CVE-2023-52443
Vulnerability from cvelistv5
Published
2024-02-22 16:13
Modified
2024-12-19 08:19
Severity ?
EPSS score ?
Summary
In the Linux kernel, the following vulnerability has been resolved:
apparmor: avoid crash when parsed profile name is empty
When processing a packed profile in unpack_profile() described like
"profile :ns::samba-dcerpcd /usr/lib*/samba/{,samba/}samba-dcerpcd {...}"
a string ":samba-dcerpcd" is unpacked as a fully-qualified name and then
passed to aa_splitn_fqname().
aa_splitn_fqname() treats ":samba-dcerpcd" as only containing a namespace.
Thus it returns NULL for tmpname, meanwhile tmpns is non-NULL. Later
aa_alloc_profile() crashes as the new profile name is NULL now.
general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] PREEMPT SMP KASAN NOPTI
KASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007]
CPU: 6 PID: 1657 Comm: apparmor_parser Not tainted 6.7.0-rc2-dirty #16
Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.2-3-gd478f380-rebuilt.opensuse.org 04/01/2014
RIP: 0010:strlen+0x1e/0xa0
Call Trace:
<TASK>
? strlen+0x1e/0xa0
aa_policy_init+0x1bb/0x230
aa_alloc_profile+0xb1/0x480
unpack_profile+0x3bc/0x4960
aa_unpack+0x309/0x15e0
aa_replace_profiles+0x213/0x33c0
policy_update+0x261/0x370
profile_replace+0x20e/0x2a0
vfs_write+0x2af/0xe00
ksys_write+0x126/0x250
do_syscall_64+0x46/0xf0
entry_SYSCALL_64_after_hwframe+0x6e/0x76
</TASK>
---[ end trace 0000000000000000 ]---
RIP: 0010:strlen+0x1e/0xa0
It seems such behaviour of aa_splitn_fqname() is expected and checked in
other places where it is called (e.g. aa_remove_profiles). Well, there
is an explicit comment "a ns name without a following profile is allowed"
inside.
AFAICS, nothing can prevent unpacked "name" to be in form like
":samba-dcerpcd" - it is passed from userspace.
Deny the whole profile set replacement in such case and inform user with
EPROTO and an explaining message.
Found by Linux Verification Center (linuxtesting.org).
References
Impacted products
Vendor | Product | Version | |||||
---|---|---|---|---|---|---|---|
▼ | Linux | Linux |
Version: 04dc715e24d0820bf8740e1a1135ed61fe162bc8 Version: 04dc715e24d0820bf8740e1a1135ed61fe162bc8 Version: 04dc715e24d0820bf8740e1a1135ed61fe162bc8 Version: 04dc715e24d0820bf8740e1a1135ed61fe162bc8 Version: 04dc715e24d0820bf8740e1a1135ed61fe162bc8 Version: 04dc715e24d0820bf8740e1a1135ed61fe162bc8 Version: 04dc715e24d0820bf8740e1a1135ed61fe162bc8 Version: 04dc715e24d0820bf8740e1a1135ed61fe162bc8 |
||||
|
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2023-52443", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-02-22T18:29:41.510350Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-07-05T17:21:01.497Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T22:55:41.517Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/9286ee97aa4803d99185768735011d0d65827c9e" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/1d8e62b5569cc1466ceb8a7e4872cf10160a9dcf" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/5ff00408e5029d3550ee77f62dc15f1e15c47f87" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/0a12db736edbb4933e4274932aeea594b5876fa4" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/9d4fa5fe2b1d56662afd14915a73b4d0783ffa45" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/5c0392fdafb0a2321311900be83ffa572bef8203" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/77ab09b92f16c8439a948d1af489196953dc4a0e" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/stable/c/55a8210c9e7d21ff2644809699765796d4bfb200" }, { "tags": [ "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00016.html" }, { "tags": [ "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "security/apparmor/policy_unpack.