[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2024-56672":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-04T14:53:31.930Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":20,"aliases":21,"duplicate_of":9,"upstream":22,"downstream":23,"duplicates":104,"related":105,"reserved_at":9,"published_at":120,"modified_at":121,"state":122,"summary":123,"references_raw":132,"kevs":171,"epss":172,"epss_history":175,"metrics":445,"affected":455},"CVE-2024-56672","In the Linux kernel, the following vulnerability has been resolved:\n\nblk-cgroup: Fix UAF in blkcg_unpin_online()\n\nblkcg_unpin_online() walks up the blkcg hierarchy putting the online pin. To\nwalk up, it uses blkcg_parent(blkcg) but it was calling that after\nblkcg_destroy_blkgs(blkcg) which could free the blkcg, leading to the\nfollowing UAF:\n\n  ==================================================================\n  BUG: KASAN: slab-use-after-free in blkcg_unpin_online+0x15a/0x270\n  Read of size 8 at addr ffff8881057678c0 by task kworker/9:1/117\n\n  CPU: 9 UID: 0 PID: 117 Comm: kworker/9:1 Not tainted 6.13.0-rc1-work-00182-gb8f52214c61a-dirty #48\n  Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS unknown 02/02/2022\n  Workqueue: cgwb_release cgwb_release_workfn\n  Call Trace:\n   \u003CTASK>\n   dump_stack_lvl+0x27/0x80\n   print_report+0x151/0x710\n   kasan_report+0xc0/0x100\n   blkcg_unpin_online+0x15a/0x270\n   cgwb_release_workfn+0x194/0x480\n   process_scheduled_works+0x71b/0xe20\n   worker_thread+0x82a/0xbd0\n   kthread+0x242/0x2c0\n   ret_from_fork+0x33/0x70\n   ret_from_fork_asm+0x1a/0x30\n   \u003C/TASK>\n  ...\n  Freed by task 1944:\n   kasan_save_track+0x2b/0x70\n   kasan_save_free_info+0x3c/0x50\n   __kasan_slab_free+0x33/0x50\n   kfree+0x10c/0x330\n   css_free_rwork_fn+0xe6/0xb30\n   process_scheduled_works+0x71b/0xe20\n   worker_thread+0x82a/0xbd0\n   kthread+0x242/0x2c0\n   ret_from_fork+0x33/0x70\n   ret_from_fork_asm+0x1a/0x30\n\nNote that the UAF is not easy to trigger as the free path is indirected\nbehind a couple RCU grace periods and a work item execution. I could only\ntrigger it with artifical msleep() injected in blkcg_unpin_online().\n\nFix it by reading the parent pointer before destroying the blkcg's blkg's.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-416","Use After Free","The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory \"belongs\" to the code that operates on the new pointer.","weakness","Stable","Variant","High",[],[],[],[],[24,26,28,30,32,34,36,38,40,42,44,46,48,50,52,54,56,58,60,62,64,66,68,70,72,74,76,78,80,82,84,86,88,90,92,94,96,98,100,102],{"_key":25},"SUSE-SU-2025:0289-1",{"_key":27},"SUSE-SU-2025:0428-1",{"_key":29},"SUSE-SU-2025:0499-1",{"_key":31},"SUSE-SU-2025:0557-1",{"_key":33},"DLA-4075-1",{"_key":35},"DLA-4076-1",{"_key":37},"SUSE-SU-2025:20165-1",{"_key":39},"SUSE-SU-2025:20166-1",{"_key":41},"SUSE-SU-2025:20248-1",{"_key":43},"SUSE-SU-2025:20249-1",{"_key":45},"MGASA-2025-0030",{"_key":47},"MGASA-2025-0032",{"_key":49},"DEBIAN-CVE-2024-56672",{"_key":51},"RHSA-2025:20518",{"_key":53},"LSN-0110-1",{"_key":55},"LSN-0111-1",{"_key":57},"UBUNTU-CVE-2024-56672",{"_key":59},"USN-7322-1",{"_key":61},"USN-7323-1",{"_key":63},"USN-7327-1",{"_key":65},"USN-7328-1",{"_key":67},"USN-7328-2",{"_key":69},"USN-7328-3",{"_key":71},"USN-7402-1",{"_key":73},"USN-7402-2",{"_key":75},"USN-7402-3",{"_key":77},"USN-7402-4",{"_key":79},"USN-7402-5",{"_key":81},"USN-7329-1",{"_key":83},"USN-7331-1",{"_key":85},"USN-7381-1",{"_key":87},"USN-7388-1",{"_key":89},"USN-7389-1",{"_key":91},"USN-7390-1",{"_key":93},"USN-7403-1",{"_key":95},"USN-7451-1",{"_key":97},"USN-7458-1",{"_key":99},"USN-7468-1",{"_key":101},"USN-7523-1",{"_key":103},"USN-7524-1",[],[106,107,109,111,112,113,114,115,116,117,118