cve-2023-52855
Vulnerability from cvelistv5
Published
2024-05-21 15:31
Modified
2024-12-19 08:27
Summary
In the Linux kernel, the following vulnerability has been resolved: usb: dwc2: fix possible NULL pointer dereference caused by driver concurrency In _dwc2_hcd_urb_enqueue(), "urb->hcpriv = NULL" is executed without holding the lock "hsotg->lock". In _dwc2_hcd_urb_dequeue(): spin_lock_irqsave(&hsotg->lock, flags); ... if (!urb->hcpriv) { dev_dbg(hsotg->dev, "## urb->hcpriv is NULL ##\n"); goto out; } rc = dwc2_hcd_urb_dequeue(hsotg, urb->hcpriv); // Use urb->hcpriv ... out: spin_unlock_irqrestore(&hsotg->lock, flags); When _dwc2_hcd_urb_enqueue() and _dwc2_hcd_urb_dequeue() are concurrently executed, the NULL check of "urb->hcpriv" can be executed before "urb->hcpriv = NULL". After urb->hcpriv is NULL, it can be used in the function call to dwc2_hcd_urb_dequeue(), which can cause a NULL pointer dereference. This possible bug is found by an experimental static analysis tool developed by myself. This tool analyzes the locking APIs to extract function pairs that can be concurrently executed, and then analyzes the instructions in the paired functions to identify possible concurrency bugs including data races and atomicity violations. The above possible bug is reported, when my tool analyzes the source code of Linux 6.5. To fix this possible bug, "urb->hcpriv = NULL" should be executed with holding the lock "hsotg->lock". After using this patch, my tool never reports the possible bug, with the kernelconfiguration allyesconfig for x86_64. Because I have no associated hardware, I cannot test the patch in runtime testing, and just verify it according to the code logic.
References
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/14c9ec34e8118fbffd7f5431814d767726323e72
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/3e851a77a13ce944d703721793f49ee82622986d
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/64c47749fc7507ed732e155c958253968c1d275e
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/6b21a22728852d020a6658d39cd7bb7e14b07790
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/a7bee9598afb38004841a41dd8fe68c1faff4e90
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/bdb3dd4096302d6b87441fdc528439f171b04be6
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/ef307bc6ef04e8c1ea843231db58e3afaafa9fa6
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/fcaafb574fc88a52dce817f039f7ff2f9da38001
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/fed492aa6493a91a77ebd51da6fb939c98d94a0d
af854a3a-2127-422b-91ae-364da2661108https://git.kernel.org/stable/c/14c9ec34e8118fbffd7f5431814d767726323e72
af854a3a-2127-422b-91ae-364da2661108https://git.kernel.org/stable/c/3e851a77a13ce944d703721793f49ee82622986d
af854a3a-2127-422b-91ae-364da2661108https://git.kernel.org/stable/c/64c47749fc7507ed732e155c958253968c1d275e
af854a3a-2127-422b-91ae-364da2661108https://git.kernel.org/stable/c/6b21a22728852d020a6658d39cd7bb7e14b07790
af854a3a-2127-422b-91ae-364da2661108https://git.kernel.org/stable/c/a7bee9598afb38004841a41dd8fe68c1faff4e90
af854a3a-2127-422b-91ae-364da2661108https://git.kernel.org/stable/c/bdb3dd4096302d6b87441fdc528439f171b04be6
af854a3a-2127-422b-91ae-364da2661108https://git.kernel.org/stable/c/ef307bc6ef04e8c1ea843231db58e3afaafa9fa6
af854a3a-2127-422b-91ae-364da2661108https://git.kernel.org/stable/c/fcaafb574fc88a52dce817f039f7ff2f9da38001
af854a3a-2127-422b-91ae-364da2661108https://git.kernel.org/stable/c/fed492aa6493a91a77ebd51da6fb939c98d94a0d
Impacted products
Vendor Product Version
Linux Linux Version: 4.2
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "LOCAL",
              "availabilityImpact": "HIGH",
              "baseScore": 5.5,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "NONE",
              "integrityImpact": "NONE",
              "privilegesRequired": "LOW",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2023-52855",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-29T17:15:57.421865Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-476",