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "9286ee97aa4803d99185768735011d0d65827c9e", "status": "affected", "version": "04dc715e24d0820bf8740e1a1135ed61fe162bc8", "versionType": "git" }, { "lessThan": "1d8e62b5569cc1466ceb8a7e4872cf10160a9dcf", "status": "affected", "version": "04dc715e24d0820bf8740e1a1135ed61fe162bc8", "versionType": "git" }, { "lessThan": "5ff00408e5029d3550ee77f62dc15f1e15c47f87", "status": "affected", "version": "04dc715e24d0820bf8740e1a1135ed61fe162bc8", "versionType": "git" }, { "lessThan": "0a12db736edbb4933e4274932aeea594b5876fa4", "status": "affected", "version": "04dc715e24d0820bf8740e1a1135ed61fe162bc8", "versionType": "git" }, { "lessThan": "9d4fa5fe2b1d56662afd14915a73b4d0783ffa45", "status": "affected", "version": "04dc715e24d0820bf8740e1a1135ed61fe162bc8", "versionType": "git" }, { "lessThan": "5c0392fdafb0a2321311900be83ffa572bef8203", "status": "affected", "version": "04dc715e24d0820bf8740e1a1135ed61fe162bc8", "versionType": "git" }, { "lessThan": "77ab09b92f16c8439a948d1af489196953dc4a0e", "status": "affected", "version": "04dc715e24d0820bf8740e1a1135ed61fe162bc8", "versionType": "git" }, { "lessThan": "55a8210c9e7d21ff2644809699765796d4bfb200", "status": "affected", "version": "04dc715e24d0820bf8740e1a1135ed61fe162bc8", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "security/apparmor/policy_unpack.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "4.11" }, { "lessThan": "4.11", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "4.19.*", "status": "unaffected", "version": "4.19.306", "versionType": "semver" }, { "lessThanOrEqual": "5.4.*", "status": "unaffected", "version": "5.4.268", "versionType": "semver" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.209", "versionType": "semver" }, { "lessThanOrEqual": "5.15.*", "status": "unaffected", "version": "5.15.148", "versionType": "semver" }, { "lessThanOrEqual": "6.1.*", "status": "unaffected", "version": "6.1.75", "versionType": "semver" }, { "lessThanOrEqual": "6.6.*", "status": "unaffected", "version": "6.6.14", "versionType": "semver" }, { "lessThanOrEqual": "6.7.*", "status": "unaffected", "version": "6.7.2", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "6.8", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\napparmor: avoid crash when parsed profile name is empty\n\nWhen processing a packed profile in unpack_profile() described like\n\n \"profile :ns::samba-dcerpcd /usr/lib*/samba/{,samba/}samba-dcerpcd {...}\"\n\na string \":samba-dcerpcd\" is unpacked as a fully-qualified name and then\npassed to aa_splitn_fqname().\n\naa_splitn_fqname() treats \":samba-dcerpcd\" as only containing a namespace.\nThus it returns NULL for tmpname, meanwhile tmpns is non-NULL. Later\naa_alloc_profile() crashes as the new profile name is NULL now.\n\ngeneral protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] PREEMPT SMP KASAN NOPTI\nKASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007]\nCPU: 6 PID: 1657 Comm: apparmor_parser Not tainted 6.7.0-rc2-dirty #16\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.2-3-gd478f380-rebuilt.opensuse.org 04/01/2014\nRIP: 0010:strlen+0x1e/0xa0\nCall Trace:\n \u003cTASK\u003e\n ? strlen+0x1e/0xa0\n aa_policy_init+0x1bb/0x230\n aa_alloc_profile+0xb1/0x480\n unpack_profile+0x3bc/0x4960\n aa_unpack+0x309/0x15e0\n aa_replace_profiles+0x213/0x33c0\n policy_update+0x261/0x370\n profile_replace+0x20e/0x2a0\n vfs_write+0x2af/0xe00\n ksys_write+0x126/0x250\n do_syscall_64+0x46/0xf0\n entry_SYSCALL_64_after_hwframe+0x6e/0x76\n \u003c/TASK\u003e\n---[ end trace 0000000000000000 ]---\nRIP: 0010:strlen+0x1e/0xa0\n\nIt seems such behaviour of aa_splitn_fqname() is expected and checked in\nother places where it is called (e.g. aa_remove_profiles). Well, there\nis an explicit comment \"a ns name without a following profile is allowed\"\ninside.\n\nAFAICS, nothing can prevent unpacked \"name\" to be in form like\n\":samba-dcerpcd\" - it is passed from userspace.\n\nDeny the whole profile set replacement in such case and inform user with\nEPROTO and an explaining message.