CVE-2026-46303 (GCVE-0-2026-46303)
Vulnerability from cvelistv5 – Published: 2026-06-08 15:46 – Updated: 2026-06-14 18:07
VLAI
EPSS
VEX
Title
isofs: validate Rock Ridge CE continuation extent against volume size
Summary
In the Linux kernel, the following vulnerability has been resolved:
isofs: validate Rock Ridge CE continuation extent against volume size
rock_continue() reads rs->cont_extent verbatim from the Rock Ridge CE
record and passes it to sb_bread() without checking that the block
number is within the mounted ISO 9660 volume. commit e595447e177b
("[PATCH] rock.c: handle corrupted directories") added cont_offset
and cont_size rejection for the CE continuation but did not validate
the extent block number itself. commit f54e18f1b831 ("isofs: Fix
infinite looping over CE entries") later capped the CE chain length
at RR_MAX_CE_ENTRIES = 32 but again left the block number unchecked.
With a crafted ISO mounted via udisks2 (desktop optical auto-mount)
or via CAP_SYS_ADMIN mount, rs->cont_extent can therefore point at
an out-of-range block or at blocks belonging to an adjacent
filesystem on the same block device. sb_bread() on an out-of-range
block returns NULL cleanly via the block layer EIO path, so there
is no memory-safety violation. For in-range reads of adjacent-
filesystem data, the CE buffer is parsed as Rock Ridge records and
only the text of SL sub-records reaches userspace through
readlink(), which makes the info-leak channel narrow and difficult
to exploit; still, rejecting the malformed CE outright matches the
rejection shape already present in the same function for
cont_offset and cont_size.
Add an ISOFS_SB(sb)->s_nzones bounds check to rock_continue() next
to the existing offset/size rejection, printing the same
corrupted-directory-entry notice.
Severity
8.2 (High)
Assigner
References
8 references
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Linux | Linux |
Affected:
f54e18f1b831c92f6512d2eedb224cd63d607d3d , < 8356fb821016797f5677cbeee5ddc0d32a95b4be
(git)
Affected: f54e18f1b831c92f6512d2eedb224cd63d607d3d , < d582e12378bc1637f337622feef762f53c43fd57 (git) Affected: f54e18f1b831c92f6512d2eedb224cd63d607d3d , < bf1bc673c587f5ef7e9c09b94aea7c5a7847d4d9 (git) Affected: f54e18f1b831c92f6512d2eedb224cd63d607d3d , < c9b37c8b73f6368e4750e5ccb0632c380b43c6e5 (git) Affected: f54e18f1b831c92f6512d2eedb224cd63d607d3d , < 22b36fa081f38ab397c7697f9d539211b51a0cfc (git) Affected: f54e18f1b831c92f6512d2eedb224cd63d607d3d , < e69da8eeab74b4f4505024c38a17bce060fe7df8 (git) Affected: f54e18f1b831c92f6512d2eedb224cd63d607d3d , < ef048470c90bc8c1b8318bb2ce329da9ef64b9fe (git) Affected: f54e18f1b831c92f6512d2eedb224cd63d607d3d , < a36d990f591320e9dd379ab30063ebfe91d47e1f (git) Affected: 08313e26e06d4aa9ce1cbba1a8e359e9cab9ad56 (git) Affected: 212c4d33ca83e2144064fe9c2911607fbed5386f (git) Affected: 96e44adce250199ec9b2b928be66365779ff1b59 (git) Affected: 1fe5620fcd6c2f0a4a927ee10c8e53196da392f3 (git) Affected: fbce0d7dc8965c9fb8d411862040239d4a768c71 (git) Affected: 8190393a88f2b0321263a54f2a9eb5a2aa43be7e (git) Affected: 486aa789eadcf44ed87f972b209299c516454693 (git) Affected: b6d20edb6e7cedb4eedb9e0193d20dd488ebae84 (git) Affected: 2.6.32.66 , < 2.6.33 (semver) Affected: 3.2.67 , < 3.3 (semver) Affected: 3.4.107 , < 3.5 (semver) Affected: 3.10.64 , < 3.11 (semver) Affected: 3.12.36 , < 3.13 (semver) Affected: 3.14.28 , < 3.15 (semver) Affected: 3.17.8 , < 3.18 (semver) Affected: 3.18.2 , < 3.19 (semver) |
|
| Linux | Linux |
Affected:
3.19
