":196,"percentile":411},"2025-12-30",0.04099,{"date":413,"score":196,"percentile":414},"2025-12-31",0.04121,{"date":416,"score":196,"percentile":417},"2026-01-01",0.04207,{"date":419,"score":196,"percentile":420},"2026-01-02",0.04209,{"date":422,"score":196,"percentile":423},"2026-01-03",0.04196,{"date":425,"score":196,"percentile":426},"2026-01-04",0.04086,{"date":428,"score":196,"percentile":429},"2026-01-05",0.04042,{"date":431,"score":196,"percentile":432},"2026-01-06",0.04043,{"date":434,"score":196,"percentile":435},"2026-01-07",0.04062,{"date":437,"score":196,"percentile":438},"2026-01-08",0.04096,{"date":440,"score":196,"percentile":441},"2026-01-09",0.04102,{"date":443,"score":196,"percentile":444},"2026-01-10",0.04114,{"date":446,"score":196,"percentile":447},"2026-01-11",0.04093,{"date":449,"score":196,"percentile":450},"2026-01-12",0.04091,{"date":452,"score":196,"percentile":358},"2026-01-13",{"date":454,"score":196,"percentile":455},"2026-01-14",0.04126,{"date":457,"score":196,"percentile":458},"2026-01-15",0.04053,{"date":460,"score":196,"percentile":461},"2026-01-16",0.04024,{"date":463,"score":196,"percentile":461},"2026-01-17",{"date":465,"score":196,"percentile":466},"2026-01-18",0.03999,{"date":468,"score":196,"percentile":469},"2026-01-19",0.03949,{"date":471,"score":196,"percentile":472},"2026-01-20",0.0391,{"date":474,"score":196,"percentile":475},"2026-01-21",0.03897,{"date":477,"score":196,"percentile":478},"2026-01-22",0.03901,{"date":480,"score":196,"percentile":481},"2026-01-23",0.03952,{"date":483,"score":196,"percentile":484},"2026-01-24",0.03993,{"date":486,"score":196,"percentile":487},"2026-01-25",0.0398,{"date":489,"score":196,"percentile":490},"2026-01-26",0.03969,{"date":492,"score":196,"percentile":481},"2026-01-27",{"date":494,"score":196,"percentile":495},"2026-01-28",0.03933,{"date":497,"score":196,"percentile":469},"2026-01-29",{"date":499,"score":196,"percentile":500},"2026-01-30",0.0395,{"date":502,"score":196,"percentile":503},"2026-01-31",0.03935,{"date":505,"score":196,"percentile":429},"2026-02-01",[507],{"source":200,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":508,"cvss_v4_0":9},{"baseScore":198,"baseSeverity":509,"vectorString":201,"impactScore":510,"exploitabilityScore":511},"HIGH",9.8,4.6,[513,542],{"ecosystem":9,"name":514,"vendor":515,"product":515,"cpe_part":516,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":517},"Linux","linux","a",[518,525,528,531,534,537,540],{"version":519,"is_range":520,"range_type":206,"version_start":521,"version_start_type":522,"version_end":523,"version_end_type":524,"fixed_in":9},">= 35cf94a397280b9e27576ac1480f631bdd3e7b70, \u003C 8f14a476abba13144df5434871a7225fd29af633",true,"35cf94a397280b9e27576ac1480f631bdd3e7b70","including","8f14a476abba13144df5434871a7225fd29af633","excluding",{"version":526,"is_range":520,"range_type":206,"version_start":521,"version_start_type":522,"version_end":527,"version_end_type":524,"fixed_in":9},">= 35cf94a397280b9e27576ac1480f631bdd3e7b70, \u003C ef51c0d544b1518b35364480317ab6d3468f205d","ef51c0d544b1518b35364480317ab6d3468f205d",{"version":529,"is_range":520,"range_type":206,"version_start":521,"version_start_type":522,"version_end":530,"version_end_type":524,"fixed_in":9},">= 35cf94a397280b9e27576ac1480f631bdd3e7b70, \u003C bce966530fd5542bbb422cb45ecb775f7a1a6bc3","bce966530fd5542bbb422cb45ecb775f7a1a6bc3",{"version":532,"is_range":520,"range_type":206,"version_start":521,"version_start_type":522,"version_end":533,"version_end_type":524,"fixed_in":9},">= 35cf94a397280b9e27576ac1480f631bdd3e7b70, \u003C 0809fb86ad13b29e1d6d491364fc7ea4fb545995","0809fb86ad13b29e1d6d491364fc7ea4fb545995",{"version":535,"is_range":520,"range_type":206,"version_start":521,"version_start_type":522,"version_end":536,"version_end_type":524,"fixed_in":9},">= 35cf94a397280b9e27576ac1480f631bdd3e7b70, \u003C 538c26d9bf70c90edc460d18c81008a4e555925a","538c26d9bf70c90edc460d18c81008a4e555925a",{"version":538,"is_range":520,"range_type":206,"version_start":521,"version_start_type":522,"version_end":539,"version_end_type":524,"fixed_in":9},">= 35cf94a397280b9e27576ac1480f631bdd3e7b70, \u003C b0abcd65ec545701b8793e12bc27dc98042b151a","b0abcd65ec545701b8793e12bc27dc98042b151a",{"version":541,"is_range":194,"range_type":206,"version_start":541,"version_start_type":522,"version_end":541,"version_end_type":522,"fixed_in":9},"5.4",{"ecosystem":9,"name":543,"vendor":515,"product":544,"cpe_part":545,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":546},"linux kernel","linux_kernel","o",[547,551],{"version":548,"is_range":520,"range_type":549,"version_start":9,"version_start_type":9,"version_end":550,"version_end_type":524,"fixed_in":9},"lt6.6.57","cpe","6.6.57",{"version":552,"is_range":520,"range_type":549,"version_start":553,"version_start_type":522,"version_end":554,"version_end_type":524,"fixed_in":9},"gte6.7_lt6.11.4","6.7","6.11.4"]