CVE-2024-26844 (GCVE-0-2024-26844)

Vulnerability from cvelistv5 – Published: 2024-04-17 10:10 – Updated: 2025-05-04 08:57
VLAI?
Summary
In the Linux kernel, the following vulnerability has been resolved: block: Fix WARNING in _copy_from_iter Syzkaller reports a warning in _copy_from_iter because an iov_iter is supposedly used in the wrong direction. The reason is that syzcaller managed to generate a request with a transfer direction of SG_DXFER_TO_FROM_DEV. This instructs the kernel to copy user buffers into the kernel, read into the copied buffers and then copy the data back to user space. Thus the iovec is used in both directions. Detect this situation in the block layer and construct a new iterator with the correct direction for the copy-in.
Severity ?
No CVSS data available.
Assigner
References
Impacted products
Vendor Product Version
Linux Linux Affected: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 , < 8fc80874103a5c20aebdc2401361aa01c817f75b (git)
Affected: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 , < 0f1bae071de9967602807472921829a54b2e5956 (git)
Affected: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 , < cbaf9be337f7da25742acfce325119e3395b1f1b (git)
Affected: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 , < 13f3956eb5681a4045a8dfdef48df5dc4d9f58a6 (git)
Create a notification for this product.
    Linux Linux Unaffected: 6.1.80 , ≤ 6.1.* (semver)
Unaffected: 6.6.19 , ≤ 6.6.* (semver)
Unaffected: 6.7.7 , ≤ 6.7.* (semver)
Unaffected: 6.8 , ≤ * (original_commit_for_fix)
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-26844",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-10T14:27:10.114301Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:48:24.553Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T00:14:13.656Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/8fc80874103a5c20aebdc2401361aa01c817f75b"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/0f1bae071de9967602807472921829a54b2e5956"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/cbaf9be337f7da25742acfce325119e3395b1f1b"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/13f3956eb5681a4045a8dfdef48df5dc4d9f58a6"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "block/blk-map.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "8fc80874103a5c20aebdc2401361aa01c817f75b",
              "status": "affected",
              "version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
              "versionType": "git"
            },
            {
              "lessThan": "0f1bae071de9967602807472921829a54b2e5956",
              "status": "affected",
              "version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
              "versionType": "git"
            },
            {
              "lessThan": "cbaf9be337f7da25742acfce325119e3395b1f1b",
              "status": "affected",
              "version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
              "versionType": "git"
            },
            {
              "lessThan": "13f3956eb5681a4045a8dfdef48df5dc4d9f58a6",
              "status": "affected",
              "version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "block/blk-map.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.80",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.19",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.7.*",
              "status": "unaffected",
              "version": "6.7.7",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.8",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.1.80",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.6.19",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.7.7",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.8",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nblock: Fix WARNING in _copy_from_iter\n\nSyzkaller reports a warning in _copy_from_iter because an\niov_iter is supposedly used in the wrong direction. The reason\nis that syzcaller managed to generate a request with\na transfer direction of SG_DXFER_TO_FROM_DEV. This instructs\nthe kernel to copy user buffers into the kernel, read into\nthe copied buffers and then copy the data back to user space.\n\nThus the iovec is used in both directions.\n\nDetect this situation in the block layer and construct a new\niterator with the correct direction for the copy-in."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-05-04T08:57:48.719Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/8fc80874103a5c20aebdc2401361aa01c817f75b"
        },
        {
          "url": "https://git.kernel.org/stable/c/0f1bae071de9967602807472921829a54b2e5956"
        },
        {
          "url": "https://git.kernel.org/stable/c/cbaf9be337f7da25742acfce325119e3395b1f1b"
        },
        {
          "url": "https://git.kernel.org/stable/c/13f3956eb5681a4045a8dfdef48df5dc4d9f58a6"
        }
      ],
      "title": "block: Fix WARNING in _copy_from_iter",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2024-26844",