,119],{"_key":25},{"_key":108},"USN-7323-2",{"_key":110},"USN-7380-1",{"_key":27},{"_key":29},{"_key":31},{"_key":37},{"_key":39},{"_key":41},{"_key":43},{"_key":45},{"_key":47},"2024-12-27T15:06:33.358Z","2026-05-12T12:01:24.932Z","Modified",{"cisa_kev":124,"cisa_ransomware":124,"cisa_vendor":9,"epss_severity":125,"epss_score":126,"severity":127,"severity_score":128,"severity_version":129,"severity_source":130,"severity_vector":131,"severity_status":122},false,"low",0.00028,"high",7.8,"v3.1","cve.org","CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",[133,138,142,147,151,155,159,163,167],{"url":134,"sources":135,"tags":137},"https://git.kernel.org/stable/c/83f5a87ee8caa76a917f59912a74d6811f773c67",[130,136],"nvd",[],{"url":139,"sources":140,"tags":141},"https://git.kernel.org/stable/c/8a07350fe070017a887433f4d6909433955be5f1",[130,136],[],{"url":143,"sources":144,"tags":145},"https://git.kernel.org/stable/c/64afc6fe24c9896c0153e5a199bcea241ecb0d5c",[130,136],[146],"Patch",{"url":148,"sources":149,"tags":150},"https://git.kernel.org/stable/c/5baa28569c924d9a90d036c2aaab79f791fedaf8",[130,136],[146],{"url":152,"sources":153,"tags":154},"https://git.kernel.org/stable/c/29d1e06560f0f6179062ac638b4064deb637d1ad",[130,136],[146],{"url":156,"sources":157,"tags":158},"https://git.kernel.org/stable/c/86e6ca55b83c575ab0f2e105cf08f98e58d3d7af",[130,136],[146],{"url":160,"sources":161,"tags":162},"https://lists.debian.org/debian-lts-announce/2025/03/msg00001.html",[130,136],[],{"url":164,"sources":165,"tags":166},"https://lists.debian.org/debian-lts-announce/2025/03/msg00002.html",[130,136],[],{"url":168,"sources":169,"tags":170},"https://cert-portal.siemens.com/productcert/html/ssa-265688.html",[130,136],[],[],{"date":173,"score":126,"percentile":174},"2026-06-04",0.08319,[176,180,183,186,189,192,195,198,201,204,208,211,214,217,220,224,227,230,233,236,239,242,245,248,251,254,257,260,263,266,269,272,275,278,281,284,287,289,292,295,298,301,303,306,309,312,315,318,321,324,327,330,333,336,339,342,345,348,351,354,357,360,363,365,368,371,374,377,380,383,386,389,392,395,398,401,404,407,410,413,416,419,422,425,428,431,434,437,440,442],{"date":177,"score":178,"percentile":179},"2025-11-04",0.0006,0.1885,{"date":181,"score":178,"percentile":182},"2025-11-05",0.18861,{"date":184,"score":178,"percentile":185},"2025-11-06",0.18867,{"date":187,"score":178,"percentile":188},"2025-11-07",0.18883,{"date":190,"score":178,"percentile":191},"2025-11-08",0.18884,{"date":193,"score":178,"percentile":194},"2025-11-09",0.18859,{"date":196,"score":178,"percentile":197},"2025-11-10",0.18818,{"date":199,"score":178,"percentile":200},"2025-11-11",0.18824,{"date":202,"score":178,"percentile":203},"2025-11-12",0.18865,{"date":205,"score":206,"percentile":207},"2025-11-13",0.00063,0.19635,{"date":209,"score":206,"percentile":210},"2025-11-14",0.1963,{"date":212,"score":178,"percentile":213},"2025-11-15",0.18863,{"date":215,"score":178,"percentile":216},"2025-11-16",0.18821,{"date":218,"score":178,"percentile":219},"2025-11-17",0.18746,{"date":221,"score":222,"percentile":223},"2025-11-18",0.00113,0.25398,{"date":225,"score":222,"percentile":226},"2025-11-19",0.25422,{"date":228,"score":206,"percentile":229},"2025-11-20",0.15297,{"date":231,"score":206,"percentile":232},"2025-11-21",0.19476,{"date":234,"score":206,"percentile":235},"2025-11-22",0.19477,{"date":237,"score":178,"percentile":238},"2025-11-23",0.18717,{"date":240,"score":178,"percentile":241},"2025-11-24",0.18681,{"date":243,"score":178,"percentile":244},"2025-11-25",0.18667,{"date":246,"score":178,"percentile":247},"2025-11-26",0.18658,{"date":249,"score":178,"percentile":250},"2025-11-27",0.1866,{"date":252,"score":178,"percentile":253},"2025-11-28",0.18646,{"date":255,"score":178,