cve-2021-47542
Vulnerability from cvelistv5
Published
2024-05-24 15:09
Modified
2024-12-19 07:44
Severity ?
Summary
In the Linux kernel, the following vulnerability has been resolved: net: qlogic: qlcnic: Fix a NULL pointer dereference in qlcnic_83xx_add_rings() In qlcnic_83xx_add_rings(), the indirect function of ahw->hw_ops->alloc_mbx_args will be called to allocate memory for cmd.req.arg, and there is a dereference of it in qlcnic_83xx_add_rings(), which could lead to a NULL pointer dereference on failure of the indirect function like qlcnic_83xx_alloc_mbx_args(). Fix this bug by adding a check of alloc_mbx_args(), this patch imitates the logic of mbx_cmd()'s failure handling. This bug was found by a static analyzer. The analysis employs differential checking to identify inconsistent security operations (e.g., checks or kfrees) between two code paths and confirms that the inconsistent operations are not recovered in the current function or the callers, so they constitute bugs. Note that, as a bug found by static analysis, it can be a false positive or hard to trigger. Multiple researchers have cross-reviewed the bug. Builds with CONFIG_QLCNIC=m show no new warnings, and our static analyzer no longer warns about this code.
References
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/15fa12c119f869173f9b710cbe6a4a14071d2105Patch
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/3a061d54e260b701b538873b43e399d9b8b83e03Patch
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/550658a2d61e4eaf522c8ebc7fad76dc376bfb45Patch
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/57af54a56024435d83e44c78449513b414eb6edfPatch
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/b4f217d6fcc00c3fdc0921a7691f30be7490b073Patch
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/bbeb0325a7460ebf1e03f5e0bfc5c652fba9519fPatch
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/c5ef33c1489b2cd74368057fa00b5d2183bb5853Patch
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/e2dabc4f7e7b60299c20a36d6a7b24ed9bf8e572Patch
af854a3a-2127-422b-91ae-364da2661108https://git.kernel.org/stable/c/15fa12c119f869173f9b710cbe6a4a14071d2105Patch
af854a3a-2127-422b-91ae-364da2661108https://git.kernel.org/stable/c/3a061d54e260b701b538873b43e399d9b8b83e03Patch
af854a3a-2127-422b-91ae-364da2661108https://git.kernel.org/stable/c/550658a2d61e4eaf522c8ebc7fad76dc376bfb45Patch
af854a3a-2127-422b-91ae-364da2661108https://git.kernel.org/stable/c/57af54a56024435d83e44c78449513b414eb6edfPatch
af854a3a-2127-422b-91ae-364da2661108https://git.kernel.org/stable/c/b4f217d6fcc00c3fdc0921a7691f30be7490b073Patch
af854a3a-2127-422b-91ae-364da2661108https://git.kernel.org/stable/c/bbeb0325a7460ebf1e03f5e0bfc5c652fba9519fPatch
af854a3a-2127-422b-91ae-364da2661108https://git.kernel.org/stable/c/c5ef33c1489b2cd74368057fa00b5d2183bb5853Patch
af854a3a-2127-422b-91ae-364da2661108https://git.kernel.org/stable/c/e2dabc4f7e7b60299c20a36d6a7b24ed9bf8e572Patch
Impacted products
Vendor Product Version
Linux Linux Version: 3.9
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-47542",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-24T17:04:13.533892Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:14:29.864Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:39:59.608Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/3a061d54e260b701b538873b43e399d9b8b83e03"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/b4f217d6fcc00c3fdc0921a7691f30be7490b073"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/550658a2d61e4eaf522c8ebc7fad76dc376bfb45"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/57af54a56024435d83e44c78449513b414eb6edf"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/bbeb0325a7460ebf1e03f5e0bfc5c652fba9519f"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/15fa12c119f869173f9b710cbe6a4a14071d2105"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/c5ef33c1489b2cd74368057fa00b5d2183bb5853"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/e2dabc4f7e7b60299c20a36d6a7b24ed9bf8e572"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/net/ethernet/qlogic/qlcnic/qlcnic_83xx_hw.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "3a061d54e260b701b538873b43e399d9b8b83e03",
              "status": "affected",
              "version": "7f9664525f9cb507de9198a395a111371413f230",
              "versionType": "git"
            },
            {
              "lessThan": "b4f217d6fcc00c3fdc0921a7691f30be7490b073",
              "status": "affected",
              "version": "7f9664525f9cb507de9198a395a111371413f230",
              "versionType": "git"
            },
            {
              "lessThan": "550658a2d61e4eaf522c8ebc7fad76dc376bfb45",
              "status": "affected",
              "version": "7f9664525f9cb507de9198a395a111371413f230",
              "versionType": "git"
            },
            {
              "lessThan": "57af54a56024435d83e44c78449513b414eb6edf",
              "status": "affected",
