cve-2024-26687
Vulnerability from cvelistv5
Published
2024-04-03 14:54
Modified
2024-11-05 09:13
Severity ?
Summary
xen/events: close evtchn after mapping cleanup
Impacted products
LinuxLinux
LinuxLinux
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T00:14:12.637Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/9470f5b2503cae994098dea9682aee15b313fa44"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/0fc88aeb2e32b76db3fe6a624b8333dbe621b8fd"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/ea592baf9e41779fe9a0424c03dd2f324feca3b3"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/585a344af6bcac222608a158fc2830ff02712af5"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/20980195ec8d2e41653800c45c8c367fa1b1f2b4"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/9be71aa12afa91dfe457b3fb4a444c42b1ee036b"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/fa765c4b4aed2d64266b694520ecb025c862c5a9"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-26687",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-10T15:53:07.213399Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-11T17:33:32.707Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/xen/events/events_base.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "9470f5b2503c",
              "status": "affected",
              "version": "d46a78b05c0e",
              "versionType": "git"
            },
            {
              "lessThan": "0fc88aeb2e32",
              "status": "affected",
              "version": "d46a78b05c0e",
              "versionType": "git"
            },
            {
              "lessThan": "ea592baf9e41",
              "status": "affected",
              "version": "d46a78b05c0e",
              "versionType": "git"
            },
            {
              "lessThan": "585a344af6bc",
              "status": "affected",
              "version": "d46a78b05c0e",
              "versionType": "git"
            },
            {
              "lessThan": "20980195ec8d",
              "status": "affected",
              "version": "d46a78b05c0e",
              "versionType": "git"
            },
            {
              "lessThan": "9be71aa12afa",
              "status": "affected",
              "version": "d46a78b05c0e",
              "versionType": "git"
            },
            {
              "lessThan": "fa765c4b4aed",
              "status": "affected",
              "version": "d46a78b05c0e",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/xen/events/events_base.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "2.6.37"
            },
            {
              "lessThan": "2.6.37",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.274",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.215",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.154",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.81",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.19",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.7.*",
              "status": "unaffected",
              "version": "6.7.6",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.8",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nxen/events: close evtchn after mapping cleanup\n\nshutdown_pirq and startup_pirq are not taking the\nirq_mapping_update_lock because they can\u0027t due to lock inversion. Both\nare called with the irq_desc-\u003elock being taking. The lock order,\nhowever, is first irq_mapping_update_lock and then irq_desc-\u003elock.\n\nThis opens multiple races:\n- shutdown_pirq can be interrupted by a function that allocates an event\n  channel:\n\n  CPU0                        CPU1\n  shutdown_pirq {\n    xen_evtchn_close(e)\n                              __startup_pirq {\n                                EVTCHNOP_bind_pirq\n                                  -\u003e returns just freed evtchn e\n                                set_evtchn_to_irq(e, irq)\n                              }\n    xen_irq_info_cleanup() {\n      set_evtchn_to_irq(e, -1)\n    }\n  }\n\n  Assume here event channel e refers here to the same event channel\n  number.\n  After this race the evtchn_to_irq mapping for e is invalid (-1).\n\n- __startup_pirq races with __unbind_from_irq in a similar way. Because\n  __startup_pirq doesn\u0027t take irq_mapping_update_lock it can grab the\n  evtchn that __unbind_from_irq is currently freeing and cleaning up. In\n  this case even though the event channel is allocated, its mapping can\n  be unset in evtchn_to_irq.\n\nThe fix is to first cleanup the mappings and then close the event\nchannel. In this way, when an event channel gets allocated it\u0027s\npotential previous evtchn_to_irq mappings are guaranteed to be unset already.\nThis is also the reverse order of the allocation where first the event\nchannel is allocated and then the mappings are setup.