                "description": "CWE-476 NULL Pointer Dereference",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-05T14:51:47.408Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:11:36.070Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/14c9ec34e8118fbffd7f5431814d767726323e72"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/fed492aa6493a91a77ebd51da6fb939c98d94a0d"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/64c47749fc7507ed732e155c958253968c1d275e"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/bdb3dd4096302d6b87441fdc528439f171b04be6"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/fcaafb574fc88a52dce817f039f7ff2f9da38001"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/6b21a22728852d020a6658d39cd7bb7e14b07790"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/3e851a77a13ce944d703721793f49ee82622986d"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/a7bee9598afb38004841a41dd8fe68c1faff4e90"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/ef307bc6ef04e8c1ea843231db58e3afaafa9fa6"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/usb/dwc2/hcd.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "14c9ec34e8118fbffd7f5431814d767726323e72",
              "status": "affected",
              "version": "33ad261aa62be02f0cedeb4d5735cc726de84a3f",
              "versionType": "git"
            },
            {
              "lessThan": "fed492aa6493a91a77ebd51da6fb939c98d94a0d",
              "status": "affected",
              "version": "33ad261aa62be02f0cedeb4d5735cc726de84a3f",
              "versionType": "git"
            },
            {
              "lessThan": "64c47749fc7507ed732e155c958253968c1d275e",
              "status": "affected",
              "version": "33ad261aa62be02f0cedeb4d5735cc726de84a3f",
              "versionType": "git"
            },
            {
              "lessThan": "bdb3dd4096302d6b87441fdc528439f171b04be6",
              "status": "affected",
              "version": "33ad261aa62be02f0cedeb4d5735cc726de84a3f",
              "versionType": "git"
            },
            {
              "lessThan": "fcaafb574fc88a52dce817f039f7ff2f9da38001",
              "status": "affected",
              "version": "33ad261aa62be02f0cedeb4d5735cc726de84a3f",
              "versionType": "git"
            },
            {
              "lessThan": "6b21a22728852d020a6658d39cd7bb7e14b07790",
              "status": "affected",
              "version": "33ad261aa62be02f0cedeb4d5735cc726de84a3f",
              "versionType": "git"
            },
            {
              "lessThan": "3e851a77a13ce944d703721793f49ee82622986d",
              "status": "affected",
              "version": "33ad261aa62be02f0cedeb4d5735cc726de84a3f",
              "versionType": "git"
            },
            {
              "lessThan": "a7bee9598afb38004841a41dd8fe68c1faff4e90",
              "status": "affected",
              "version": "33ad261aa62be02f0cedeb4d5735cc726de84a3f",
              "versionType": "git"
            },
            {
              "lessThan": "ef307bc6ef04e8c1ea843231db58e3afaafa9fa6",
              "status": "affected",
              "version": "33ad261aa62be02f0cedeb4d5735cc726de84a3f",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/usb/dwc2/hcd.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "4.2"
            },
            {
              "lessThan": "4.2",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.14.*",
              "status": "unaffected",
              "version": "4.14.330",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.19.*",
              "status": "unaffected",
              "version": "4.19.299",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.261",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.201",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.139",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.63",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.5.*",
              "status": "unaffected",
              "version": "6.5.12",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.2",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.7",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: dwc2: fix possible NULL pointer dereference caused by driver concurrency\n\nIn _dwc2_hcd_urb_enqueue(), \"urb-\u003ehcpriv = NULL\" is executed without\nholding the lock \"hsotg-\u003elock\". In _dwc2_hcd_urb_dequeue():\n\n    spin_lock_irqsave(\u0026hsotg-\u003elock, flags);\n    ...\n\tif (!urb-\u003ehcpriv) {\n\t\tdev_dbg(hsotg-\u003edev, \"## urb-\u003ehcpriv is NULL ##\\n\");\n\t\tgoto out;\n\t}\n    rc = dwc2_hcd_urb_dequeue(hsotg, urb-\u003ehcpriv); // Use urb-\u003ehcpriv\n    ...