"percentile":256},"2025-11-29",0.18633,{"date":258,"score":178,"percentile":259},"2025-11-30",0.18638,{"date":261,"score":178,"percentile":262},"2025-12-01",0.18678,{"date":264,"score":178,"percentile":265},"2025-12-02",0.18687,{"date":267,"score":178,"percentile":268},"2025-12-03",0.18699,{"date":270,"score":178,"percentile":271},"2025-12-04",0.18661,{"date":273,"score":178,"percentile":274},"2025-12-05",0.18714,{"date":276,"score":178,"percentile":277},"2025-12-06",0.18715,{"date":279,"score":178,"percentile":280},"2025-12-07",0.18702,{"date":282,"score":178,"percentile":283},"2025-12-08",0.1872,{"date":285,"score":178,"percentile":286},"2025-12-09",0.18786,{"date":288,"score":178,"percentile":203},"2025-12-10",{"date":290,"score":178,"percentile":291},"2025-12-11",0.18905,{"date":293,"score":178,"percentile":294},"2025-12-12",0.1894,{"date":296,"score":178,"percentile":297},"2025-12-13",0.18952,{"date":299,"score":178,"percentile":300},"2025-12-14",0.18903,{"date":302,"score":178,"percentile":191},"2025-12-15",{"date":304,"score":178,"percentile":305},"2025-12-16",0.18918,{"date":307,"score":178,"percentile":308},"2025-12-17",0.19001,{"date":310,"score":178,"percentile":311},"2025-12-18",0.19082,{"date":313,"score":178,"percentile":314},"2025-12-19",0.19104,{"date":316,"score":178,"percentile":317},"2025-12-20",0.19079,{"date":319,"score":178,"percentile":320},"2025-12-21",0.19034,{"date":322,"score":178,"percentile":323},"2025-12-22",0.18993,{"date":325,"score":178,"percentile":326},"2025-12-23",0.18995,{"date":328,"score":178,"percentile":329},"2025-12-24",0.19033,{"date":331,"score":178,"percentile":332},"2025-12-25",0.19112,{"date":334,"score":178,"percentile":335},"2025-12-26",0.1911,{"date":337,"score":178,"percentile":338},"2025-12-27",0.19106,{"date":340,"score":178,"percentile":341},"2025-12-28",0.19065,{"date":343,"score":178,"percentile":344},"2025-12-29",0.19021,{"date":346,"score":178,"percentile":347},"2025-12-30",0.19024,{"date":349,"score":178,"percentile":350},"2025-12-31",0.19086,{"date":352,"score":178,"percentile":353},"2026-01-01",0.19178,{"date":355,"score":178,"percentile":356},"2026-01-02",0.19179,{"date":358,"score":178,"percentile":359},"2026-01-03",0.19155,{"date":361,"score":178,"percentile":362},"2026-01-04",0.19056,{"date":364,"score":178,"percentile":329},"2026-01-05",{"date":366,"score":178,"percentile":367},"2026-01-06",0.1905,{"date":369,"score":178,"percentile":370},"2026-01-07",0.19081,{"date":372,"score":178,"percentile":373},"2026-01-08",0.19141,{"date":375,"score":178,"percentile":376},"2026-01-09",0.19142,{"date":378,"score":178,"percentile":379},"2026-01-10",0.19152,{"date":381,"score":178,"percentile":382},"2026-01-11",0.19121,{"date":384,"score":178,"percentile":385},"2026-01-12",0.19083,{"date":387,"score":178,"percentile":388},"2026-01-13",0.19059,{"date":390,"score":178,"percentile":391},"2026-01-14",0.19113,{"date":393,"score":178,"percentile":394},"2026-01-15",0.19117,{"date":396,"score":178,"percentile":397},"2026-01-16",0.19143,{"date":399,"score":178,"percentile":400},"2026-01-17",0.19156,{"date":402,"score":178,"percentile":403},"2026-01-18",0.19093,{"date":405,"score":178,"percentile":406},"2026-01-19",0.19032,{"date":408,"score":178,"percentile":409},"2026-01-20",0.19017,{"date":411,"score":178,"percentile":412},"2026-01-21",0.18984,{"date":414,"score":178,"percentile":415},"2026-01-22",0.18923,{"date":417,"score":178,"percentile":418},"2026-01-23",0.19023,{"date":420,"score":178,"percentile":421},"2026-01-24",0.19052,{"date":423,"score":178,"percentile":424},"2026-01-25",0.18978,{"date":426,"score":178,"percentile":427},"2026-01-26",0.18878,{"date":429,"score":178,"percentile":430},"2026-01-27",0.1887,{"date":432,"score":178,"percentile":433},"2026-01-28",