\n\nOn a 5.10 kernel prior to commit 3fcdaf3d7634 (\"xen/events: modify internal\n[un]bind interfaces\"), we hit a BUG like the following during probing of NVMe\ndevices. The issue is that during nvme_setup_io_queues, pci_free_irq\nis called for every device which results in a call to shutdown_pirq.\nWith many nvme devices it\u0027s therefore likely to hit this race during\nboot because there will be multiple calls to shutdown_pirq and\nstartup_pirq are running potentially in parallel.\n\n  ------------[ cut here ]------------\n  blkfront: xvda: barrier or flush: disabled; persistent grants: enabled; indirect descriptors: enabled; bounce buffer: enabled\n  kernel BUG at drivers/xen/events/events_base.c:499!\n  invalid opcode: 0000 [#1] SMP PTI\n  CPU: 44 PID: 375 Comm: kworker/u257:23 Not tainted 5.10.201-191.748.amzn2.x86_64 #1\n  Hardware name: Xen HVM domU, BIOS 4.11.amazon 08/24/2006\n  Workqueue: nvme-reset-wq nvme_reset_work\n  RIP: 0010:bind_evtchn_to_cpu+0xdf/0xf0\n  Code: 5d 41 5e c3 cc cc cc cc 44 89 f7 e8 2b 55 ad ff 49 89 c5 48 85 c0 0f 84 64 ff ff ff 4c 8b 68 30 41 83 fe ff 0f 85 60 ff ff ff \u003c0f\u003e 0b 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 0f 1f 44 00 00\n  RSP: 0000:ffffc9000d533b08 EFLAGS: 00010046\n  RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000006\n  RDX: 0000000000000028 RSI: 00000000ffffffff RDI: 00000000ffffffff\n  RBP: ffff888107419680 R08: 0000000000000000 R09: ffffffff82d72b00\n  R10: 0000000000000000 R11: 0000000000000000 R12: 00000000000001ed\n  R13: 0000000000000000 R14: 00000000ffffffff R15: 0000000000000002\n  FS:  0000000000000000(0000) GS:ffff88bc8b500000(0000) knlGS:0000000000000000\n  CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n  CR2: 0000000000000000 CR3: 0000000002610001 CR4: 00000000001706e0\n  DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n  DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n  Call Trace:\n   ? show_trace_log_lvl+0x1c1/0x2d9\n   ? show_trace_log_lvl+0x1c1/0x2d9\n   ? set_affinity_irq+0xdc/0x1c0\n   ? __die_body.cold+0x8/0xd\n   ? die+0x2b/0x50\n   ? do_trap+0x90/0x110\n   ? bind_evtchn_to_cpu+0xdf/0xf0\n   ? do_error_trap+0x65/0x80\n   ? bind_evtchn_to_cpu+0xdf/0xf0\n   ? exc_invalid_op+0x4e/0x70\n   ? bind_evtchn_to_cpu+0xdf/0xf0\n   ? asm_exc_invalid_op+0x12/0x20\n   ? bind_evtchn_to_cpu+0xdf/0x\n---truncated---"
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-05T09:13:54.073Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/9470f5b2503cae994098dea9682aee15b313fa44"
        },
        {
          "url": "https://git.kernel.org/stable/c/0fc88aeb2e32b76db3fe6a624b8333dbe621b8fd"
        },
        {
          "url": "https://git.kernel.org/stable/c/ea592baf9e41779fe9a0424c03dd2f324feca3b3"
        },
        {
          "url": "https://git.kernel.org/stable/c/585a344af6bcac222608a158fc2830ff02712af5"
        },
        {
          "url": "https://git.kernel.org/stable/c/20980195ec8d2e41653800c45c8c367fa1b1f2b4"
        },
        {
          "url": "https://git.kernel.org/stable/c/9be71aa12afa91dfe457b3fb4a444c42b1ee036b"
        },
        {
          "url": "https://git.kernel.org/stable/c/fa765c4b4aed2d64266b694520ecb025c862c5a9"
        }
      ],
      "title": "xen/events: close evtchn after mapping cleanup",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2024-26687",
    "datePublished": "2024-04-03T14:54:49.250Z",
    "dateReserved": "2024-02-19T14:20:24.154Z",
    "dateUpdated": "2024-11-05T09:13:54.073Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2024-26687\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2024-04-03T15:15:52.313\",\"lastModified\":\"2024-11-05T10:15:41.337\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\nxen/events: close evtchn after mapping cleanup\\n\\nshutdown_pirq and startup_pirq are not taking the\\nirq_mapping_update_lock because they can\u0027t due to lock inversion. Both\\nare called with the irq_desc-\u003elock being taking. The lock order,\\nhowever, is first irq_mapping_update_lock and then irq_desc-\u003elock.\\n\\nThis opens multiple races:\\n- shutdown_pirq can be interrupted by a function that allocates an event\\n  channel:\\n\\n  CPU0                        CPU1\\n  shutdown_pirq {\\n    xen_evtchn_close(e)\\n                              __startup_pirq {\\n                                EVTCHNOP_bind_pirq\\n                                  -\u003e returns just freed evtchn e\\n                                set_evtchn_to_irq(e, irq)\\n                              }\\n    xen_irq_info_cleanup() {\\n      set_evtchn_to_irq(e, -1)\\n    }\\n  }\\n\\n  Assume here event channel e refers here to the same event channel\\n  number.\\n  After this race the evtchn_to_irq mapping for e is invalid (-1).