CVE-2023-52569 (GCVE-0-2023-52569)

Vulnerability from cvelistv5 – Published: 2024-03-02 21:59 – Updated: 2026-05-23 15:26
VLAI
Title
btrfs: remove BUG() after failure to insert delayed dir index item
Summary
In the Linux kernel, the following vulnerability has been resolved: btrfs: remove BUG() after failure to insert delayed dir index item Instead of calling BUG() when we fail to insert a delayed dir index item into the delayed node's tree, we can just release all the resources we have allocated/acquired before and return the error to the caller. This is fine because all existing call chains undo anything they have done before calling btrfs_insert_delayed_dir_index() or BUG_ON (when creating pending snapshots in the transaction commit path). So remove the BUG() call and do proper error handling. This relates to a syzbot report linked below, but does not fix it because it only prevents hitting a BUG(), it does not fix the issue where somehow we attempt to use twice the same index number for different index items.
Severity
No CVSS data available.
SSVC
Exploitation: none Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
Assigner
References
Impacted products
Vendor Product Version
Linux Linux Affected: 9b378f6ad48cfa195ed868db9123c09ee7ec5ea2 , < d10fd53393cc5de4b9cf1a4b8f9984f0a037aa51 (git)
Affected: 9b378f6ad48cfa195ed868db9123c09ee7ec5ea2 , < 2c58c3931ede7cd08cbecf1f1a4acaf0a04a41a9 (git)
Affected: 79cf35e16dd5b8639909d4df957503b84de30406 (git)
Affected: 5441532ffc9c8c9f7cab0f8722e6d60a0b5e1259 (git)
Affected: 5.15.149 , < 5.16 (semver)
Affected: 6.4.12 , < 6.5 (semver)
Create a notification for this product.
Linux Linux Affected: 6.5
Unaffected: 0 , < 6.5 (semver)
Unaffected: 6.5.6 , ≤ 6.5.* (semver)
Unaffected: 6.6 , ≤ * (original_commit_for_fix)
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-52569",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-03-05T15:57:36.904349Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:23:06.916Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:03:20.855Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/39c4a9522db0072570d602e9b365119e17fb9f4f"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/d10fd53393cc5de4b9cf1a4b8f9984f0a037aa51"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/2c58c3931ede7cd08cbecf1f1a4acaf0a04a41a9"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "fs/btrfs/delayed-inode.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "d10fd53393cc5de4b9cf1a4b8f9984f0a037aa51",
              "status": "affected",
              "version": "9b378f6ad48cfa195ed868db9123c09ee7ec5ea2",
              "versionType": "git"
            },
            {
              "lessThan": "2c58c3931ede7cd08cbecf1f1a4acaf0a04a41a9",
              "status": "affected",
              "version": "9b378f6ad48cfa195ed868db9123c09ee7ec5ea2",
              "versionType": "git"
            },
            {
              "status": "affected",
              "version": "79cf35e16dd5b8639909d4df957503b84de30406",
              "versionType": "git"
            },
            {
              "status": "affected",
              "version": "5441532ffc9c8c9f7cab0f8722e6d60a0b5e1259",
              "versionType": "git"
            },
            {
              "lessThan": "5.16",
              "status": "affected",
              "version": "5.15.149",
              "versionType": "semver"
            },
            {
              "lessThan": "6.5",
              "status": "affected",
              "version": "6.4.12",
              "versionType": "semver"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "fs/btrfs/delayed-inode.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "6.5"
            },
            {
              "lessThan": "6.5",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.5.*",
              "status": "unaffected",
              "version": "6.5.6",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.6",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.5.6",
                  "versionStartIncluding": "6.5",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.6",
                  "versionStartIncluding": "6.5",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionStartIncluding": "5.15.149",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionStartIncluding": "6.4.12",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: remove BUG() after failure to insert delayed dir index item\n\nInstead of calling BUG() when we fail to insert a delayed dir index item\ninto the delayed node\u0027s tree, we can just release all the resources we\nhave allocated/acquired before and return the error to the caller. This is\nfine because all existing call chains undo anything they have done before\ncalling btrfs_insert_delayed_dir_index() or BUG_ON (when creating pending\nsnapshots in the transaction commit path).\n\nSo remove the BUG() call and do proper error handling.\n\nThis relates to a syzbot report linked below, but does not fix it because\nit only prevents hitting a BUG(), it does not fix the issue where somehow\nwe attempt to use twice the same index number for different index items."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-05-23T15:26:15.079Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/d10fd53393cc5de4b9cf1a4b8f9984f0a037aa51"
        },
        {
          "url": "https://git.kernel.org/stable/c/2c58c3931ede7cd08cbecf1f1a4acaf0a04a41a9"
        }
      ],
      "title": "btrfs: remove BUG() after failure to insert delayed dir index item",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-52569",
