[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2024-50110":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-04T08:53:30.047Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":20,"aliases":21,"duplicate_of":9,"upstream":22,"downstream":23,"duplicates":116,"related":117,"reserved_at":9,"published_at":137,"modified_at":138,"state":139,"summary":140,"references_raw":149,"kevs":176,"epss":177,"epss_history":180,"metrics":437,"affected":445},"CVE-2024-50110","In the Linux kernel, the following vulnerability has been resolved:\n\nxfrm: fix one more kernel-infoleak in algo dumping\n\nDuring fuzz testing, the following issue was discovered:\n\nBUG: KMSAN: kernel-infoleak in _copy_to_iter+0x598/0x2a30\n _copy_to_iter+0x598/0x2a30\n __skb_datagram_iter+0x168/0x1060\n skb_copy_datagram_iter+0x5b/0x220\n netlink_recvmsg+0x362/0x1700\n sock_recvmsg+0x2dc/0x390\n __sys_recvfrom+0x381/0x6d0\n __x64_sys_recvfrom+0x130/0x200\n x64_sys_call+0x32c8/0x3cc0\n do_syscall_64+0xd8/0x1c0\n entry_SYSCALL_64_after_hwframe+0x79/0x81\n\nUninit was stored to memory at:\n copy_to_user_state_extra+0xcc1/0x1e00\n dump_one_state+0x28c/0x5f0\n xfrm_state_walk+0x548/0x11e0\n xfrm_dump_sa+0x1e0/0x840\n netlink_dump+0x943/0x1c40\n __netlink_dump_start+0x746/0xdb0\n xfrm_user_rcv_msg+0x429/0xc00\n netlink_rcv_skb+0x613/0x780\n xfrm_netlink_rcv+0x77/0xc0\n netlink_unicast+0xe90/0x1280\n netlink_sendmsg+0x126d/0x1490\n __sock_sendmsg+0x332/0x3d0\n ____sys_sendmsg+0x863/0xc30\n ___sys_sendmsg+0x285/0x3e0\n __x64_sys_sendmsg+0x2d6/0x560\n x64_sys_call+0x1316/0x3cc0\n do_syscall_64+0xd8/0x1c0\n entry_SYSCALL_64_after_hwframe+0x79/0x81\n\nUninit was created at:\n __kmalloc+0x571/0xd30\n attach_auth+0x106/0x3e0\n xfrm_add_sa+0x2aa0/0x4230\n xfrm_user_rcv_msg+0x832/0xc00\n netlink_rcv_skb+0x613/0x780\n xfrm_netlink_rcv+0x77/0xc0\n netlink_unicast+0xe90/0x1280\n netlink_sendmsg+0x126d/0x1490\n __sock_sendmsg+0x332/0x3d0\n ____sys_sendmsg+0x863/0xc30\n ___sys_sendmsg+0x285/0x3e0\n __x64_sys_sendmsg+0x2d6/0x560\n x64_sys_call+0x1316/0x3cc0\n do_syscall_64+0xd8/0x1c0\n entry_SYSCALL_64_after_hwframe+0x79/0x81\n\nBytes 328-379 of 732 are uninitialized\nMemory access of size 732 starts at ffff88800e18e000\nData copied to user address 00007ff30f48aff0\n\nCPU: 2 PID: 18167 Comm: syz-executor.0 Not tainted 6.8.11 #1\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.15.0-1 04/01/2014\n\nFixes copying of xfrm algorithms where some random\ndata of the structure fields can end up in userspace.\nPadding in structures may be filled with random (possibly sensitve)\ndata and should never be given directly to user-space.\n\nA similar issue was resolved in the commit\n8222d5910dae (\"xfrm: Zero padding when dumping algos and encap\")\n\nFound by Linux Verification Center (linuxtesting.org) with Syzkaller.