[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2024-53166":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-04T08:53:30.047Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":20,"aliases":21,"duplicate_of":9,"upstream":22,"downstream":23,"duplicates":142,"related":143,"reserved_at":9,"published_at":192,"modified_at":193,"state":194,"summary":195,"references_raw":204,"kevs":235,"epss":236,"epss_history":239,"metrics":511,"affected":519},"CVE-2024-53166","In the Linux kernel, the following vulnerability has been resolved:\n\nblock, bfq: fix bfqq uaf in bfq_limit_depth()\n\nSet new allocated bfqq to bic or remove freed bfqq from bic are both\nprotected by bfqd->lock, however bfq_limit_depth() is deferencing bfqq\nfrom bic without the lock, this can lead to UAF if the io_context is\nshared by multiple tasks.\n\nFor example, test bfq with io_uring can trigger following UAF in v6.6:\n\n==================================================================\nBUG: KASAN: slab-use-after-free in bfqq_group+0x15/0x50\n\nCall Trace:\n \u003CTASK>\n dump_stack_lvl+0x47/0x80\n print_address_description.constprop.0+0x66/0x300\n print_report+0x3e/0x70\n kasan_report+0xb4/0xf0\n bfqq_group+0x15/0x50\n bfqq_request_over_limit+0x130/0x9a0\n bfq_limit_depth+0x1b5/0x480\n __blk_mq_alloc_requests+0x2b5/0xa00\n blk_mq_get_new_requests+0x11d/0x1d0\n blk_mq_submit_bio+0x286/0xb00\n submit_bio_noacct_nocheck+0x331/0x400\n __block_write_full_folio+0x3d0/0x640\n writepage_cb+0x3b/0xc0\n write_cache_pages+0x254/0x6c0\n write_cache_pages+0x254/0x6c0\n do_writepages+0x192/0x310\n filemap_fdatawrite_wbc+0x95/0xc0\n __filemap_fdatawrite_range+0x99/0xd0\n filemap_write_and_wait_range.part.0+0x4d/0xa0\n blkdev_read_iter+0xef/0x1e0\n io_read+0x1b6/0x8a0\n io_issue_sqe+0x87/0x300\n io_wq_submit_work+0xeb/0x390\n io_worker_handle_work+0x24d/0x550\n io_wq_worker+0x27f/0x6c0\n ret_from_fork_asm+0x1b/0x30\n \u003C/TASK>\n\nAllocated by task 808602:\n kasan_save_stack+0x1e/0x40\n kasan_set_track+0x21/0x30\n __kasan_slab_alloc+0x83/0x90\n kmem_cache_alloc_node+0x1b1/0x6d0\n bfq_get_queue+0x138/0xfa0\n bfq_get_bfqq_handle_split+0xe3/0x2c0\n bfq_init_rq+0x196/0xbb0\n bfq_insert_request.isra.0+0xb5/0x480\n bfq_insert_requests+0x156/0x180\n blk_mq_insert_request+0x15d/0x440\n blk_mq_submit_bio+0x8a4/0xb00\n submit_bio_noacct_nocheck+0x331/0x400\n __blkdev_direct_IO_async+0x2dd/0x330\n blkdev_write_iter+0x39a/0x450\n io_write+0x22a/0x840\n io_issue_sqe+0x87/0x300\n io_wq_submit_work+0xeb/0x390\n io_worker_handle_work+0x24d/0x550\n io_wq_worker+0x27f/0x6c0\n ret_from_fork+0x2d/0x50\n ret_from_fork_asm+0x1b/0x30\n\nFreed by task 808589:\n kasan_save_stack+0x1e/0x40\n kasan_set_track+0x21/0x30\n kasan_save_free_info+0x27/0x40\n __kasan_slab_free+0x126/0x1b0\n kmem_cache_free+0x10c/0x750\n bfq_put_queue+0x2dd/0x770\n __bfq_insert_request.isra.0+0x155/0x7a0\n bfq_insert_request.isra.0+0x122/0x480\n bfq_insert_requests+0x156/0x180\n blk_mq_dispatch_plug_list+0x528/0x7e0\n blk_mq_flush_plug_list.part.0+0xe5/0x590\n __blk_flush_plug+0x3b/0x90\n blk_finish_plug+0x40/0x60\n do_writepages+0x19d/0x310\n filemap_fdatawrite_wbc+0x95/0xc0\n __filemap_fdatawrite_range+0x99/0xd0\n filemap_write_and_wait_range.part.0+0x4d/0xa0\n blkdev_read_iter+0xef/0x1e0\n io_read+0x1b6/0x8a0\n io_issue_sqe+0x87/0x300\n io_wq_submit_work+0xeb/0x390\n io_worker_handle_work+0x24d/0x550\n io_wq_worker+0x27f/0x6c0\n ret_from_fork+0x2d/0x50\n ret_from_fork_asm+0x1b/0x30\n\nFix the problem by protecting bic_to_bfqq() with bfqd->lock.