\nout:\n    spin_unlock_irqrestore(\u0026hsotg-\u003elock, flags);\n\nWhen _dwc2_hcd_urb_enqueue() and _dwc2_hcd_urb_dequeue() are\nconcurrently executed, the NULL check of \"urb-\u003ehcpriv\" can be executed\nbefore \"urb-\u003ehcpriv = NULL\". After urb-\u003ehcpriv is NULL, it can be used\nin the function call to dwc2_hcd_urb_dequeue(), which can cause a NULL\npointer dereference.\n\nThis possible bug is found by an experimental static analysis tool\ndeveloped by myself. This tool analyzes the locking APIs to extract\nfunction pairs that can be concurrently executed, and then analyzes the\ninstructions in the paired functions to identify possible concurrency\nbugs including data races and atomicity violations. The above possible\nbug is reported, when my tool analyzes the source code of Linux 6.5.\n\nTo fix this possible bug, \"urb-\u003ehcpriv = NULL\" should be executed with\nholding the lock \"hsotg-\u003elock\". After using this patch, my tool never\nreports the possible bug, with the kernelconfiguration allyesconfig for\nx86_64. Because I have no associated hardware, I cannot test the patch\nin runtime testing, and just verify it according to the code logic."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-12-19T08:27:16.724Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/14c9ec34e8118fbffd7f5431814d767726323e72"
        },
        {
          "url": "https://git.kernel.org/stable/c/fed492aa6493a91a77ebd51da6fb939c98d94a0d"
        },
        {
          "url": "https://git.kernel.org/stable/c/64c47749fc7507ed732e155c958253968c1d275e"
        },
        {
          "url": "https://git.kernel.org/stable/c/bdb3dd4096302d6b87441fdc528439f171b04be6"
        },
        {
          "url": "https://git.kernel.org/stable/c/fcaafb574fc88a52dce817f039f7ff2f9da38001"
        },
        {
          "url": "https://git.kernel.org/stable/c/6b21a22728852d020a6658d39cd7bb7e14b07790"
        },
        {
          "url": "https://git.kernel.org/stable/c/3e851a77a13ce944d703721793f49ee82622986d"
        },
        {
          "url": "https://git.kernel.org/stable/c/a7bee9598afb38004841a41dd8fe68c1faff4e90"
        },
        {
          "url": "https://git.kernel.org/stable/c/ef307bc6ef04e8c1ea843231db58e3afaafa9fa6"
        }
      ],
      "title": "usb: dwc2: fix possible NULL pointer dereference caused by driver concurrency",
      "x_generator": {
        "engine": "bippy-5f407fcff5a0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-52855",
    "datePublished": "2024-05-21T15:31:49.909Z",
    "dateReserved": "2024-05-21T15:19:24.257Z",
    "dateUpdated": "2024-12-19T08:27:16.724Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2023-52855\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2024-05-21T16:15:22.453\",\"lastModified\":\"2024-11-21T08:40:43.770\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\nusb: dwc2: fix possible NULL pointer dereference caused by driver concurrency\\n\\nIn _dwc2_hcd_urb_enqueue(), \\\"urb-\u003ehcpriv = NULL\\\" is executed without\\nholding the lock \\\"hsotg-\u003elock\\\". In _dwc2_hcd_urb_dequeue():\\n\\n    spin_lock_irqsave(\u0026hsotg-\u003elock, flags);\\n    ...\\n\\tif (!urb-\u003ehcpriv) {\\n\\t\\tdev_dbg(hsotg-\u003edev, \\\"## urb-\u003ehcpriv is NULL ##\\\\n\\\");\\n\\t\\tgoto out;\\n\\t}\\n    rc = dwc2_hcd_urb_dequeue(hsotg, urb-\u003ehcpriv); // Use urb-\u003ehcpriv\\n    ...\\nout:\\n    spin_unlock_irqrestore(\u0026hsotg-\u003elock, flags);\\n\\nWhen _dwc2_hcd_urb_enqueue() and _dwc2_hcd_urb_dequeue() are\\nconcurrently executed, the NULL check of \\\"urb-\u003ehcpriv\\\" can be executed\\nbefore \\\"urb-\u003ehcpriv = NULL\\\". After urb-\u003ehcpriv is NULL, it can be used\\nin the function call to dwc2_hcd_urb_dequeue(), which can cause a NULL\\npointer dereference.\\n\\nThis possible bug is found by an experimental static analysis tool\\ndeveloped by myself. This tool analyzes the locking APIs to extract\\nfunction pairs that can be concurrently executed, and then analyzes the\\ninstructions in the paired functions to identify possible concurrency\\nbugs including data races and atomicity violations. The above possible\\nbug is reported, when my tool analyzes the source code of Linux 6.5.