CVE-2021-47125 (GCVE-0-2021-47125)

Vulnerability from cvelistv5 – Published: 2024-03-15 20:14 – Updated: 2025-05-04 07:04
VLAI?
Summary
In the Linux kernel, the following vulnerability has been resolved: sch_htb: fix refcount leak in htb_parent_to_leaf_offload The commit ae81feb7338c ("sch_htb: fix null pointer dereference on a null new_q") fixes a NULL pointer dereference bug, but it is not correct. Because htb_graft_helper properly handles the case when new_q is NULL, and after the previous patch by skipping this call which creates an inconsistency : dev_queue->qdisc will still point to the old qdisc, but cl->parent->leaf.q will point to the new one (which will be noop_qdisc, because new_q was NULL). The code is based on an assumption that these two pointers are the same, so it can lead to refcount leaks. The correct fix is to add a NULL pointer check to protect qdisc_refcount_inc inside htb_parent_to_leaf_offload.
Severity ?
No CVSS data available.
Assigner
References
Impacted products
Vendor Product Version
Linux Linux Affected: ae81feb7338c89cee4e6aa0424bdab2ce2b52da2 , < 2411c02d03892a5057499f8102d0cc1e0f852416 (git)
Affected: ae81feb7338c89cee4e6aa0424bdab2ce2b52da2 , < 944d671d5faa0d78980a3da5c0f04960ef1ad893 (git)
Create a notification for this product.
    Linux Linux Affected: 5.12
Unaffected: 0 , < 5.12 (semver)
Unaffected: 5.12.10 , ≤ 5.12.* (semver)
Unaffected: 5.13 , ≤ * (original_commit_for_fix)
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-47125",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-03-18T15:30:07.969096Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:14:48.759Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:24:39.885Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/2411c02d03892a5057499f8102d0cc1e0f852416"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/944d671d5faa0d78980a3da5c0f04960ef1ad893"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "net/sched/sch_htb.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "2411c02d03892a5057499f8102d0cc1e0f852416",
              "status": "affected",
              "version": "ae81feb7338c89cee4e6aa0424bdab2ce2b52da2",
              "versionType": "git"
            },
            {
              "lessThan": "944d671d5faa0d78980a3da5c0f04960ef1ad893",
              "status": "affected",
              "version": "ae81feb7338c89cee4e6aa0424bdab2ce2b52da2",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "net/sched/sch_htb.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.12"
            },
            {
              "lessThan": "5.12",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.12.*",
              "status": "unaffected",
              "version": "5.12.10",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.13",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.12.10",
                  "versionStartIncluding": "5.12",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.13",
                  "versionStartIncluding": "5.12",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nsch_htb: fix refcount leak in htb_parent_to_leaf_offload\n\nThe commit ae81feb7338c (\"sch_htb: fix null pointer dereference\non a null new_q\") fixes a NULL pointer dereference bug, but it\nis not correct.\n\nBecause htb_graft_helper properly handles the case when new_q\nis NULL, and after the previous patch by skipping this call\nwhich creates an inconsistency : dev_queue-\u003eqdisc will still\npoint to the old qdisc, but cl-\u003eparent-\u003eleaf.q will point to\nthe new one (which will be noop_qdisc, because new_q was NULL).\nThe code is based on an assumption that these two pointers are\nthe same, so it can lead to refcount leaks.\n\nThe correct fix is to add a NULL pointer check to protect\nqdisc_refcount_inc inside htb_parent_to_leaf_offload."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-05-04T07:04:37.929Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/2411c02d03892a5057499f8102d0cc1e0f852416"
        },
        {
          "url": "https://git.kernel.org/stable/c/944d671d5faa0d78980a3da5c0f04960ef1ad893"
        }
      ],
      "title": "sch_htb: fix refcount leak in htb_parent_to_leaf_offload",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47125",
    "datePublished": "2024-03-15T20:14:30.285Z",
    "dateReserved": "2024-03-04T18:12:48.839Z",