    "datePublished": "2024-03-02T21:59:40.081Z",
    "dateReserved": "2024-03-02T21:55:42.567Z",
    "dateUpdated": "2026-05-23T15:26:15.079Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2023-52569",
      "date": "2026-06-14",
      "epss": "0.00015",
      "percentile": "0.03436"
    },
    "fkie_nvd": {
      "descriptions": "[{\"lang\": \"en\", \"value\": \"In the Linux kernel, the following vulnerability has been resolved:\\n\\nbtrfs: remove BUG() after failure to insert delayed dir index item\\n\\nInstead of calling BUG() when we fail to insert a delayed dir index item\\ninto the delayed node\u0027s tree, we can just release all the resources we\\nhave allocated/acquired before and return the error to the caller. This is\\nfine because all existing call chains undo anything they have done before\\ncalling btrfs_insert_delayed_dir_index() or BUG_ON (when creating pending\\nsnapshots in the transaction commit path).\\n\\nSo remove the BUG() call and do proper error handling.\\n\\nThis relates to a syzbot report linked below, but does not fix it because\\nit only prevents hitting a BUG(), it does not fix the issue where somehow\\nwe attempt to use twice the same index number for different index items.\"}, {\"lang\": \"es\", \"value\": \"En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: btrfs: elimina BUG() despu\\u00e9s de no poder insertar un elemento de \\u00edndice de directorio retrasado. En lugar de llamar a BUG() cuando no logramos insertar un elemento de \\u00edndice de directorio retrasado en el \\u00e1rbol del nodo retrasado, podemos simplemente libere todos los recursos que hemos asignado/adquirido antes y devuelva el error a la persona que llama. Esto est\\u00e1 bien porque todas las cadenas de llamadas existentes deshacen todo lo que hayan hecho antes de llamar a btrfs_insert_delayed_dir_index() o BUG_ON (al crear instant\\u00e1neas pendientes en la ruta de confirmaci\\u00f3n de la transacci\\u00f3n). As\\u00ed que elimine la llamada BUG() y realice un manejo adecuado de los errores. Esto se relaciona con un informe de syzbot vinculado a continuaci\\u00f3n, pero no lo soluciona porque solo evita que se produzca un ERROR (), no soluciona el problema por el cual de alguna manera intentamos usar el doble del mismo n\\u00famero de \\u00edndice para diferentes elementos de \\u00edndice.\"}]",
      "id": "CVE-2023-52569",
      "lastModified": "2024-11-21T08:40:05.503",
      "published": "2024-03-02T22:15:49.163",
      "references": "[{\"url\": \"https://git.kernel.org/stable/c/2c58c3931ede7cd08cbecf1f1a4acaf0a04a41a9\", \"source\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"}, {\"url\": \"https://git.kernel.org/stable/c/39c4a9522db0072570d602e9b365119e17fb9f4f\", \"source\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"}, {\"url\": \"https://git.kernel.org/stable/c/d10fd53393cc5de4b9cf1a4b8f9984f0a037aa51\", \"source\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"}, {\"url\": \"https://git.kernel.org/stable/c/2c58c3931ede7cd08cbecf1f1a4acaf0a04a41a9\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://git.kernel.org/stable/c/39c4a9522db0072570d602e9b365119e17fb9f4f\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://git.kernel.org/stable/c/d10fd53393cc5de4b9cf1a4b8f9984f0a037aa51\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
      "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "vulnStatus": "Undergoing Analysis"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2023-52569\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2024-03-02T22:15:49.163\",\"lastModified\":\"2025-06-19T13:15:25.037\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\nbtrfs: remove BUG() after failure to insert delayed dir index item\\n\\nInstead of calling BUG() when we fail to insert a delayed dir index item\\ninto the delayed node\u0027s tree, we can just release all the resources we\\nhave allocated/acquired before and return the error to the caller. This is\\nfine because all existing call chains undo anything they have done before\\ncalling btrfs_insert_delayed_dir_index() or BUG_ON (when creating pending\\nsnapshots in the transaction commit path).\\n\\nSo remove the BUG() call and do proper error handling.\\n\\nThis relates to a syzbot report linked below, but does not fix it because\\nit only prevents hitting a BUG(), it does not fix the issue where somehow\\nwe attempt to use twice the same index number for different index items.\"},{\"lang\":\"es\",\"value\":\"En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: btrfs: elimina BUG() despu\u00e9s de no poder insertar un elemento de \u00edndice de directorio retrasado. En lugar de llamar a BUG() cuando no logramos insertar un elemento de \u00edndice de directorio retrasado en el \u00e1rbol del nodo retrasado, podemos simplemente libere todos los recursos que hemos asignado/adquirido antes y devuelva el error a la persona que llama. Esto est\u00e1 bien porque todas las cadenas de llamadas existentes deshacen todo lo que hayan hecho antes de llamar a btrfs_insert_delayed_dir_index() o BUG_ON (al crear instant\u00e1neas pendientes en la ruta de confirmaci\u00f3n de la transacci\u00f3n). As\u00ed que elimine la llamada BUG() y realice un manejo adecuado de los errores. Esto se relaciona con un informe de syzbot vinculado a continuaci\u00f3n, pero no lo soluciona porque solo evita que se produzca un ERROR (), no soluciona el problema por el cual de alguna manera intentamos usar el doble del mismo n\u00famero de \u00edndice para diferentes elementos de \u00edndice.