              "version": "7f9664525f9cb507de9198a395a111371413f230",
              "versionType": "git"
            },
            {
              "lessThan": "bbeb0325a7460ebf1e03f5e0bfc5c652fba9519f",
              "status": "affected",
              "version": "7f9664525f9cb507de9198a395a111371413f230",
              "versionType": "git"
            },
            {
              "lessThan": "15fa12c119f869173f9b710cbe6a4a14071d2105",
              "status": "affected",
              "version": "7f9664525f9cb507de9198a395a111371413f230",
              "versionType": "git"
            },
            {
              "lessThan": "c5ef33c1489b2cd74368057fa00b5d2183bb5853",
              "status": "affected",
              "version": "7f9664525f9cb507de9198a395a111371413f230",
              "versionType": "git"
            },
            {
              "lessThan": "e2dabc4f7e7b60299c20a36d6a7b24ed9bf8e572",
              "status": "affected",
              "version": "7f9664525f9cb507de9198a395a111371413f230",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/net/ethernet/qlogic/qlcnic/qlcnic_83xx_hw.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "3.9"
            },
            {
              "lessThan": "3.9",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.4.*",
              "status": "unaffected",
              "version": "4.4.294",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.9.*",
              "status": "unaffected",
              "version": "4.9.292",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.14.*",
              "status": "unaffected",
              "version": "4.14.257",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.19.*",
              "status": "unaffected",
              "version": "4.19.220",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.164",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.84",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.7",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.16",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: qlogic: qlcnic: Fix a NULL pointer dereference in qlcnic_83xx_add_rings()\n\nIn qlcnic_83xx_add_rings(), the indirect function of\nahw-\u003ehw_ops-\u003ealloc_mbx_args will be called to allocate memory for\ncmd.req.arg, and there is a dereference of it in qlcnic_83xx_add_rings(),\nwhich could lead to a NULL pointer dereference on failure of the\nindirect function like qlcnic_83xx_alloc_mbx_args().\n\nFix this bug by adding a check of alloc_mbx_args(), this patch\nimitates the logic of mbx_cmd()\u0027s failure handling.\n\nThis bug was found by a static analyzer. The analysis employs\ndifferential checking to identify inconsistent security operations\n(e.g., checks or kfrees) between two code paths and confirms that the\ninconsistent operations are not recovered in the current function or\nthe callers, so they constitute bugs.\n\nNote that, as a bug found by static analysis, it can be a false\npositive or hard to trigger. Multiple researchers have cross-reviewed\nthe bug.\n\nBuilds with CONFIG_QLCNIC=m show no new warnings, and our\nstatic analyzer no longer warns about this code."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-12-19T07:44:30.567Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/3a061d54e260b701b538873b43e399d9b8b83e03"
        },
        {
          "url": "https://git.kernel.org/stable/c/b4f217d6fcc00c3fdc0921a7691f30be7490b073"
        },
        {
          "url": "https://git.kernel.org/stable/c/550658a2d61e4eaf522c8ebc7fad76dc376bfb45"
        },
        {
          "url": "https://git.kernel.org/stable/c/57af54a56024435d83e44c78449513b414eb6edf"
        },
        {
          "url": "https://git.kernel.org/stable/c/bbeb0325a7460ebf1e03f5e0bfc5c652fba9519f"
        },
        {
          "url": "https://git.kernel.org/stable/c/15fa12c119f869173f9b710cbe6a4a14071d2105"
        },
        {
          "url": "https://git.kernel.org/stable/c/c5ef33c1489b2cd74368057fa00b5d2183bb5853"
        },
        {
          "url": "https://git.kernel.org/stable/c/e2dabc4f7e7b60299c20a36d6a7b24ed9bf8e572"
        }
      ],
      "title": "net: qlogic: qlcnic: Fix a NULL pointer dereference in qlcnic_83xx_add_rings()",
      "x_generator": {
        "engine": "bippy-5f407fcff5a0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47542",
    "datePublished": "2024-05-24T15:09:48.578Z",
    "dateReserved": "2024-05-24T15:02:54.829Z",