    "dateUpdated": "2025-05-04T07:04:37.929Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"5.12\", \"versionEndExcluding\": \"5.12.10\", \"matchCriteriaId\": \"C68A4290-9FFF-4037-9467-4FF878E3085F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:5.13:rc1:*:*:*:*:*:*\", \"matchCriteriaId\": \"0CBAD0FC-C281-4666-AB2F-F8E6E1165DF7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:5.13:rc2:*:*:*:*:*:*\", \"matchCriteriaId\": \"96AC23B2-D46A-49D9-8203-8E1BEDCA8532\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:5.13:rc3:*:*:*:*:*:*\", \"matchCriteriaId\": \"DA610E30-717C-4700-9F77-A3C9244F3BFD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:5.13:rc4:*:*:*:*:*:*\", \"matchCriteriaId\": \"1ECD33F5-85BE-430B-8F86-8D7BD560311D\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"In the Linux kernel, the following vulnerability has been resolved:\\n\\nsch_htb: fix refcount leak in htb_parent_to_leaf_offload\\n\\nThe commit ae81feb7338c (\\\"sch_htb: fix null pointer dereference\\non a null new_q\\\") fixes a NULL pointer dereference bug, but it\\nis not correct.\\n\\nBecause htb_graft_helper properly handles the case when new_q\\nis NULL, and after the previous patch by skipping this call\\nwhich creates an inconsistency : dev_queue-\u003eqdisc will still\\npoint to the old qdisc, but cl-\u003eparent-\u003eleaf.q will point to\\nthe new one (which will be noop_qdisc, because new_q was NULL).\\nThe code is based on an assumption that these two pointers are\\nthe same, so it can lead to refcount leaks.\\n\\nThe correct fix is to add a NULL pointer check to protect\\nqdisc_refcount_inc inside htb_parent_to_leaf_offload.\"}, {\"lang\": \"es\", \"value\": \"En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: sch_htb: corrige la fuga de recuento en htb_parent_to_leaf_offload el commit ae81feb7338c (\\\"sch_htb: corrige la desreferencia del puntero nulo en un new_q nulo\\\") corrige un error de desreferencia del puntero NULL, pero no es correcto. Debido a que htb_graft_helper maneja adecuadamente el caso cuando new_q es NULL, y despu\\u00e9s del parche anterior al omitir esta llamada, se crea una inconsistencia: dev_queue-\u0026gt;qdisc seguir\\u00e1 apuntando a la qdisc anterior, pero cl-\u0026gt;parent-\u0026gt;leaf.q apuntar\\u00e1 a el nuevo (que ser\\u00e1 noop_qdisc, porque new_q era NULL). El c\\u00f3digo se basa en la suposici\\u00f3n de que estos dos indicadores son iguales, por lo que puede provocar fugas de recuento. La soluci\\u00f3n correcta es agregar una verificaci\\u00f3n de puntero NULL para proteger qdisc_refcount_inc dentro de htb_parent_to_leaf_offload.\"}]",
      "id": "CVE-2021-47125",
      "lastModified": "2025-01-07T18:00:04.453",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\", \"baseScore\": 5.5, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 1.8, \"impactScore\": 3.6}]}",
      "published": "2024-03-15T21:15:07.307",
      "references": "[{\"url\": \"https://git.kernel.org/stable/c/2411c02d03892a5057499f8102d0cc1e0f852416\", \"source\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"tags\": [\"Patch\"]}, {\"url\": \"https://git.kernel.org/stable/c/944d671d5faa0d78980a3da5c0f04960ef1ad893\", \"source\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"tags\": [\"Patch\"]}, {\"url\": \"https://git.kernel.org/stable/c/2411c02d03892a5057499f8102d0cc1e0f852416\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\"]}, {\"url\": \"https://git.kernel.org/stable/c/944d671d5faa0d78980a3da5c0f04960ef1ad893\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\"]}]",
      "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "vulnStatus": "Analyzed",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"NVD-CWE-Other\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2021-47125\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2024-03-15T21:15:07.307\",\"lastModified\":\"2025-01-07T18:00:04.453\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\nsch_htb: fix refcount leak in htb_parent_to_leaf_offload\\n\\nThe commit ae81feb7338c (\\\"sch_htb: fix null pointer dereference\\non a null new_q\\\") fixes a NULL pointer dereference bug, but it\\nis not correct.\\n\\nBecause htb_graft_helper properly handles the case when new_q\\nis NULL, and after the previous patch by skipping this call\\nwhich creates an inconsistency : dev_queue-\u003eqdisc will still\\npoint to the old qdisc, but cl-\u003eparent-\u003eleaf.q will point to\\nthe new one (which will be noop_qdisc, because new_q was NULL).\\nThe code is based on an assumption that these two pointers are\\nthe same, so it can lead to refcount leaks.\\n\\nThe correct fix is to add a NULL pointer check to protect\\nqdisc_refcount_inc inside htb_parent_to_leaf_offload.\"},{\"lang\":\"es\",\"value\":\"En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: sch_htb: corrige la fuga de recuento en htb_parent_to_leaf_offload el commit ae81feb7338c (\\\"sch_htb: corrige la desreferencia del puntero nulo en un new_q nulo\\\") corrige un error de desreferencia del puntero NULL, pero no es correcto. Debido a que htb_graft_helper maneja adecuadamente el caso cuando new_q es NULL, y despu\u00e9s del parche anterior al omitir esta llamada, se crea una inconsistencia: dev_queue-\u0026gt;qdisc seguir\u00e1 apuntando a la qdisc anterior, pero cl-\u0026gt;parent-\u0026gt;leaf.q apuntar\u00e1 a el nuevo (que ser\u00e1 noop_qdisc, porque new_q era NULL). El c\u00f3digo se basa en la suposici\u00f3n de que estos dos indicadores son iguales, por lo que puede provocar fugas de recuento. La soluci\u00f3n correcta es agregar una verificaci\u00f3n de puntero NULL para proteger qdisc_refcount_inc dentro de htb_parent_to_leaf_offload.