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":5.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-617\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"6.1.56\",\"matchCriteriaId\":\"9889AA5E-5419-4E5A-8A95-FB5F9494E850\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.2\",\"versionEndExcluding\":\"6.5.6\",\"matchCriteriaId\":\"870FC772-173A-4A0F-B1AF-7976AD6057D3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:6.6:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"84267A4F-DBC2-444F-B41D-69E15E1BEC97\"}]}]}],\"references\":[{\"url\":\"https://git.kernel.org/stable/c/2c58c3931ede7cd08cbecf1f1a4acaf0a04a41a9\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/d10fd53393cc5de4b9cf1a4b8f9984f0a037aa51\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/2c58c3931ede7cd08cbecf1f1a4acaf0a04a41a9\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/39c4a9522db0072570d602e9b365119e17fb9f4f\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/d10fd53393cc5de4b9cf1a4b8f9984f0a037aa51\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://git.kernel.org/stable/c/39c4a9522db0072570d602e9b365119e17fb9f4f\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://git.kernel.org/stable/c/d10fd53393cc5de4b9cf1a4b8f9984f0a037aa51\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://git.kernel.org/stable/c/2c58c3931ede7cd08cbecf1f1a4acaf0a04a41a9\", \"tags\": [\"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-02T23:03:20.855Z\"}}, {\"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2023-52569\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-03-05T15:57:36.904349Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-05-23T19:01:15.174Z\"}, \"title\": \"CISA ADP Vulnrichment\"}], \"cna\": {\"title\": \"btrfs: remove BUG() after failure to insert delayed dir index item\", \"affected\": [{\"repo\": \"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git\", \"vendor\": \"Linux\", \"product\": \"Linux\", \"versions\": [{\"status\": \"affected\", \"version\": \"9b378f6ad48cfa195ed868db9123c09ee7ec5ea2\", \"lessThan\": \"d10fd53393cc5de4b9cf1a4b8f9984f0a037aa51\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"9b378f6ad48cfa195ed868db9123c09ee7ec5ea2\", \"lessThan\": \"2c58c3931ede7cd08cbecf1f1a4acaf0a04a41a9\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"79cf35e16dd5b8639909d4df957503b84de30406\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"5441532ffc9c8c9f7cab0f8722e6d60a0b5e1259\", \"versionType\": \"git\"}], \"programFiles\": [\"fs/btrfs/delayed-inode.c\"], \"defaultStatus\": \"unaffected\"}, {\"repo\": \"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git\", \"vendor\": \"Linux\", \"product\": \"Linux\", \"versions\": [{\"status\": \"affected\", \"version\": \"6.5\"}, {\"status\": \"unaffected\", \"version\": \"0\", \"lessThan\": \"6.5\", \"versionType\": \"semver\"}, {\"status\": \"unaffected\", \"version\": \"6.5.6\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"6.5.*\"}, {\"status\": \"unaffected\", \"version\": \"6.6\", \"versionType\": \"original_commit_for_fix\", \"lessThanOrEqual\": \"*\"}], \"programFiles\": [\"fs/btrfs/delayed-inode.c\"], \"defaultStatus\": \"affected\"}], \"references\": [{\"url\": \"https://git.kernel.org/stable/c/d10fd53393cc5de4b9cf1a4b8f9984f0a037aa51\"}, {\"url\": \"https://git.kernel.org/stable/c/2c58c3931ede7cd08cbecf1f1a4acaf0a04a41a9\"}], \"x_generator\": {\"engine\": \"bippy-1.2.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"In the Linux kernel, the following vulnerability has been resolved:\\n\\nbtrfs: remove BUG() after failure to insert delayed dir index item\\n\\nInstead of calling BUG() when we fail to insert a delayed dir index item\\ninto the delayed node\u0027s tree, we can just release all the resources we\\nhave allocated/acquired before and return the error to the caller. This is\\nfine because all existing call chains undo anything they have done before\\ncalling btrfs_insert_delayed_dir_index() or BUG_ON (when creating pending\\nsnapshots in the transaction commit path).\\n\\nSo remove the BUG() call and do proper error handling.\\n\\nThis relates to a syzbot report linked below, but does not fix it because\\nit only prevents hitting a BUG(), it does not fix the issue where somehow\\nwe attempt to use twice the same index number for different index items.\"}], \"cpeApplicability\": [{\"nodes\": [{\"negate\": false, \"cpeMatch\": [{\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"6.5.6\", \"versionStartIncluding\": \"6.5\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"6.6\", \"versionStartIncluding\": \"6.5\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionStartIncluding\": \"5.15.149\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionStartIncluding\": \"6.4.12\"}], \"operator\": \"OR\"}]}], \"providerMetadata\": {\"orgId\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"shortName\": \"Linux\", \"dateUpdated\": \"2025-06-19T12:39:11.862Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2023-52569\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-06-19T12:39:11.862Z\", \"dateReserved\": \"2024-03-02T21:55:42.567Z\", \"assignerOrgId\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"datePublished\": \"2024-03-02T21:59:40.081Z\", \"assignerShortName\": \"Linux\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.





Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author Source Type Date Other

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.


Detection rules are retrieved from Rulezet.