Unaffected: 0 , < 3.19 (semver) Unaffected: 5.10.258 , ≤ 5.10.* (semver) Unaffected: 5.15.209 , ≤ 5.15.* (semver) Unaffected: 6.1.175 , ≤ 6.1.* (semver) Unaffected: 6.6.140 , ≤ 6.6.* (semver) Unaffected: 6.12.88 , ≤ 6.12.* (semver) Unaffected: 6.18.30 , ≤ 6.18.* (semver) Unaffected: 7.0.7 , ≤ 7.0.* (semver) Unaffected: 7.1 , ≤ * (original_commit_for_fix) |
{
"containers": {
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"fs/isofs/rock.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "8356fb821016797f5677cbeee5ddc0d32a95b4be",
"status": "affected",
"version": "f54e18f1b831c92f6512d2eedb224cd63d607d3d",
"versionType": "git"
},
{
"lessThan": "d582e12378bc1637f337622feef762f53c43fd57",
"status": "affected",
"version": "f54e18f1b831c92f6512d2eedb224cd63d607d3d",
"versionType": "git"
},
{
"lessThan": "bf1bc673c587f5ef7e9c09b94aea7c5a7847d4d9",
"status": "affected",
"version": "f54e18f1b831c92f6512d2eedb224cd63d607d3d",
"versionType": "git"
},
{
"lessThan": "c9b37c8b73f6368e4750e5ccb0632c380b43c6e5",
"status": "affected",
"version": "f54e18f1b831c92f6512d2eedb224cd63d607d3d",
"versionType": "git"
},
{
"lessThan": "22b36fa081f38ab397c7697f9d539211b51a0cfc",
"status": "affected",
"version": "f54e18f1b831c92f6512d2eedb224cd63d607d3d",
"versionType": "git"
},
{
"lessThan": "e69da8eeab74b4f4505024c38a17bce060fe7df8",
"status": "affected",
"version": "f54e18f1b831c92f6512d2eedb224cd63d607d3d",
"versionType": "git"
},
{
"lessThan": "ef048470c90bc8c1b8318bb2ce329da9ef64b9fe",
"status": "affected",
"version": "f54e18f1b831c92f6512d2eedb224cd63d607d3d",
"versionType": "git"
},
{
"lessThan": "a36d990f591320e9dd379ab30063ebfe91d47e1f",
"status": "affected",
"version": "f54e18f1b831c92f6512d2eedb224cd63d607d3d",
"versionType": "git"
},
{
"status": "affected",
"version": "08313e26e06d4aa9ce1cbba1a8e359e9cab9ad56",
"versionType": "git"
},
{
"status": "affected",
"version": "212c4d33ca83e2144064fe9c2911607fbed5386f",
"versionType": "git"
},
{
"status": "affected",
"version": "96e44adce250199ec9b2b928be66365779ff1b59",
"versionType": "git"
},
{
"status": "affected",
"version": "1fe5620fcd6c2f0a4a927ee10c8e53196da392f3",
"versionType": "git"
},
{
"status": "affected",
"version": "fbce0d7dc8965c9fb8d411862040239d4a768c71",
"versionType": "git"
},
{
"status": "affected",
"version": "8190393a88f2b0321263a54f2a9eb5a2aa43be7e",
"versionType": "git"
},
{
"status": "affected",
"version": "486aa789eadcf44ed87f972b209299c516454693",
"versionType": "git"
},
{
"status": "affected",
"version": "b6d20edb6e7cedb4eedb9e0193d20dd488ebae84",
"versionType": "git"
},
{
"lessThan": "2.6.33",
"status": "affected",
"version": "2.6.32.66",
"versionType": "semver"
},
{
"lessThan": "3.3",
"status": "affected",
"version": "3.2.67",
"versionType": "semver"
},
{
"lessThan": "3.5",
"status": "affected",
"version": "3.4.107",
"versionType": "semver"
},
{
"lessThan": "3.11",
"status": "affected",
"version": "3.10.64",
"versionType": "semver"
},
{
"lessThan": "3.13",
"status": "affected",
"version": "3.12.36",
"versionType": "semver"
},
{
"lessThan": "3.15",
"status": "affected",
"version": "3.14.28",
"versionType": "semver"
},
{
"lessThan": "3.18",
"status": "affected",
"version": "3.17.8",
"versionType": "semver"
},
{
"lessThan": "3.19",
"status": "affected",
"version": "3.18.2",
"versionType": "semver"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"fs/isofs/rock.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "3.19"
},
{
"lessThan": "3.19",
"status": "unaffected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.258",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.209",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.175",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.140",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.12.*",