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-416","Use After Free","The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory \"belongs\" to the code that operates on the new pointer.","weakness","Stable","Variant","High",[],[],[],[],[24,26,28,30,32,34,36,38,40,42,44,46,48,50,52,54,56,58,60,62,64,66,68,70,72,74,76,78,80,82,84,86,88,90,92,94,96,98,100,102,104,106,108,110,112,114,116,118,120,122,124,126,128,130,132,134,136,138,140],{"_key":25},"SUSE-SU-2025:02387-1",{"_key":27},"SUSE-SU-2025:02388-1",{"_key":29},"SUSE-SU-2025:02400-1",{"_key":31},"SUSE-SU-2025:02401-1",{"_key":33},"SUSE-SU-2025:02403-1",{"_key":35},"SUSE-SU-2025:02410-1",{"_key":37},"SUSE-SU-2025:02411-1",{"_key":39},"SUSE-SU-2025:02412-1",{"_key":41},"SUSE-SU-2025:02445-1",{"_key":43},"SUSE-SU-2025:02449-1",{"_key":45},"SUSE-SU-2025:02455-1",{"_key":47},"SUSE-SU-2025:02459-1",{"_key":49},"SUSE-SU-2025:0289-1",{"_key":51},"SUSE-SU-2025:0555-1",{"_key":53},"SUSE-SU-2025:0556-1",{"_key":55},"SUSE-SU-2025:0576-1",{"_key":57},"SUSE-SU-2025:0577-1",{"_key":59},"SUSE-SU-2025:0577-2",{"_key":61},"SUSE-SU-2025:0117-1",{"_key":63},"SUSE-SU-2025:0153-1",{"_key":65},"SUSE-SU-2025:0154-1",{"_key":67},"DLA-4193-1",{"_key":69},"DSA-5900-1",{"_key":71},"SUSE-SU-2025:02389-1",{"_key":73},"SUSE-SU-2025:02390-1",{"_key":75},"SUSE-SU-2025:02419-1",{"_key":77},"SUSE-SU-2025:02420-1",{"_key":79},"SUSE-SU-2025:02433-1",{"_key":81},"SUSE-SU-2025:02434-1",{"_key":83},"SUSE-SU-2025:02436-1",{"_key":85},"SUSE-SU-2025:02437-1",{"_key":87},"SUSE-SU-2025:02440-1",{"_key":89},"SUSE-SU-2025:20165-1",{"_key":91},"SUSE-SU-2025:20166-1",{"_key":93},"SUSE-SU-2025:20248-1",{"_key":95},"SUSE-SU-2025:20249-1",{"_key":97},"SUSE-SU-2025:20517-1",{"_key":99},"SUSE-SU-2025:20518-1",{"_key":101},"SUSE-SU-2025:20519-1",{"_key":103},"SUSE-SU-2025:20525-1",{"_key":105},"SUSE-SU-2025:20526-1",{"_key":107},"SUSE-SU-2025:20527-1",{"_key":109},"SUSE-SU-2025:20540-1",{"_key":111},"SUSE-SU-2025:20541-1",{"_key":113},"SUSE-SU-2025:20544-1",{"_key":115},"SUSE-SU-2025:20545-1",{"_key":117},"UBUNTU-CVE-2024-53166",{"_key":119},"DEBIAN-CVE-2024-53166",{"_key":121},"RHSA-2025:6966",{"_key":123},"USN-7310-1",{"_key":125},"USN-7449-1",{"_key":127},"USN-7449-2",{"_key":129},"USN-7450-1",{"_key":131},"USN-7451-1",{"_key":133},"USN-7452-1",{"_key":135},"USN-7453-1",{"_key":137},"USN-7468-1",{"_key":139},"USN-7523-1",{"_key":141},"USN-7524-1",[],[144,145,146,147,148,149,150,151,152,153,154,155,156,157,158,159,160,161,162,164,166,167,168,169,170,171,172,173,174,175,176,177,178,179,180,181,182,183,184,185,186,187,188,189,190,191],{"_key":25},{"_key":27},{"_key":29},{"_key":31},{"_key":33},{"_key":35},{"_key":37},{"_key":39},{"_key":41},{"_key":43},{"_key":45},{"_key":47},{"_key":49},{"_key":51},{"_key":53},{"_key":55},{"_key":57},{"_key":59},{"_key":163},"USN-7276-1",{"_key":165},"USN-7277-1",{"_key":61},{"_key":63},{"_key":65},{"_key":71},{"_key":73},{"_key":75},{"_key":77},{"_key":79},{"_key":81},{"_key":83},{"_key":85},{"_key":87},{"_key":89},{"_key":91},{"_key":93},{"_key":95},{"_key":97},{"_key":99},{"_key":101},{"_key":103},{"_key":105},{"_key":107},{"_key":109},{"_key":111},{"_key":113},{"_key":115},"2024-12-27T13:49:12.233Z","2026-05-12T12:01:22.566Z","Modified",{"cisa_kev":196,"cisa_ransomware":196,"cisa_vendor":9,"epss