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-908","Use of Uninitialized Resource","The product uses or accesses a resource that has not been initialized.","weakness","Incomplete","Base","Medium",[],[],[],[],[24,26,28,30,32,34,36,38,40,42,44,46,48,50,52,54,56,58,60,62,64,66,68,70,72,74,76,78,80,82,84,86,88,90,92,94,96,98,100,102,104,106,108,110,112,114],{"_key":25},"SUSE-SU-2024:4364-1",{"_key":27},"SUSE-SU-2024:4387-1",{"_key":29},"SUSE-SU-2024:4314-1",{"_key":31},"SUSE-SU-2024:4315-1",{"_key":33},"SUSE-SU-2024:4316-1",{"_key":35},"SUSE-SU-2024:4318-1",{"_key":37},"SUSE-SU-2024:4376-1",{"_key":39},"OPENSUSE-SU-2024:14500-1",{"_key":41},"OPENSUSE-SU-2025:14705-1",{"_key":43},"DLA-4008-1",{"_key":45},"RHSA-2024:10943",{"_key":47},"RHSA-2024:10944",{"_key":49},"SUSE-SU-2025:20163-1",{"_key":51},"SUSE-SU-2025:20164-1",{"_key":53},"SUSE-SU-2025:20246-1",{"_key":55},"SUSE-SU-2025:20247-1",{"_key":57},"MGASA-2024-0368",{"_key":59},"MGASA-2024-0369",{"_key":61},"DEBIAN-CVE-2024-50110",{"_key":63},"RHSA-2024:11486",{"_key":65},"RHSA-2025:1658",{"_key":67},"UBUNTU-CVE-2024-50110",{"_key":69},"USN-7288-1",{"_key":71},"USN-7288-2",{"_key":73},"USN-7289-1",{"_key":75},"USN-7289-2",{"_key":77},"USN-7289-3",{"_key":79},"USN-7289-4",{"_key":81},"USN-7291-1",{"_key":83},"USN-7305-1",{"_key":85},"USN-7308-1",{"_key":87},"USN-7310-1",{"_key":89},"USN-7331-1",{"_key":91},"USN-7388-1",{"_key":93},"USN-7389-1",{"_key":95},"USN-7390-1",{"_key":97},"USN-7449-1",{"_key":99},"USN-7449-2",{"_key":101},"USN-7450-1",{"_key":103},"USN-7451-1",{"_key":105},"USN-7452-1",{"_key":107},"USN-7453-1",{"_key":109},"USN-7458-1",{"_key":111},"USN-7468-1",{"_key":113},"USN-7523-1",{"_key":115},"USN-7524-1",[],[118,119,120,122,124,125,126,127,128,129,130,131,132,133,134,135,136],{"_key":25},{"_key":27},{"_key":121},"USN-7276-1",{"_key":123},"USN-7277-1",{"_key":29},{"_key":31},{"_key":33},{"_key":35},{"_key":37},{"_key":39},{"_key":41},{"_key":49},{"_key":51},{"_key":53},{"_key":55},{"_key":57},{"_key":59},"2024-11-05T17:10:43.325Z","2026-05-11T20:45:36.880Z","Modified",{"cisa_kev":141,"cisa_ransomware":141,"cisa_vendor":9,"epss_severity":142,"epss_score":143,"severity":144,"severity_score":145,"severity_version":146,"severity_source":147,"severity_vector":148,"severity_status":139},false,"low",0.00008,"medium",5.5,"v3.1","cve.org","CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",[150,156,160,164,168,172],{"url":151,"sources":152,"tags":154},"https://git.kernel.org/stable/c/610d4cea9b442b22b4820695fc3335e64849725e",[147,153],"nvd",[155],"Patch",{"url":157,"sources":158,"tags":159},"https://git.kernel.org/stable/c/dc2ad8e8818e4bf1a93db78d81745b4877b32972",[147,153],[155],{"url":161,"sources":162,"tags":163},"https://git.kernel.org/stable/c/c73bca72b84b453c8d26a5e7673b20adb294bf54",[147,153],[155],{"url":165,"sources":166,"tags":167},"https://git.kernel.org/stable/c/1e8fbd2441cb2ea28d6825f2985bf7d84af060bb",[147,153],[155],{"url":169,"sources":170,"tags":171},"https://git.kernel.org/stable/c/6889cd2a93e1e3606b3f6e958aa0924e836de4d2",[147,153],[155],{"url":173,"sources":174,"tags":175},"https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html",[147,153],[],[],{"date":178,"score":143,"percentile":179},"2026-06-03",0.00857,[181,185,188,191,194,197,200,203,206,209,211,213,216,219,222,226,229,232,234,237,240,243,246,249,252,255,258,261,264,267,270,273,277,280,283,286,289,292,295,298,301,