\n\nFound by Linux Verification Center (linuxtesting.org)." } ], "providerMetadata": { "dateUpdated": "2024-12-19T08:19:35.870Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/9286ee97aa4803d99185768735011d0d65827c9e" }, { "url": "https://git.kernel.org/stable/c/1d8e62b5569cc1466ceb8a7e4872cf10160a9dcf" }, { "url": "https://git.kernel.org/stable/c/5ff00408e5029d3550ee77f62dc15f1e15c47f87" }, { "url": "https://git.kernel.org/stable/c/0a12db736edbb4933e4274932aeea594b5876fa4" }, { "url": "https://git.kernel.org/stable/c/9d4fa5fe2b1d56662afd14915a73b4d0783ffa45" }, { "url": "https://git.kernel.org/stable/c/5c0392fdafb0a2321311900be83ffa572bef8203" }, { "url": "https://git.kernel.org/stable/c/77ab09b92f16c8439a948d1af489196953dc4a0e" }, { "url": "https://git.kernel.org/stable/c/55a8210c9e7d21ff2644809699765796d4bfb200" } ], "title": "apparmor: avoid crash when parsed profile name is empty", "x_generator": { "engine": "bippy-5f407fcff5a0" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2023-52443", "datePublished": "2024-02-22T16:13:31.154Z", "dateReserved": "2024-02-20T12:30:33.291Z", "dateUpdated": "2024-12-19T08:19:35.870Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1", "vulnerability-lookup:meta": { "nvd": "{\"cve\":{\"id\":\"CVE-2023-52443\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2024-02-22T17:15:08.377\",\"lastModified\":\"2024-11-21T08:39:46.453\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\napparmor: avoid crash when parsed profile name is empty\\n\\nWhen processing a packed profile in unpack_profile() described like\\n\\n \\\"profile :ns::samba-dcerpcd /usr/lib*/samba/{,samba/}samba-dcerpcd {...}\\\"\\n\\na string \\\":samba-dcerpcd\\\" is unpacked as a fully-qualified name and then\\npassed to aa_splitn_fqname().\\n\\naa_splitn_fqname() treats \\\":samba-dcerpcd\\\" as only containing a namespace.\\nThus it returns NULL for tmpname, meanwhile tmpns is non-NULL. Later\\naa_alloc_profile() crashes as the new profile name is NULL now.\\n\\ngeneral protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] PREEMPT SMP KASAN NOPTI\\nKASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007]\\nCPU: 6 PID: 1657 Comm: apparmor_parser Not tainted 6.7.0-rc2-dirty #16\\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.2-3-gd478f380-rebuilt.opensuse.org 04/01/2014\\nRIP: 0010:strlen+0x1e/0xa0\\nCall Trace:\\n \u003cTASK\u003e\\n ? strlen+0x1e/0xa0\\n aa_policy_init+0x1bb/0x230\\n aa_alloc_profile+0xb1/0x480\\n unpack_profile+0x3bc/0x4960\\n aa_unpack+0x309/0x15e0\\n aa_replace_profiles+0x213/0x33c0\\n policy_update+0x261/0x370\\n profile_replace+0x20e/0x2a0\\n vfs_write+0x2af/0xe00\\n ksys_write+0x126/0x250\\n do_syscall_64+0x46/0xf0\\n entry_SYSCALL_64_after_hwframe+0x6e/0x76\\n \u003c/TASK\u003e\\n---[ end trace 0000000000000000 ]---\\nRIP: 0010:strlen+0x1e/0xa0\\n\\nIt seems such behaviour of aa_splitn_fqname() is expected and checked in\\nother places where it is called (e.g. aa_remove_profiles). Well, there\\nis an explicit comment \\\"a ns name without a following profile is allowed\\\"\\ninside.\\n\\nAFAICS, nothing can prevent unpacked \\\"name\\\" to be in form like\\n\\\":samba-dcerpcd\\\" - it is passed from userspace.\\n\\nDeny the whole profile set replacement in such case and inform user with\\nEPROTO and an explaining message.\\n\\nFound by Linux Verification Center (linuxtesting.org).\"},{\"lang\":\"es\",\"value\":\"En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: apparmor: evita fallas cuando el nombre del perfil analizado est\u00e1 vac\u00edo Al procesar un perfil empaquetado en unpack_profile() descrito como \\\"perfil :ns::samba-dcerpcd /usr/lib*/samba/ {,samba/}samba-dcerpcd {...}\\\" una cadena \\\":samba-dcerpcd\\\" se descomprime como un nombre completo y luego se pasa a aa_splitn_fqname(). aa_splitn_fqname() trata \\\":samba-dcerpcd\\\" como si solo contuviera un espacio de nombres. Por lo tanto, devuelve NULL para tmpname, mientras que tmpns no es NULL. M\u00e1s tarde, aa_alloc_profile() falla porque el nuevo nombre del perfil ahora es NULL. falla de protecci\u00f3n general, probablemente para direcci\u00f3n no can\u00f3nica 0xdffffc0000000000: 0000 [#1] PREEMPT SMP KASAN NOPTI KASAN: null-ptr-deref en rango [0x00000000000000000-0x0000000000000007] CPU: 6 PID: 1657 Comm: apparmor_parser No contaminado 6.7.0- rc2-dirty #16 Nombre del hardware: PC est\u00e1ndar QEMU (i440FX + PIIX, 1996), BIOS rel-1.16.2-3-gd478f380-rebuilt.opensuse.org 01/04/2014 RIP: 0010:strlen+0x1e/0xa0 Llamada Seguimiento: ? strlen+0x1e/0xa0 aa_policy_init+0x1bb/0x230 aa_alloc_profile+0xb1/0x480 unpack_profile+0x3bc/0x4960 aa_unpack+0x309/0x15e0 aa_replace_profiles+0x213/0x33c0 Policy_update+0x261/0x370 perfil_replace+ 0x20e/0x2a0 vfs_write+0x2af/0xe00 ksys_write+0x126/0x250 do_syscall_64+0x46/0xf0 Entry_SYSCALL_64_after_hwframe+0x6e/0x76 ---[ end trace 0000000000000000 ]--- RIP: 0010:strlen+0x1e/0xa0 Parece que tal comportamiento de aa_splitn_fqname() se espera y se verifica en otros lugares donde se llama (por ejemplo, aa_remove_profiles). Bueno, hay un comentario expl\u00edcito \\\"se permite un nombre ns sin un perfil de seguimiento\\\" dentro. AFAICS, nada puede evitar que el \\\"nombre\\\" descomprimido tenga un formato como \\\":samba-dcerpcd\\\": se pasa desde el espacio de usuario. En tal caso, rechace el reemplazo completo del conjunto de perfiles e informe al usuario con EPROTO y un mensaje explicativo. Encontrado por el Centro de verificaci\u00f3n de Linux (linuxtesting.org).\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":5.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-476\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"4.19.306\",\"matchCriteriaId\":\"0A7AEFD0-0681-4E8D-9074-27416D3EE94C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.20\",\"versionEndExcluding\":\"5.4.268\",\"matchCriteriaId\":\"991BF737-6083-429B-ACD5-FB27D4143E2F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.5.0\",\"versionEndExcluding\":\"5.10.209\",\"matchCriteriaId\":\"5D2E4F24-2FBB-4434-8598-2B1499E566B5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.11.0\",\"versionEndExcluding\":\"5.15.148\",\"matchCriteriaId\":\"E25E1389-4B0F-407A-9C94-5908FF3EE88B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.16.0\",\"versionEndExcluding\":\"6.1.75\",\"matchCriteriaId\":\"2C4951FA-80C0-4B4C-9836-6E5035DEB0F9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.2.0\",\"versionEndExcluding\":\"6.6.14\",\"matchCriteriaId\":\"BDBBEB0E-D13A-4567-8984-51C5375350B9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.7.0\",\"versionEndExcluding\":\"6.7.2\",\"matchCriteriaId\":\"0EA3778C-730B-464C-8023-18CA6AC0B807\"}]}]}],\"references\":[{\"url\":\"https://git.kernel.org/stable/c/0a12db736edbb4933e4274932aeea594b5876fa4\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/1d8e62b5569cc1466ceb8a7e4872cf10160a9dcf\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/55a8210c9e7d21ff2644809699765796d4bfb200\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/5c0392fdafb0a2321311900be83ffa572bef8203\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/5ff00408e5029d3550ee77f62dc15f1e15c47f87\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/77ab09b92f16c8439a948d1af489196953dc4a0e\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/9286ee97aa4803d99185768735011d0d65827c9e\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/9d4fa5fe2b1d56662afd14915a73b4d0783ffa45\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/0a12db736edbb4933e4274932aeea594b5876fa4\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/1d8e62b5569cc1466ceb8a7e4872cf10160a9dcf\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/55a8210c9e7d21ff2644809699765796d4bfb200\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/5c0392fdafb0a2321311900be83ffa572bef8203\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/5ff00408e5029d3550ee77f62dc15f1e15c47f87\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/77ab09b92f16c8439a948d1af489196953dc4a0e\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/9286ee97aa4803d99185768735011d0d65827c9e\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/9d4fa5fe2b1d56662afd14915a73b4d0783ffa45\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2024/06/msg00016.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}" } }
Loading…
Loading…
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.