    "dateUpdated": "2024-12-19T07:44:30.567Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2021-47542\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2024-05-24T15:15:18.550\",\"lastModified\":\"2024-11-21T06:36:30.193\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\nnet: qlogic: qlcnic: Fix a NULL pointer dereference in qlcnic_83xx_add_rings()\\n\\nIn qlcnic_83xx_add_rings(), the indirect function of\\nahw-\u003ehw_ops-\u003ealloc_mbx_args will be called to allocate memory for\\ncmd.req.arg, and there is a dereference of it in qlcnic_83xx_add_rings(),\\nwhich could lead to a NULL pointer dereference on failure of the\\nindirect function like qlcnic_83xx_alloc_mbx_args().\\n\\nFix this bug by adding a check of alloc_mbx_args(), this patch\\nimitates the logic of mbx_cmd()\u0027s failure handling.\\n\\nThis bug was found by a static analyzer. The analysis employs\\ndifferential checking to identify inconsistent security operations\\n(e.g., checks or kfrees) between two code paths and confirms that the\\ninconsistent operations are not recovered in the current function or\\nthe callers, so they constitute bugs.\\n\\nNote that, as a bug found by static analysis, it can be a false\\npositive or hard to trigger. Multiple researchers have cross-reviewed\\nthe bug.\\n\\nBuilds with CONFIG_QLCNIC=m show no new warnings, and our\\nstatic analyzer no longer warns about this code.\"},{\"lang\":\"es\",\"value\":\"En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: net: qlogic: qlcnic: corrigi\u00f3 una desreferencia de puntero NULL en qlcnic_83xx_add_rings() En qlcnic_83xx_add_rings(), se llamar\u00e1 a la funci\u00f3n indirecta de ahw-\u0026gt;hw_ops-\u0026gt;alloc_mbx_args para asignar memoria para cmd.req.arg, y hay una desreferencia del mismo en qlcnic_83xx_add_rings(), lo que podr\u00eda llevar a una desreferencia del puntero NULL en caso de falla de la funci\u00f3n indirecta como qlcnic_83xx_alloc_mbx_args(). Corrija este error agregando una verificaci\u00f3n de alloc_mbx_args(); este parche imita la l\u00f3gica del manejo de fallas de mbx_cmd(). Este error fue encontrado por un analizador est\u00e1tico. El an\u00e1lisis emplea verificaci\u00f3n diferencial para identificar operaciones de seguridad inconsistentes (por ejemplo, comprobaciones o kfrees) entre dos rutas de c\u00f3digo y confirma que las operaciones inconsistentes no se recuperan en la funci\u00f3n actual o en las personas que llaman, por lo que constituyen errores. Tenga en cuenta que, como error encontrado mediante an\u00e1lisis est\u00e1tico, puede ser un falso positivo o dif\u00edcil de activar. Varios investigadores han realizado una revisi\u00f3n cruzada del error. Las compilaciones con CONFIG_QLCNIC=m no muestran nuevas advertencias y nuestro analizador est\u00e1tico ya no advierte sobre este c\u00f3digo.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":5.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-476\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"3.9\",\"versionEndExcluding\":\"4.4.294\",\"matchCriteriaId\":\"ADB9EFEF-ACB0-4A8F-AB11-363006921493\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.5\",\"versionEndExcluding\":\"4.9.292\",\"matchCriteriaId\":\"DB7F6C04-42D3-48A3-892D-2487383B9B6E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.10\",\"versionEndExcluding\":\"4.14.257\",\"matchCriteriaId\":\"7080D941-9847-42F5-BA50-0A03CFB61FD1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.15\",\"versionEndExcluding\":\"4.19.220\",\"matchCriteriaId\":\"FFE5D9F3-CF1C-4DE8-9116-2EBE7BDEF7FD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.20\",\"versionEndExcluding\":\"5.4.164\",\"matchCriteriaId\":\"D2D8DC10-1823-4334-BD0F-C1B620602FF9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.5\",\"versionEndExcluding\":\"5.10.84\",\"matchCriteriaId\":\"AE5B4333-2C46-40C3-8B42-0168AD91DDE1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.11\",\"versionEndExcluding\":\"5.15.7\",\"matchCriteriaId\":\"A696A60B-2782-4119-83DD-1EFFBC903F02\"}]}]}],\"references\":[{\"url\":\"https://git.kernel.org/stable/c/15fa12c119f869173f9b710cbe6a4a14071d2105\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/3a061d54e260b701b538873b43e399d9b8b83e03\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/550658a2d61e4eaf522c8ebc7fad76dc376bfb45\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/57af54a56024435d83e44c78449513b414eb6edf\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/b4f217d6fcc00c3fdc0921a7691f30be7490b073\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/bbeb0325a7460ebf1e03f5e0bfc5c652fba9519f\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/c5ef33c1489b2cd74368057fa00b5d2183bb5853\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/e2dabc4f7e7b60299c20a36d6a7b24ed9bf8e572\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/15fa12c119f869173f9b710cbe6a4a14071d2105\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/3a061d54e260b701b538873b43e399d9b8b83e03\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/550658a2d61e4eaf522c8ebc7fad76dc376bfb45\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/57af54a56024435d83e44c78449513b414eb6edf\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/b4f217d6fcc00c3fdc0921a7691f30be7490b073\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/bbeb0325a7460ebf1e03f5e0bfc5c652fba9519f\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/c5ef33c1489b2cd74368057fa00b5d2183bb5853\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/e2dabc4f7e7b60299c20a36d6a7b24ed9bf8e572\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.