305,308,311,314,317,321,323,326,328,330,333,336,339,342,344,347,350,353,355,358,361,364,366,369,371,373,376,379,381,384,387,390,392,395,397,400,402,404,406,408,411,414,416,419,422,425,428,431,434],{"date":182,"score":183,"percentile":184},"2025-11-04",0.00045,0.13413,{"date":186,"score":183,"percentile":187},"2025-11-05",0.1344,{"date":189,"score":183,"percentile":190},"2025-11-06",0.13528,{"date":192,"score":183,"percentile":193},"2025-11-07",0.13539,{"date":195,"score":183,"percentile":196},"2025-11-08",0.13544,{"date":198,"score":183,"percentile":199},"2025-11-09",0.13513,{"date":201,"score":183,"percentile":202},"2025-11-10",0.1348,{"date":204,"score":183,"percentile":205},"2025-11-11",0.13498,{"date":207,"score":183,"percentile":208},"2025-11-12",0.13486,{"date":210,"score":183,"percentile":199},"2025-11-13",{"date":212,"score":183,"percentile":193},"2025-11-14",{"date":214,"score":183,"percentile":215},"2025-11-15",0.13518,{"date":217,"score":183,"percentile":218},"2025-11-16",0.13515,{"date":220,"score":183,"percentile":221},"2025-11-17",0.1349,{"date":223,"score":224,"percentile":225},"2025-11-18",0.00067,0.1651,{"date":227,"score":224,"percentile":228},"2025-11-19",0.16521,{"date":230,"score":224,"percentile":231},"2025-11-20",0.16494,{"date":233,"score":183,"percentile":199},"2025-11-21",{"date":235,"score":183,"percentile":236},"2025-11-22",0.13505,{"date":238,"score":183,"percentile":239},"2025-11-23",0.13485,{"date":241,"score":183,"percentile":242},"2025-11-24",0.13446,{"date":244,"score":183,"percentile":245},"2025-11-25",0.13447,{"date":247,"score":183,"percentile":248},"2025-11-26",0.13442,{"date":250,"score":183,"percentile":251},"2025-11-27",0.13441,{"date":253,"score":183,"percentile":254},"2025-11-28",0.1342,{"date":256,"score":183,"percentile":257},"2025-11-29",0.13393,{"date":259,"score":183,"percentile":260},"2025-11-30",0.134,{"date":262,"score":183,"percentile":263},"2025-12-01",0.13439,{"date":265,"score":183,"percentile":266},"2025-12-02",0.13458,{"date":268,"score":183,"percentile":269},"2025-12-03",0.13478,{"date":271,"score":183,"percentile":272},"2025-12-04",0.13449,{"date":274,"score":275,"percentile":276},"2025-12-05",0.00052,0.16186,{"date":278,"score":275,"percentile":279},"2025-12-06",0.16195,{"date":281,"score":275,"percentile":282},"2025-12-07",0.16176,{"date":284,"score":275,"percentile":285},"2025-12-08",0.16189,{"date":287,"score":275,"percentile":288},"2025-12-09",0.16244,{"date":290,"score":275,"percentile":291},"2025-12-10",0.16304,{"date":293,"score":275,"percentile":294},"2025-12-11",0.16345,{"date":296,"score":275,"percentile":297},"2025-12-12",0.16394,{"date":299,"score":275,"percentile":300},"2025-12-13",0.16393,{"date":302,"score":303,"percentile":304},"2025-12-14",0.00011,0.00999,{"date":306,"score":303,"percentile":307},"2025-12-15",0.00997,{"date":309,"score":303,"percentile":310},"2025-12-16",0.01,{"date":312,"score":303,"percentile":313},"2025-12-17",0.01003,{"date":315,"score":303,"percentile":316},"2025-12-18",0.00995,{"date":318,"score":319,"percentile":320},"2025-12-19",0.00009,0.00718,{"date":322,"score