_severity":197,"epss_score":198,"severity":199,"severity_score":200,"severity_version":201,"severity_source":202,"severity_vector":203,"severity_status":194},false,"low",0.00009,"high",7.8,"v3.1","cve.org","CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",[205,210,215,219,223,227,231],{"url":206,"sources":207,"tags":209},"https://git.kernel.org/stable/c/ada4ca5fd5a9d5212f28164d49a4885951c979c9",[202,208],"nvd",[],{"url":211,"sources":212,"tags":213},"https://git.kernel.org/stable/c/906cdbdd3b018ff69cc830173bce277a847d4fdc",[202,208],[214],"Patch",{"url":216,"sources":217,"tags":218},"https://git.kernel.org/stable/c/dcaa738afde55085ac6056252e319479cf23cde2",[202,208],[214],{"url":220,"sources":221,"tags":222},"https://git.kernel.org/stable/c/01a853faaeaf3379ccf358ade582b1d28752126e",[202,208],[214],{"url":224,"sources":225,"tags":226},"https://git.kernel.org/stable/c/e8b8344de3980709080d86c157d24e7de07d70ad",[202,208],[214],{"url":228,"sources":229,"tags":230},"https://lists.debian.org/debian-lts-announce/2025/05/msg00045.html",[202,208],[],{"url":232,"sources":233,"tags":234},"https://cert-portal.siemens.com/productcert/html/ssa-082556.html",[202,208],[],[],{"date":237,"score":198,"percentile":238},"2026-06-03",0.01079,[240,244,247,250,253,256,259,262,265,268,271,274,277,280,283,287,290,293,296,299,302,305,308,311,314,317,320,323,326,329,332,335,338,341,344,347,350,353,356,359,362,365,368,371,374,377,380,383,386,389,392,395,398,401,404,407,410,413,416,419,422,425,428,431,434,437,440,443,446,449,452,455,458,461,463,466,469,472,475,478,481,484,487,490,493,496,499,502,505,508],{"date":241,"score":242,"percentile":243},"2025-11-04",0.00047,0.14418,{"date":245,"score":242,"percentile":246},"2025-11-05",0.1445,{"date":248,"score":242,"percentile":249},"2025-11-06",0.14546,{"date":251,"score":242,"percentile":252},"2025-11-07",0.14558,{"date":254,"score":242,"percentile":255},"2025-11-08",0.14571,{"date":257,"score":242,"percentile":258},"2025-11-09",0.14548,{"date":260,"score":242,"percentile":261},"2025-11-10",0.14519,{"date":263,"score":242,"percentile":264},"2025-11-11",0.14536,{"date":266,"score":242,"percentile":267},"2025-11-12",0.14577,{"date":269,"score":242,"percentile":270},"2025-11-13",0.14604,{"date":272,"score":242,"percentile":273},"2025-11-14",0.14603,{"date":275,"score":242,"percentile":276},"2025-11-15",0.14564,{"date":278,"score":242,"percentile":279},"2025-11-16",0.14559,{"date":281,"score":242,"percentile":282},"2025-11-17",0.14517,{"date":284,"score":285,"percentile":286},"2025-11-18",0.0009,0.21708,{"date":288,"score":285,"percentile":289},"2025-11-19",0.21719,{"date":291,"score":285,"percentile":292},"2025-11-20",0.21729,{"date":294,"score":242,"percentile":295},"2025-11-21",0.1454,{"date":297,"score":242,"percentile":298},"2025-11-22",0.14524,{"date":300,"score":242,"percentile":301},"2025-11-23",0.14507,{"date":303,"score":242,"percentile":304},"2025-11-24",0.14478,{"date":306,"score":242,"percentile":307},"2025-11-25",0.14473,{"date":309,"score":242,"percentile":310},"2025-11-26",0.14468,{"date":312,"score":242,"percentile":313},"2025-11-27",0.14479,{"date":315,"score":242,"percentile":316},"2025-11-28",0.14459,{"date":318,"score":242,"percentile":319},"2025-11-29",0.14447,{"date":321,"score":242,"percentile":322},"2025-11-30",0.14452,{"date":324,"score":242,"percentile":325},"2025-12-01",0.14485,{"date":327,"score":242,"percentile":328},"2025-12-02",0.14503,{"date":330,"score":242,"percentile":331},"2025-12-03",0.14527,{"date":333,"score":242,"percentile":334},"2025-12-04",0.14504,{"date":336,"score":242,"percentile":337},"2025-12-05",0.14567,{"date":339,"score":242,"percentile":340},"2025-12-06",0.14583,{"date":342,"score":242,"percentile":343},"2025-12-07",0.14563,{"date":345,"score":242,"percentile":346},"2025-12-08",0.14572,{"date":348,"score":242,"percentile":349},"2025-12-09",0.14631,{"date":351,"score":242,"percentile":352},"2025-12-10",0.14704,{"date":354,"score":242,"percentile":355},"2025-12-11",0.14728,{"date":357,"score":242,"percentile":358},"2025-12-12",0.14774,{"date":360,"score":242,"percentile":361},"2025-12-13",0.14782,{"date":363,"score":242,"percentile":364},"2025-12-14",0.14736,{"date":366,"score":242,"percentile":367},"2025-12-15",0.147,{"date":369,"score":242,"percentile":370},"2025-12-16",0.14721,{"date":372,"score":242,"percentile":373},"2025-12-17",0.14817,{"date":375,"score":242,"percentile":376},"2025-12-18",0.14875,{"date":378,"score":242,"percentile":379},"2025-12-19",0.14915,{"date":381,"score":242,"percentile":382},"2025-12-20",0.14888,{"date":384,"score":242,"percentile":385},"2025-12-21",0.14854,{"date":387,"score":242,"percentile":388},"2025-12-22",0.14808,{"date":390,"score":242,"percentile":391},"2025-12-23",0.14809,{"date":393,"score":242,"percentile":394},"2025-12-24",0.14819,{"date":396,"score":242,"percentile":397},"2025-12-25",0.14892,{"date":399,"score":242,"percentile":400},"2025-12-26",0.14887,{"date":402,"score":242,"percentile":403},"2025-12-27",0.14903,{"date":405,"score":242,"percentile":406},"2025-12-28",0.14849,{"date":408,"score":242,"percentile":409},"2025-12-29",0.14786,{"date":411,"score":242,"percentile":412},"2025-12-30",0.14799,{"date":414,"score":242,"percentile":415},"2025-12-31",0.14862,{"date":417,"score":242,"percentile":418},"2026-01-01",0.14951,{"date":420,"score":242,"percentile":421},"2026-01-02",0.14938,{"date":423,"score":242,"percentile":424},"2026-01-03",0.14913,{"date":426,"score":242,"percentile":427},"2026-01-04",0.14834,{"date":429,"score":242,"percentile":430},"2026-01-05",0.14794,{"date":432,"score":242,"percentile":433},"2026-01-06",0.14806,{"date":435,"score":242,"percentile":436},"2026-01-07",0.14843,{"date":438,"score":242,"percentile":439},"2026-01-08",0.14901,{"date":441,"score":242,"percentile":442},"2026-01-09",0.1491,{"date":444,"score":242,"percentile":445},"2026-01-10",0.1493,{"date":447,"score":242,"percentile":448},"2026-01-11",0.14885,{"date":450,"score":242,"percentile":451},"2026-01-12",0.14851,{"date":453,"score":242,"percentile":454},"2026-01-13",0.14837,{"date":456,"score":242,"percentile":457},"2026-01-14",0.14894,{"date":459,"score":242,"percentile":460},"2026-01-15",0.1489,{"date":462,"score":242,"percentile":439},"2026-01-16",{"date":464,"score":242,"percentile":465},"2026-01-17",0.14919,{"date":467,"score":242,"percentile":468},"2026-01-18",0.14857,{"date":470,"score":242,"percentile":471},"2026-01-19",0.14785,{"date":473,"score":242,"percentile":474},"2026-01-20",0.14767,{"date":476,"score":242,"percentile":477},"2026-01-21",0.14759,{"date":479,"score":242,"percentile":480},"2026-01-22",0.14679,{"date":482,"score":242,"percentile":483},"2026-01-23",0.14755,{"date":485,"score":242,"percentile":486},"2026-01-24",0.14789,{"date":488,"score":242,"percentile":489},"2026