"status": "unaffected",
"version": "6.12.88",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.18.*",
"status": "unaffected",
"version": "6.18.30",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.0.*",
"status": "unaffected",
"version": "7.0.7",
"versionType": "semver"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "7.1",
"versionType": "original_commit_for_fix"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.10.258",
"versionStartIncluding": "3.19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.15.209",
"versionStartIncluding": "3.19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.1.175",
"versionStartIncluding": "3.19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.6.140",
"versionStartIncluding": "3.19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.12.88",
"versionStartIncluding": "3.19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.18.30",
"versionStartIncluding": "3.19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "7.0.7",
"versionStartIncluding": "3.19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "7.1",
"versionStartIncluding": "3.19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.6.32.66",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.2.67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.4.107",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.10.64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.12.36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.14.28",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.17.8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.18.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nisofs: validate Rock Ridge CE continuation extent against volume size\n\nrock_continue() reads rs-\u003econt_extent verbatim from the Rock Ridge CE\nrecord and passes it to sb_bread() without checking that the block\nnumber is within the mounted ISO 9660 volume. commit e595447e177b\n(\"[PATCH] rock.c: handle corrupted directories\") added cont_offset\nand cont_size rejection for the CE continuation but did not validate\nthe extent block number itself. commit f54e18f1b831 (\"isofs: Fix\ninfinite looping over CE entries\") later capped the CE chain length\nat RR_MAX_CE_ENTRIES = 32 but again left the block number unchecked.\n\nWith a crafted ISO mounted via udisks2 (desktop optical auto-mount)\nor via CAP_SYS_ADMIN mount, rs-\u003econt_extent can therefore point at\nan out-of-range block or at blocks belonging to an adjacent\nfilesystem on the same block device. sb_bread() on an out-of-range\nblock returns NULL cleanly via the block layer EIO path, so there\nis no memory-safety violation. For in-range reads of adjacent-\nfilesystem data, the CE buffer is parsed as Rock Ridge records and\nonly the text of SL sub-records reaches userspace through\nreadlink(), which makes the info-leak channel narrow and difficult\nto exploit; still, rejecting the malformed CE outright matches the\nrejection shape already present in the same function for\ncont_offset and cont_size.\n\nAdd an ISOFS_SB(sb)-\u003es_nzones bounds check to rock_continue() next\nto the existing offset/size rejection, printing the same\ncorrupted-directory-entry notice."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 8.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N",
"version": "3.1"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-14T18:07:47.782Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/8356fb821016797f5677cbeee5ddc0d32a95b4be"