":319,"percentile":320},"2025-12-20",{"date":324,"score":319,"percentile":325},"2025-12-21",0.00714,{"date":327,"score":319,"percentile":320},"2025-12-22",{"date":329,"score":319,"percentile":320},"2025-12-23",{"date":331,"score":319,"percentile":332},"2025-12-24",0.00721,{"date":334,"score":319,"percentile":335},"2025-12-25",0.00723,{"date":337,"score":319,"percentile":338},"2025-12-26",0.00727,{"date":340,"score":319,"percentile":341},"2025-12-27",0.00725,{"date":343,"score":319,"percentile":341},"2025-12-28",{"date":345,"score":319,"percentile":346},"2025-12-29",0.00722,{"date":348,"score":319,"percentile":349},"2025-12-30",0.00719,{"date":351,"score":319,"percentile":352},"2025-12-31",0.00715,{"date":354,"score":319,"percentile":349},"2026-01-01",{"date":356,"score":319,"percentile":357},"2026-01-02",0.00724,{"date":359,"score":319,"percentile":360},"2026-01-03",0.00726,{"date":362,"score":319,"percentile":363},"2026-01-04",0.00717,{"date":365,"score":319,"percentile":346},"2026-01-05",{"date":367,"score":319,"percentile":368},"2026-01-06",0.0072,{"date":370,"score":319,"percentile":363},"2026-01-07",{"date":372,"score":319,"percentile":346},"2026-01-08",{"date":374,"score":319,"percentile":375},"2026-01-09",0.0073,{"date":377,"score":319,"percentile":378},"2026-01-10",0.00733,{"date":380,"score":319,"percentile":378},"2026-01-11",{"date":382,"score":319,"percentile":383},"2026-01-12",0.00731,{"date":385,"score":319,"percentile":386},"2026-01-13",0.00729,{"date":388,"score":319,"percentile":389},"2026-01-14",0.00728,{"date":391,"score":319,"percentile":383},"2026-01-15",{"date":393,"score":319,"percentile":394},"2026-01-16",0.00732,{"date":396,"score":319,"percentile":394},"2026-01-17",{"date":398,"score":319,"percentile":399},"2026-01-18",0.00734,{"date":401,"score":319,"percentile":394},"2026-01-19",{"date":403,"score":319,"percentile":389},"2026-01-20",{"date":405,"score":319,"percentile":360},"2026-01-21",{"date":407,"score":319,"percentile":389},"2026-01-22",{"date":409,"score":319,"percentile":410},"2026-01-23",0.00737,{"date":412,"score":319,"percentile":413},"2026-01-24",0.00743,{"date":415,"score":319,"percentile":413},"2026-01-25",{"date":417,"score":143,"percentile":418},"2026-01-26",0.00592,{"date":420,"score":143,"percentile":421},"2026-01-27",0.00597,{"date":423,"score":143,"percentile":424},"2026-01-28",0.00598,{"date":426,"score":143,"percentile":427},"2026-01-29",0.00602,{"date":429,"score":143,"percentile":430},"2026-01-30",0.00613,{"date":432,"score":143,"percentile":433},"2026-01-31",0.00617,{"date":435,"score":143,"percentile":436},"2026-02-01",0.00622,[438,443],{"source":147,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":439,"cvss_v4_0":9},{"baseScore":145,"baseSeverity":440,"vectorString":148,"impactScore":441,"exploitabilityScore":442},"MEDIUM",6,4.6,{"source":153,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":444,"cvss_v4_0":9},{"baseScore":145,"baseSeverity":440,"vectorString":148,"impactScore":441,"exploitabilityScore":442},[446,472],{"ecosystem":9,"name":447,"vendor":448,"product":448,"cpe_part":449,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":450},"Linux","linux","a",[451,458,461,464,467,470],{"version":452,"is_range":453,"range_type":147,"version_start":454,"version_start_type":455,"version_end":456,"version_end_type":457,"fixed_in":9},">= c7a5899eb26e2a4d516d53f65b6dd67be2228041, \u003C 