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":5.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-Other\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.12\",\"versionEndExcluding\":\"5.12.10\",\"matchCriteriaId\":\"C68A4290-9FFF-4037-9467-4FF878E3085F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:5.13:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"0CBAD0FC-C281-4666-AB2F-F8E6E1165DF7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:5.13:rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"96AC23B2-D46A-49D9-8203-8E1BEDCA8532\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:5.13:rc3:*:*:*:*:*:*\",\"matchCriteriaId\":\"DA610E30-717C-4700-9F77-A3C9244F3BFD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:5.13:rc4:*:*:*:*:*:*\",\"matchCriteriaId\":\"1ECD33F5-85BE-430B-8F86-8D7BD560311D\"}]}]}],\"references\":[{\"url\":\"https://git.kernel.org/stable/c/2411c02d03892a5057499f8102d0cc1e0f852416\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/944d671d5faa0d78980a3da5c0f04960ef1ad893\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/2411c02d03892a5057499f8102d0cc1e0f852416\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/944d671d5faa0d78980a3da5c0f04960ef1ad893\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://git.kernel.org/stable/c/2411c02d03892a5057499f8102d0cc1e0f852416\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://git.kernel.org/stable/c/944d671d5faa0d78980a3da5c0f04960ef1ad893\", \"tags\": [\"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-04T05:24:39.885Z\"}}, {\"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2021-47125\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-03-18T15:30:07.969096Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-05-23T19:01:18.338Z\"}, \"title\": \"CISA ADP Vulnrichment\"}], \"cna\": {\"title\": \"sch_htb: fix refcount leak in htb_parent_to_leaf_offload\", \"affected\": [{\"repo\": \"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git\", \"vendor\": \"Linux\", \"product\": \"Linux\", \"versions\": [{\"status\": \"affected\", \"version\": \"ae81feb7338c89cee4e6aa0424bdab2ce2b52da2\", \"lessThan\": \"2411c02d03892a5057499f8102d0cc1e0f852416\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"ae81feb7338c89cee4e6aa0424bdab2ce2b52da2\", \"lessThan\": \"944d671d5faa0d78980a3da5c0f04960ef1ad893\", \"versionType\": \"git\"}], \"programFiles\": [\"net/sched/sch_htb.c\"], \"defaultStatus\": \"unaffected\"}, {\"repo\": \"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git\", \"vendor\": \"Linux\", \"product\": \"Linux\", \"versions\": [{\"status\": \"affected\", \"version\": \"5.12\"}, {\"status\": \"unaffected\", \"version\": \"0\", \"lessThan\": \"5.12\", \"versionType\": \"semver\"}, {\"status\": \"unaffected\", \"version\": \"5.12.10\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"5.12.*\"}, {\"status\": \"unaffected\", \"version\": \"5.13\", \"versionType\": \"original_commit_for_fix\", \"lessThanOrEqual\": \"*\"}], \"programFiles\": [\"net/sched/sch_htb.c\"], \"defaultStatus\": \"affected\"}], \"references\": [{\"url\": \"https://git.kernel.org/stable/c/2411c02d03892a5057499f8102d0cc1e0f852416\"}, {\"url\": \"https://git.kernel.org/stable/c/944d671d5faa0d78980a3da5c0f04960ef1ad893\"}], \"x_generator\": {\"engine\": \"bippy-1.2.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"In the Linux kernel, the following vulnerability has been resolved:\\n\\nsch_htb: fix refcount leak in htb_parent_to_leaf_offload\\n\\nThe commit ae81feb7338c (\\\"sch_htb: fix null pointer dereference\\non a null new_q\\\") fixes a NULL pointer dereference bug, but it\\nis not correct.\\n\\nBecause htb_graft_helper properly handles the case when new_q\\nis NULL, and after the previous patch by skipping this call\\nwhich creates an inconsistency : dev_queue-\u003eqdisc will still\\npoint to the old qdisc, but cl-\u003eparent-\u003eleaf.q will point to\\nthe new one (which will be noop_qdisc, because new_q was NULL).\\nThe code is based on an assumption that these two pointers are\\nthe same, so it can lead to refcount leaks.\\n\\nThe correct fix is to add a NULL pointer check to protect\\nqdisc_refcount_inc inside htb_parent_to_leaf_offload.\"}], \"cpeApplicability\": [{\"nodes\": [{\"negate\": false, \"cpeMatch\": [{\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"5.12.10\", \"versionStartIncluding\": \"5.12\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"5.13\", \"versionStartIncluding\": \"5.12\"}], \"operator\": \"OR\"}]}], \"providerMetadata\": {\"orgId\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"shortName\": \"Linux\", \"dateUpdated\": \"2025-05-04T07:04:37.929Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2021-47125\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-05-04T07:04:37.929Z\", \"dateReserved\": \"2024-03-04T18:12:48.839Z\", \"assignerOrgId\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"datePublished\": \"2024-03-15T20:14:30.285Z\", \"assignerShortName\": \"Linux\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.