    "datePublished": "2024-04-17T10:10:08.711Z",
    "dateReserved": "2024-02-19T14:20:24.182Z",
    "dateUpdated": "2025-05-04T08:57:48.719Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "descriptions": "[{\"lang\": \"en\", \"value\": \"In the Linux kernel, the following vulnerability has been resolved:\\n\\nblock: Fix WARNING in _copy_from_iter\\n\\nSyzkaller reports a warning in _copy_from_iter because an\\niov_iter is supposedly used in the wrong direction. The reason\\nis that syzcaller managed to generate a request with\\na transfer direction of SG_DXFER_TO_FROM_DEV. This instructs\\nthe kernel to copy user buffers into the kernel, read into\\nthe copied buffers and then copy the data back to user space.\\n\\nThus the iovec is used in both directions.\\n\\nDetect this situation in the block layer and construct a new\\niterator with the correct direction for the copy-in.\"}, {\"lang\": \"es\", \"value\": \"En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: bloque: Reparar ADVERTENCIA en _copy_from_iter Syzkaller informa una advertencia en _copy_from_iter porque supuestamente se usa un iov_iter en la direcci\\u00f3n incorrecta. La raz\\u00f3n es que syzcaller logr\\u00f3 generar una solicitud con una direcci\\u00f3n de transferencia de SG_DXFER_TO_FROM_DEV. Esto le indica al kernel que copie los buffers del usuario en el kernel, los lea en los buffers copiados y luego copie los datos nuevamente al espacio del usuario. Por tanto, el iovec se utiliza en ambas direcciones. Detecte esta situaci\\u00f3n en la capa de bloque y construya un nuevo iterador con la direcci\\u00f3n correcta para la copia.\"}]",
      "id": "CVE-2024-26844",
      "lastModified": "2024-11-21T09:03:11.670",
      "published": "2024-04-17T10:15:10.093",
      "references": "[{\"url\": \"https://git.kernel.org/stable/c/0f1bae071de9967602807472921829a54b2e5956\", \"source\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"}, {\"url\": \"https://git.kernel.org/stable/c/13f3956eb5681a4045a8dfdef48df5dc4d9f58a6\", \"source\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"}, {\"url\": \"https://git.kernel.org/stable/c/8fc80874103a5c20aebdc2401361aa01c817f75b\", \"source\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"}, {\"url\": \"https://git.kernel.org/stable/c/cbaf9be337f7da25742acfce325119e3395b1f1b\", \"source\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"}, {\"url\": \"https://git.kernel.org/stable/c/0f1bae071de9967602807472921829a54b2e5956\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://git.kernel.org/stable/c/13f3956eb5681a4045a8dfdef48df5dc4d9f58a6\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://git.kernel.org/stable/c/8fc80874103a5c20aebdc2401361aa01c817f75b\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://git.kernel.org/stable/c/cbaf9be337f7da25742acfce325119e3395b1f1b\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
      "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "vulnStatus": "Awaiting Analysis"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2024-26844\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2024-04-17T10:15:10.093\",\"lastModified\":\"2025-04-02T13:17:54.900\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\nblock: Fix WARNING in _copy_from_iter\\n\\nSyzkaller reports a warning in _copy_from_iter because an\\niov_iter is supposedly used in the wrong direction. The reason\\nis that syzcaller managed to generate a request with\\na transfer direction of SG_DXFER_TO_FROM_DEV. This instructs\\nthe kernel to copy user buffers into the kernel, read into\\nthe copied buffers and then copy the data back to user space.\\n\\nThus the iovec is used in both directions.\\n\\nDetect this situation in the block layer and construct a new\\niterator with the correct direction for the copy-in.\"},{\"lang\":\"es\",\"value\":\"En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: bloque: Reparar ADVERTENCIA en _copy_from_iter Syzkaller informa una advertencia en _copy_from_iter porque supuestamente se usa un iov_iter en la direcci\u00f3n incorrecta. La raz\u00f3n es que syzcaller logr\u00f3 generar una solicitud con una direcci\u00f3n de transferencia de SG_DXFER_TO_FROM_DEV. Esto le indica al kernel que copie los buffers del usuario en el kernel, los lea en los buffers copiados y luego copie los datos nuevamente al espacio del usuario. Por tanto, el iovec se utiliza en ambas direcciones. Detecte esta situaci\u00f3n en la capa de bloque y construya un nuevo iterador con la direcci\u00f3n correcta para la copia.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":5.