},
{
"url": "https://git.kernel.org/stable/c/d582e12378bc1637f337622feef762f53c43fd57"
},
{
"url": "https://git.kernel.org/stable/c/bf1bc673c587f5ef7e9c09b94aea7c5a7847d4d9"
},
{
"url": "https://git.kernel.org/stable/c/c9b37c8b73f6368e4750e5ccb0632c380b43c6e5"
},
{
"url": "https://git.kernel.org/stable/c/22b36fa081f38ab397c7697f9d539211b51a0cfc"
},
{
"url": "https://git.kernel.org/stable/c/e69da8eeab74b4f4505024c38a17bce060fe7df8"
},
{
"url": "https://git.kernel.org/stable/c/ef048470c90bc8c1b8318bb2ce329da9ef64b9fe"
},
{
"url": "https://git.kernel.org/stable/c/a36d990f591320e9dd379ab30063ebfe91d47e1f"
}
],
"title": "isofs: validate Rock Ridge CE continuation extent against volume size",
"x_generator": {
"engine": "bippy-1.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2026-46303",
"datePublished": "2026-06-08T15:46:30.642Z",
"dateReserved": "2026-05-13T15:03:33.111Z",
"dateUpdated": "2026-06-14T18:07:47.782Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2026-46303",
"date": "2026-07-09",
"epss": "0.00278",
"percentile": "0.19704"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2026-46303\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2026-06-08T17:16:48.853\",\"lastModified\":\"2026-07-08T14:48:22.477\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\nisofs: validate Rock Ridge CE continuation extent against volume size\\n\\nrock_continue() reads rs-\u003econt_extent verbatim from the Rock Ridge CE\\nrecord and passes it to sb_bread() without checking that the block\\nnumber is within the mounted ISO 9660 volume. commit e595447e177b\\n(\\\"[PATCH] rock.c: handle corrupted directories\\\") added cont_offset\\nand cont_size rejection for the CE continuation but did not validate\\nthe extent block number itself. commit f54e18f1b831 (\\\"isofs: Fix\\ninfinite looping over CE entries\\\") later capped the CE chain length\\nat RR_MAX_CE_ENTRIES = 32 but again left the block number unchecked.\\n\\nWith a crafted ISO mounted via udisks2 (desktop optical auto-mount)\\nor via CAP_SYS_ADMIN mount, rs-\u003econt_extent can therefore point at\\nan out-of-range block or at blocks belonging to an adjacent\\nfilesystem on the same block device. sb_bread() on an out-of-range\\nblock returns NULL cleanly via the block layer EIO path, so there\\nis no memory-safety violation. For in-range reads of adjacent-\\nfilesystem data, the CE buffer is parsed as Rock Ridge records and\\nonly the text of SL sub-records reaches userspace through\\nreadlink(), which makes the info-leak channel narrow and difficult\\nto exploit; still, rejecting the malformed CE outright matches the\\nrejection shape already present in the same function for\\ncont_offset and cont_size.\\n\\nAdd an ISOFS_SB(sb)-\u003es_nzones bounds check to rock_continue() next\\nto the existing offset/size rejection, printing the same\\ncorrupted-directory-entry notice.\"}],\"affected\":[{\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"affectedData\":[{\"vendor\":\"Linux\",\"product\":\"Linux\",\"defaultStatus\":\"unaffected\",\"programFiles\":[\"fs/isofs/rock.c\"],\"repo\":\"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git\",\"versions\":[{\"version\":\"f54e18f1b831c92f6512d2eedb224cd63d607d3d\",\"lessThan\":\"8356fb821016797f5677cbeee5ddc0d32a95b4be\",\"versionType\":\"git\",\"status\":\"affected\"},{\"version\":\"f54e18f1b831c92f6512d2eedb224cd63d607d3d\",\"lessThan\":\"d582e12378bc1637f337622feef762f53c43fd57\",\"versionType\":\"git\",\"status\":\"affected\"},{\"version\":\"f54e18f1b831c92f6512d2eedb224cd63d607d3d\",\"lessThan\":\"bf1bc673c587f5ef7e9c09