\\n\\nTo fix this possible bug, \\\"urb-\u003ehcpriv = NULL\\\" should be executed with\\nholding the lock \\\"hsotg-\u003elock\\\". After using this patch, my tool never\\nreports the possible bug, with the kernelconfiguration allyesconfig for\\nx86_64. Because I have no associated hardware, I cannot test the patch\\nin runtime testing, and just verify it according to the code logic.\"},{\"lang\":\"es\",\"value\":\"En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: usb: dwc2: corrige posible desreferencia de puntero NULL causada por concurrencia de controladores. En _dwc2_hcd_urb_enqueue(), \\\"urb-\u0026gt;hcpriv = NULL\\\" se ejecuta sin mantener presionado el bloqueo \\\"hsotg-\u0026gt;lock\\\" . En _dwc2_hcd_urb_dequeue(): spin_lock_irqsave(\u0026amp;hsotg-\u0026gt;lock, flags); ... if (!urb-\u0026gt;hcpriv) { dev_dbg(hsotg-\u0026gt;dev, \\\"## urb-\u0026gt;hcpriv es NULL ##\\\\n\\\"); salir; } rc = dwc2_hcd_urb_dequeue(hsotg, urb-\u0026gt;hcpriv); // Usa urb-\u0026gt;hcpriv ... out: spin_unlock_irqrestore(\u0026amp;hsotg-\u0026gt;lock, flags); Cuando _dwc2_hcd_urb_enqueue() y _dwc2_hcd_urb_dequeue() se ejecutan simult\u00e1neamente, la verificaci\u00f3n NULL de \\\"urb-\u0026gt;hcpriv\\\" se puede ejecutar antes de \\\"urb-\u0026gt;hcpriv = NULL\\\". Despu\u00e9s de que urb-\u0026gt;hcpriv sea NULL, se puede usar en la llamada de funci\u00f3n a dwc2_hcd_urb_dequeue(), lo que puede provocar una desreferencia del puntero NULL. Este posible error se encuentra mediante una herramienta experimental de an\u00e1lisis est\u00e1tico desarrollada por m\u00ed. Esta herramienta analiza las API de bloqueo para extraer pares de funciones que se pueden ejecutar simult\u00e1neamente y luego analiza las instrucciones en las funciones emparejadas para identificar posibles errores de concurrencia, incluidas ejecuci\u00f3ns de datos y violaciones de atomicidad. El posible error anterior se informa cuando mi herramienta analiza el c\u00f3digo fuente de Linux 6.5. Para corregir este posible error, se debe ejecutar \\\"urb-\u0026gt;hcpriv = NULL\\\" manteniendo presionado el bloqueo \\\"hsotg-\u0026gt;lock\\\". Despu\u00e9s de usar este parche, mi herramienta nunca informa el posible error, con la configuraci\u00f3n del kernel allyesconfig para x86_64. Como no tengo hardware asociado, no puedo probar el parche en tiempo de ejecuci\u00f3n y simplemente verificarlo de acuerdo con la l\u00f3gica del c\u00f3digo.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":5.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-476\"}]}],\"references\":[{\"url\":\"https://git.kernel.org/stable/c/14c9ec34e8118fbffd7f5431814d767726323e72\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/3e851a77a13ce944d703721793f49ee82622986d\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/64c47749fc7507ed732e155c958253968c1d275e\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/6b21a22728852d020a6658d39cd7bb7e14b07790\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/a7bee9598afb38004841a41dd8fe68c1faff4e90\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/bdb3dd4096302d6b87441fdc528439f171b04be6\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/ef307bc6ef04e8c1ea843231db58e3afaafa9fa6\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/fcaafb574fc88a52dce817f039f7ff2f9da38001\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/fed492aa6493a91a77ebd51da6fb939c98d94a0d\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/14c9ec34e8118fbffd7f5431814d767726323e72\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://git.kernel.org/stable/c/3e851a77a13ce944d703721793f49ee82622986d\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://git.kernel.org/stable/c/64c47749fc7507ed732e155c958253968c1d275e\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://git.kernel.org/stable/c/6b21a22728852d020a6658d39cd7bb7e14b07790\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://git.kernel.org/stable/c/a7bee9598afb38004841a41dd8fe68c1faff4e90\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://git.kernel.org/stable/c/bdb3dd4096302d6b87441fdc528439f171b04be6\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://git.kernel.org/stable/c/ef307bc6ef04e8c1ea843231db58e3afaafa9fa6\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://git.kernel.org/stable/c/fcaafb574fc88a52dce817f039f7ff2f9da38001\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://git.kernel.org/stable/c/fed492aa6493a91a77ebd51da6fb939c98d94a0d\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.