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"6.1.80\",\"matchCriteriaId\":\"68B819D6-60AD-446F-A1CF-814A2ADCB42C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.2\",\"versionEndExcluding\":\"6.6.19\",\"matchCriteriaId\":\"8D82004C-B2AE-4048-9344-32EFF65953B0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.7\",\"versionEndExcluding\":\"6.7.7\",\"matchCriteriaId\":\"575EE16B-67F2-4B5B-B5F8-1877715C898B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:6.8:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"B9F4EA73-0894-400F-A490-3A397AB7A517\"}]}]}],\"references\":[{\"url\":\"https://git.kernel.org/stable/c/0f1bae071de9967602807472921829a54b2e5956\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/13f3956eb5681a4045a8dfdef48df5dc4d9f58a6\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/8fc80874103a5c20aebdc2401361aa01c817f75b\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/cbaf9be337f7da25742acfce325119e3395b1f1b\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/0f1bae071de9967602807472921829a54b2e5956\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/13f3956eb5681a4045a8dfdef48df5dc4d9f58a6\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/8fc80874103a5c20aebdc2401361aa01c817f75b\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/cbaf9be337f7da25742acfce325119e3395b1f1b\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://git.kernel.org/stable/c/8fc80874103a5c20aebdc2401361aa01c817f75b\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://git.kernel.org/stable/c/0f1bae071de9967602807472921829a54b2e5956\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://git.kernel.org/stable/c/cbaf9be337f7da25742acfce325119e3395b1f1b\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://git.kernel.org/stable/c/13f3956eb5681a4045a8dfdef48df5dc4d9f58a6\", \"tags\": [\"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-02T00:14:13.656Z\"}}, {\"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-26844\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-05-10T14:27:10.114301Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-05-23T19:01:24.294Z\"}, \"title\": \"CISA ADP Vulnrichment\"}], \"cna\": {\"title\": \"block: Fix WARNING in _copy_from_iter\", \"affected\": [{\"repo\": \"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git\", \"vendor\": \"Linux\", \"product\": \"Linux\", \"versions\": [{\"status\": \"affected\", \"version\": \"1da177e4c3f41524e886b7f1b8a0c1fc7321cac2\", \"lessThan\": \"8fc80874103a5c20aebdc2401361aa01c817f75b\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"1da177e4c3f41524e886b7f1b8a0c1fc7321cac2\", \"lessThan\": \"0f1bae071de9967602807472921829a54b2e5956\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"1da177e4c3f41524e886b7f1b8a0c1fc7321cac2\", \"lessThan\": \"cbaf9be337f7da25742acfce325119e3395b1f1b\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"1da177e4c3f41524e886b7f1b8a0c1fc7321cac2\", \"lessThan\": \"13f3956eb5681a4045a8dfdef48df5dc4d9f58a6\", \"versionType\": \"git\"}], \"programFiles\": [\"block/blk-map.c\"], \"defaultStatus\": \"unaffected\"}, {\"repo\": \"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git\", \"vendor\": \"Linux\", \"product\": \"Linux\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"6.1.80\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"6.1.*\"}, {\"status\": \"unaffected\", \"version\": \"6.6.19\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"6.6.*\"}, {\"status\": \"unaffected\", \"version\": \"6.7.7\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"6.7.*\"}, {\"status\": \"unaffected\", \"version\": \"6.8\", \"versionType\": \"original_commit_for_fix\", \"lessThanOrEqual\": \"*\"}], \"programFiles\": [\"block/blk-map.c\"], \"defaultStatus\": \"affected\"}], \"references\": [{\"url\": \"https://git.kernel.org/stable/c/8fc80874103a5c20aebdc2401361aa01c817f75b\"}, {\"url\": \"https://git.kernel.org/stable/c/0f1bae071de9967602807472921829a54b2e5956\"}, {\"url\": \"https://git.kernel.org/stable/c/cbaf9be337f7da25742acfce325119e3395b1f1b\"}, {\"url\": \"https://git.kernel.org/stable/c/13f3956eb5681a4045a8dfdef48df5dc4d9f58a6\"}], \"x_generator\": {\"engine\": \"bippy-5f407fcff5a0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"In the Linux kernel, the following vulnerability has been resolved:\\n\\nblock: Fix WARNING in _copy_from_iter\\n\\nSyzkaller reports a warning in _copy_from_iter because an\\niov_iter is supposedly used in the wrong direction. The reason\\nis that syzcaller managed to generate a request with\\na transfer direction of SG_DXFER_TO_FROM_DEV. This instructs\\nthe kernel to copy user buffers into the kernel, read into\\nthe copied buffers and then copy the data back to user space.\\n\\nThus the iovec is used in both directions.\\n\\nDetect this situation in the block layer and construct a new\\niterator with the correct direction for the copy-in.\"}], \"providerMetadata\": {\"orgId\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"shortName\": \"Linux\", \"dateUpdated\": \"2024-12-19T08:48:32.819Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2024-26844\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-12-19T08:48:32.819Z\", \"dateReserved\": \"2024-02-19T14:20:24.182Z\", \"assignerOrgId\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"datePublished\": \"2024-04-17T10:10:08.711Z\", \"assignerShortName\": \"Linux\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.