610d4cea9b442b22b4820695fc3335e64849725e",true,"c7a5899eb26e2a4d516d53f65b6dd67be2228041","including","610d4cea9b442b22b4820695fc3335e64849725e","excluding",{"version":459,"is_range":453,"range_type":147,"version_start":454,"version_start_type":455,"version_end":460,"version_end_type":457,"fixed_in":9},">= c7a5899eb26e2a4d516d53f65b6dd67be2228041, \u003C dc2ad8e8818e4bf1a93db78d81745b4877b32972","dc2ad8e8818e4bf1a93db78d81745b4877b32972",{"version":462,"is_range":453,"range_type":147,"version_start":454,"version_start_type":455,"version_end":463,"version_end_type":457,"fixed_in":9},">= c7a5899eb26e2a4d516d53f65b6dd67be2228041, \u003C c73bca72b84b453c8d26a5e7673b20adb294bf54","c73bca72b84b453c8d26a5e7673b20adb294bf54",{"version":465,"is_range":453,"range_type":147,"version_start":454,"version_start_type":455,"version_end":466,"version_end_type":457,"fixed_in":9},">= c7a5899eb26e2a4d516d53f65b6dd67be2228041, \u003C 1e8fbd2441cb2ea28d6825f2985bf7d84af060bb","1e8fbd2441cb2ea28d6825f2985bf7d84af060bb",{"version":468,"is_range":453,"range_type":147,"version_start":454,"version_start_type":455,"version_end":469,"version_end_type":457,"fixed_in":9},">= c7a5899eb26e2a4d516d53f65b6dd67be2228041, \u003C 6889cd2a93e1e3606b3f6e958aa0924e836de4d2","6889cd2a93e1e3606b3f6e958aa0924e836de4d2",{"version":471,"is_range":141,"range_type":147,"version_start":471,"version_start_type":455,"version_end":471,"version_end_type":455,"fixed_in":9},"5.11",{"ecosystem":9,"name":473,"vendor":448,"product":474,"cpe_part":475,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":476},"linux kernel","linux_kernel","o",[477,481,485,489,493,495,497,499],{"version":478,"is_range":453,"range_type":479,"version_start":471,"version_start_type":455,"version_end":480,"version_end_type":457,"fixed_in":9},"gte5.11_lt5.15.170","cpe","5.15.170",{"version":482,"is_range":453,"range_type":479,"version_start":483,"version_start_type":455,"version_end":484,"version_end_type":457,"fixed_in":9},"gte5.16_lt6.1.115","5.16","6.1.115",{"version":486,"is_range":453,"range_type":479,"version_start":487,"version_start_type":455,"version_end":488,"version_end_type":457,"fixed_in":9},"gte6.2_lt6.6.59","6.2","6.6.59",{"version":490,"is_range":453,"range_type":479,"version_start":491,"version_start_type":455,"version_end":492,"version_end_type":457,"fixed_in":9},"gte6.7_lt6.11.6","6.7","6.11.6",{"version":494,"is_range":141,"range_type":479,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"6.12:rc1",{"version":496,"is_range":141,"range_type":479,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"6.12:rc2",{"version":498,"is_range":141,"range_type":479,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"6.12:rc3",{"version":500,"is_range":141,"range_type":479,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"6.12:rc4"]