-01-25",0.1473,{"date":491,"score":242,"percentile":492},"2026-01-26",0.1464,{"date":494,"score":242,"percentile":495},"2026-01-27",0.14636,{"date":497,"score":242,"percentile":498},"2026-01-28",0.14647,{"date":500,"score":242,"percentile":501},"2026-01-29",0.1462,{"date":503,"score":242,"percentile":504},"2026-01-30",0.14616,{"date":506,"score":242,"percentile":507},"2026-01-31",0.14638,{"date":509,"score":242,"percentile":510},"2026-02-01",0.14617,[512,517],{"source":202,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":513,"cvss_v4_0":9},{"baseScore":200,"baseSeverity":514,"vectorString":203,"impactScore":515,"exploitabilityScore":516},"HIGH",9.8,4.6,{"source":208,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":518,"cvss_v4_0":9},{"baseScore":200,"baseSeverity":514,"vectorString":203,"impactScore":515,"exploitabilityScore":516},[520,546],{"ecosystem":9,"name":521,"vendor":522,"product":522,"cpe_part":523,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":524},"Linux","linux","a",[525,532,535,538,541,544],{"version":526,"is_range":527,"range_type":202,"version_start":528,"version_start_type":529,"version_end":530,"version_end_type":531,"fixed_in":9},">= 76f1df88bbc2f984eb0418cc90de0a8384e63604, \u003C ada4ca5fd5a9d5212f28164d49a4885951c979c9",true,"76f1df88bbc2f984eb0418cc90de0a8384e63604","including","ada4ca5fd5a9d5212f28164d49a4885951c979c9","excluding",{"version":533,"is_range":527,"range_type":202,"version_start":528,"version_start_type":529,"version_end":534,"version_end_type":531,"fixed_in":9},">= 76f1df88bbc2f984eb0418cc90de0a8384e63604, \u003C 906cdbdd3b018ff69cc830173bce277a847d4fdc","906cdbdd3b018ff69cc830173bce277a847d4fdc",{"version":536,"is_range":527,"range_type":202,"version_start":528,"version_start_type":529,"version_end":537,"version_end_type":531,"fixed_in":9},">= 76f1df88bbc2f984eb0418cc90de0a8384e63604, \u003C dcaa738afde55085ac6056252e319479cf23cde2","dcaa738afde55085ac6056252e319479cf23cde2",{"version":539,"is_range":527,"range_type":202,"version_start":528,"version_start_type":529,"version_end":540,"version_end_type":531,"fixed_in":9},">= 76f1df88bbc2f984eb0418cc90de0a8384e63604, \u003C 01a853faaeaf3379ccf358ade582b1d28752126e","01a853faaeaf3379ccf358ade582b1d28752126e",{"version":542,"is_range":527,"range_type":202,"version_start":528,"version_start_type":529,"version_end":543,"version_end_type":531,"fixed_in":9},">= 76f1df88bbc2f984eb0418cc90de0a8384e63604, \u003C e8b8344de3980709080d86c157d24e7de07d70ad","e8b8344de3980709080d86c157d24e7de07d70ad",{"version":545,"is_range":196,"range_type":202,"version_start":545,"version_start_type":529,"version_end":545,"version_end_type":529,"fixed_in":9},"5.17",{"ecosystem":9,"name":547,"vendor":522,"product":548,"cpe_part":549,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":550},"linux kernel","linux_kernel","o",[551,555,559],{"version":552,"is_range":527,"range_type":553,"version_start":545,"version_start_type":529,"version_end":554,"version_end_type":531,"fixed_in":9},"gte5.17_lt6.6.64","cpe","6.6.64",{"version":556,"is_range":527,"range_type":553,"version_start":557,"version_start_type":529,"version_end":558,"version_end_type":531,"fixed_in":9},"gte6.7_lt6.11.11","6.7","6.11.11",{"version":560,"is_range":527,"range_type":553,"version_start":561,"version_start_type":529,"version_end":562,"version_end_type":531,"fixed_in":9},"gte6.12_lt6.12.2","6.12","6.12.2"]