0.18873,{"date":435,"score":178,"percentile":436},"2026-01-29",0.18842,{"date":438,"score":178,"percentile":439},"2026-01-30",0.18858,{"date":441,"score":178,"percentile":213},"2026-01-31",{"date":443,"score":178,"percentile":444},"2026-02-01",0.18889,[446,451],{"source":130,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":447,"cvss_v4_0":9},{"baseScore":128,"baseSeverity":448,"vectorString":131,"impactScore":449,"exploitabilityScore":450},"HIGH",9.8,4.6,{"source":136,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":452,"cvss_v4_0":9},{"baseScore":4,"baseSeverity":448,"vectorString":453,"impactScore":449,"exploitabilityScore":454},"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",2.6,[456,485],{"ecosystem":9,"name":457,"vendor":458,"product":458,"cpe_part":459,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":460},"Linux","linux","a",[461,468,471,474,477,480,483],{"version":462,"is_range":463,"range_type":130,"version_start":464,"version_start_type":465,"version_end":466,"version_end_type":467,"fixed_in":9},">= 4308a434e5e08c78676aa66bc626ef78cbef0883, \u003C 83f5a87ee8caa76a917f59912a74d6811f773c67",true,"4308a434e5e08c78676aa66bc626ef78cbef0883","including","83f5a87ee8caa76a917f59912a74d6811f773c67","excluding",{"version":469,"is_range":463,"range_type":130,"version_start":464,"version_start_type":465,"version_end":470,"version_end_type":467,"fixed_in":9},">= 4308a434e5e08c78676aa66bc626ef78cbef0883, \u003C 8a07350fe070017a887433f4d6909433955be5f1","8a07350fe070017a887433f4d6909433955be5f1",{"version":472,"is_range":463,"range_type":130,"version_start":464,"version_start_type":465,"version_end":473,"version_end_type":467,"fixed_in":9},">= 4308a434e5e08c78676aa66bc626ef78cbef0883, \u003C 64afc6fe24c9896c0153e5a199bcea241ecb0d5c","64afc6fe24c9896c0153e5a199bcea241ecb0d5c",{"version":475,"is_range":463,"range_type":130,"version_start":464,"version_start_type":465,"version_end":476,"version_end_type":467,"fixed_in":9},">= 4308a434e5e08c78676aa66bc626ef78cbef0883, \u003C 5baa28569c924d9a90d036c2aaab79f791fedaf8","5baa28569c924d9a90d036c2aaab79f791fedaf8",{"version":478,"is_range":463,"range_type":130,"version_start":464,"version_start_type":465,"version_end":479,"version_end_type":467,"fixed_in":9},">= 4308a434e5e08c78676aa66bc626ef78cbef0883, \u003C 29d1e06560f0f6179062ac638b4064deb637d1ad","29d1e06560f0f6179062ac638b4064deb637d1ad",{"version":481,"is_range":463,"range_type":130,"version_start":464,"version_start_type":465,"version_end":482,"version_end_type":467,"fixed_in":9},">= 4308a434e5e08c78676aa66bc626ef78cbef0883, \u003C 86e6ca55b83c575ab0f2e105cf08f98e58d3d7af","86e6ca55b83c575ab0f2e105cf08f98e58d3d7af",{"version":484,"is_range":124,"range_type":130,"version_start":484,"version_start_type":465,"version_end":484,"version_end_type":465,"fixed_in":9},"5.7",{"ecosystem":9,"name":486,"vendor":458,"product":487,"cpe_part":488,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":489},"linux kernel","linux_kernel","o",[490,494,498,502,504],{"version":491,"is_range":463,"range_type":492,"version_start":484,"version_start_type":465,"version_end":493,"version_end_type":467,"fixed_in":9},"gte5.7_lt6.1.121","cpe","6.1.121",{"version":495,"is_range":463,"range_type":492,"version_start":496,"version_start_type":465,"version_end":497,"version_end_type":467,"fixed_in":9},"gte6.2_lt6.6.67","6.2","6.6.67",{"version":499,"is_range":463,"range_type":492,"version_start":500,"version_start_type":465,"version_end":501,"version_end_type":467,"fixed_in":9},"gte6.7_lt6.12.6","6.7","6.12.6",{"version":503,"is_range":124,"range_type":492,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"6.13:rc1",{"version":505,"is_range":124,"range_type":492,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"6.13:rc2"]