b94aea7c5a7847d4d9\",\"versionType\":\"git\",\"status\":\"affected\"},{\"version\":\"f54e18f1b831c92f6512d2eedb224cd63d607d3d\",\"lessThan\":\"c9b37c8b73f6368e4750e5ccb0632c380b43c6e5\",\"versionType\":\"git\",\"status\":\"affected\"},{\"version\":\"f54e18f1b831c92f6512d2eedb224cd63d607d3d\",\"lessThan\":\"22b36fa081f38ab397c7697f9d539211b51a0cfc\",\"versionType\":\"git\",\"status\":\"affected\"},{\"version\":\"f54e18f1b831c92f6512d2eedb224cd63d607d3d\",\"lessThan\":\"e69da8eeab74b4f4505024c38a17bce060fe7df8\",\"versionType\":\"git\",\"status\":\"affected\"},{\"version\":\"f54e18f1b831c92f6512d2eedb224cd63d607d3d\",\"lessThan\":\"ef048470c90bc8c1b8318bb2ce329da9ef64b9fe\",\"versionType\":\"git\",\"status\":\"affected\"},{\"version\":\"f54e18f1b831c92f6512d2eedb224cd63d607d3d\",\"lessThan\":\"a36d990f591320e9dd379ab30063ebfe91d47e1f\",\"versionType\":\"git\",\"status\":\"affected\"},{\"version\":\"08313e26e06d4aa9ce1cbba1a8e359e9cab9ad56\",\"versionType\":\"git\",\"status\":\"affected\"},{\"version\":\"212c4d33ca83e2144064fe9c2911607fbed5386f\",\"versionType\":\"git\",\"status\":\"affected\"},{\"version\":\"96e44adce250199ec9b2b928be66365779ff1b59\",\"versionType\":\"git\",\"status\":\"affected\"},{\"version\":\"1fe5620fcd6c2f0a4a927ee10c8e53196da392f3\",\"versionType\":\"git\",\"status\":\"affected\"},{\"version\":\"fbce0d7dc8965c9fb8d411862040239d4a768c71\",\"versionType\":\"git\",\"status\":\"affected\"},{\"version\":\"8190393a88f2b0321263a54f2a9eb5a2aa43be7e\",\"versionType\":\"git\",\"status\":\"affected\"},{\"version\":\"486aa789eadcf44ed87f972b209299c516454693\",\"versionType\":\"git\",\"status\":\"affected\"},{\"version\":\"b6d20edb6e7cedb4eedb9e0193d20dd488ebae84\",\"versionType\":\"git\",\"status\":\"affected\"},{\"version\":\"2.6.32.66\",\"lessThan\":\"2.6.33\",\"versionType\":\"semver\",\"status\":\"affected\"},{\"version\":\"3.2.67\",\"lessThan\":\"3.3\",\"versionType\":\"semver\",\"status\":\"affected\"},{\"version\":\"3.4.107\",\"lessThan\":\"3.5\",\"versionType\":\"semver\",\"status\":\"affected\"},{\"version\":\"3.10.64\",\"lessThan\":\"3.11\",\"versionType\":\"semver\",\"status\":\"affected\"},{\"version\":\"3.12.36\",\"lessThan\":\"3.13\",\"versionType\":\"semver\",\"status\":\"affected\"},{\"version\":\"3.14.28\",\"lessThan\":\"3.15\",\"versionType\":\"semver\",\"status\":\"affected\"},{\"version\":\"3.17.8\",\"lessThan\":\"3.18\",\"versionType\":\"semver\",\"status\":\"affected\"},{\"version\":\"3.18.2\",\"lessThan\":\"3.19\",\"versionType\":\"semver\",\"status\":\"affected\"}]},{\"vendor\":\"Linux\",\"product\":\"Linux\",\"defaultStatus\":\"affected\",\"programFiles\":[\"fs/isofs/rock.c\"],\"repo\":\"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git\",\"versions\":[{\"version\":\"3.19\",\"status\":\"affected\"},{\"version\":\"0\",\"lessThan\":\"3.19\",\"versionType\":\"semver\",\"status\":\"unaffected\"},{\"version\":\"5.10.258\",\"lessThanOrEqual\":\"5.10.*\",\"versionType\":\"semver\",\"status\":\"unaffected\"},{\"version\":\"5.15.209\",\"lessThanOrEqual\":\"5.15.*\",\"versionType\":\"semver\",\"status\":\"unaffected\"},{\"version\":\"6.1.175\",\"lessThanOrEqual\":\"6.1.*\",\"versionType\":\"semver\",\"status\":\"unaffected\"},{\"version\":\"6.6.140\",\"lessThanOrEqual\":\"6.6.*\",\"versionType\":\"semver\",\"status\":\"unaffected\"},{\"version\":\"6.12.88\",\"lessThanOrEqual\":\"6.12.*\",\"versionType\":\"semver\",\"status\":\"unaffected\"},{\"version\":\"6.18.30\",\"lessThanOrEqual\":\"6.18.*\",\"versionType\":\"semver\",\"status\":\"unaffected\"},{\"version\":\"7.0.7\",\"lessThanOrEqual\":\"7.0.*\",\"versionType\":\"semver\",\"status\":\"unaffected\"},{\"version\":\"7.1\",\"lessThanOrEqual\":\"*\",\"versionType\":\"original_commit_for_fix\",\"status\":\"unaffected\"}]}]}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N\",\"baseScore\":8.2,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":3.9,\"impactScore\":4.2}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-401\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2.6.32.66\",\"versionEndExcluding\":\"2.6.33\",\"matchCriteriaId\":\"AE79466A-8004-4545-9F2B-9AE61FF25E49\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"3.2.67\",\"versionEndExcluding\":\"3.3\",\"matchCriteriaId\":\"E339763B-0FFB-4F77-925F-B75B0574196F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"3.4.107\",\"versionEndExcluding\":\"3.5\",\"matchCriteriaId\":\"5D756A04-79C7-4DB6-9A50-9E8E5B2757F2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"3.10.64\",\"versionEndExcluding\":\"3.11\",\"matchCriteriaId\":\"2B3FB946-FA61-41D1-8295-A7D889D63B3E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"3.12.36\",\"versionEndExcluding\":\"3.13\",\"matchCriteriaId\":\"881E140A-B761-4577-B10F-CF48988916FB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"3.14.28\",\"versionEndExcluding\":\"3.15\",\"matchCriteriaId\":\"BA5F1F71-BA36-4EC2-A59D-E285C9983115\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"3.17.8\",\"versionEndExcluding\":\"3.18\",\"matchCriteriaId\":\"1743B4F8-1859-415F-9EB5-A33C53ABCD2E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"3.18.2\",\"versionEndExcluding\":\"5.10.258\",\"matchCriteriaId\":\"5C5C08E2-8006-4964-BA58-B339247E1301\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.11\",\"versionEndExcluding\":\"5.15.209\",\"matchCriteriaId\":\"919C10A9-7951-4A74-BADD-C135A0A8D8B4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.16\",\"versionEndExcluding\":\"6.1.175\",\"matchCriteriaId\":\"92385813-D91D-480D-83A1-F423D2CBB2BA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.2\",\"versionEndExcluding\":\"6.6.140\",\"matchCriteriaId\":\"A1A92866-F406-43B5-B2D1-CFC274753E9D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.7\",\"versionEndExcluding\":\"6.12.88\",\"matchCriteriaId\":\"5AFBE0EC-CCDF-4207-AE92-ABF958125CA4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.13\",\"versionEndExcluding\":\"6.18.30\",\"matchCriteriaId\":\"BF39AE08-AE6D-4410-8FBE-76F6BF5BF55B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.19\",\"versionEndExcluding\":\"7.0.7\",\"matchCriteriaId\":\"D0893CA7-9AE6-4DFE-AC75-48967D73AD8E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:7.1:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"B1EF7059-E670-45F4-B422-54C40FA86390\"}]}]}],\"references\":[{\"url\":\"https://git.kernel.org/stable/c/22b36fa081f38ab397c7697f9d539211b51a0cfc\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/8356fb821016797f5677cbeee5ddc0d32a95b4be\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/a36d990f591320e9dd379ab30063ebfe91d47e1f\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/bf1bc673c587f5ef7e9c09b94aea7c5a7847d4d9\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/c9b37c8b73f6368e4750e5ccb0632c380b43c6e5\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/d582e12378bc1637f337622feef762f53c43fd57\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/e69da8eeab74b4f4505024c38a17bce060fe7df8\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/ef048470c90bc8c1b8318bb2ce329da9ef64b9fe\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]}]}}"
}
}
Loading…
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…