\\n\\n- __startup_pirq races with __unbind_from_irq in a similar way. Because\\n  __startup_pirq doesn\u0027t take irq_mapping_update_lock it can grab the\\n  evtchn that __unbind_from_irq is currently freeing and cleaning up. In\\n  this case even though the event channel is allocated, its mapping can\\n  be unset in evtchn_to_irq.\\n\\nThe fix is to first cleanup the mappings and then close the event\\nchannel. In this way, when an event channel gets allocated it\u0027s\\npotential previous evtchn_to_irq mappings are guaranteed to be unset already.\\nThis is also the reverse order of the allocation where first the event\\nchannel is allocated and then the mappings are setup.\\n\\nOn a 5.10 kernel prior to commit 3fcdaf3d7634 (\\\"xen/events: modify internal\\n[un]bind interfaces\\\"), we hit a BUG like the following during probing of NVMe\\ndevices. The issue is that during nvme_setup_io_queues, pci_free_irq\\nis called for every device which results in a call to shutdown_pirq.\\nWith many nvme devices it\u0027s therefore likely to hit this race during\\nboot because there will be multiple calls to shutdown_pirq and\\nstartup_pirq are running potentially in parallel.\\n\\n  ------------[ cut here ]------------\\n  blkfront: xvda: barrier or flush: disabled; persistent grants: enabled; indirect descriptors: enabled; bounce buffer: enabled\\n  kernel BUG at drivers/xen/events/events_base.c:499!\\n  invalid opcode: 0000 [#1] SMP PTI\\n  CPU: 44 PID: 375 Comm: kworker/u257:23 Not tainted 5.10.201-191.748.amzn2.x86_64 #1\\n  Hardware name: Xen HVM domU, BIOS 4.11.amazon 08/24/2006\\n  Workqueue: nvme-reset-wq nvme_reset_work\\n  RIP: 0010:bind_evtchn_to_cpu+0xdf/0xf0\\n  Code: 5d 41 5e c3 cc cc cc cc 44 89 f7 e8 2b 55 ad ff 49 89 c5 48 85 c0 0f 84 64 ff ff ff 4c 8b 68 30 41 83 fe ff 0f 85 60 ff ff ff \u003c0f\u003e 0b 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 0f 1f 44 00 00\\n  RSP: 0000:ffffc9000d533b08 EFLAGS: 00010046\\n  RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000006\\n  RDX: 0000000000000028 RSI: 00000000ffffffff RDI: 00000000ffffffff\\n  RBP: ffff888107419680 R08: 0000000000000000 R09: ffffffff82d72b00\\n  R10: 0000000000000000 R11: 0000000000000000 R12: 00000000000001ed\\n  R13: 0000000000000000 R14: 00000000ffffffff R15: 0000000000000002\\n  FS:  0000000000000000(0000) GS:ffff88bc8b500000(0000) knlGS:0000000000000000\\n  CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033\\n  CR2: 0000000000000000 CR3: 0000000002610001 CR4: 00000000001706e0\\n  DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\\n  DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\\n  Call Trace:\\n   ? show_trace_log_lvl+0x1c1/0x2d9\\n   ? show_trace_log_lvl+0x1c1/0x2d9\\n   ? set_affinity_irq+0xdc/0x1c0\\n   ? __die_body.cold+0x8/0xd\\n   ? die+0x2b/0x50\\n   ? do_trap+0x90/0x110\\n   ? bind_evtchn_to_cpu+0xdf/0xf0\\n   ? do_error_trap+0x65/0x80\\n   ? bind_evtchn_to_cpu+0xdf/0xf0\\n   ? exc_invalid_op+0x4e/0x70\\n   ? bind_evtchn_to_cpu+0xdf/0xf0\\n   ? asm_exc_invalid_op+0x12/0x20\\n   ? bind_evtchn_to_cpu+0xdf/0x\\n---truncated---\"},{\"lang\":\"es\",\"value\":\"En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: xen/events: cierre evtchn despu\u00e9s de la limpieza del mapeo. Shutdown_pirq y startup_pirq no est\u00e1n tomando irq_mapping_update_lock porque no pueden hacerlo debido a la inversi\u00f3n de bloqueo. Ambos se llaman con el irq_desc-\u0026gt;lock en curso. Sin embargo, el orden de bloqueo es primero irq_mapping_update_lock y luego irq_desc-\u0026gt;lock. Esto abre m\u00faltiples ejecuci\u00f3ns: - Shutdown_pirq puede ser interrumpido por una funci\u00f3n que asigna un canal de evento: CPU0 CPU1 Shutdown_pirq { xen_evtchn_close(e) __startup_pirq { EVTCHNOP_bind_pirq -\u0026gt; devuelve el evtchn e set_evtchn_to_irq(e, irq) reci\u00e9n liberado} xen_irq_info_cleanup() { set_evtchn_to_irq( e, -1) } } Supongamos que aqu\u00ed el canal de eventos e se refiere aqu\u00ed al mismo n\u00famero de canal de eventos. Despu\u00e9s de esta ejecuci\u00f3n, el mapeo evtchn_to_irq para e no es v\u00e1lido (-1). - __startup_pirq compite con __unbind_from_irq de manera similar. Debido a que __startup_pirq no toma irq_mapping_update_lock, puede tomar el evtchn que __unbind_from_irq est\u00e1 liberando y limpiando actualmente. En este caso, aunque el canal de eventos est\u00e9 asignado, su asignaci\u00f3n se puede desarmar en evtchn_to_irq. La soluci\u00f3n es limpiar primero las asignaciones y luego cerrar el canal de eventos. De esta manera, cuando se asigna un canal de eventos, se garantiza que sus posibles asignaciones anteriores de evtchn_to_irq ya no estar\u00e1n configuradas. Este es tambi\u00e9n el orden inverso de la asignaci\u00f3n donde primero se asigna el canal de evento y luego se configuran las asignaciones. En un kernel 5.10 antes de commit 3fcdaf3d7634 (\\\"xen/events: modificar interfaces internas [un]bind\\\"), encontramos un ERROR como el siguiente durante el sondeo de dispositivos NVMe. El problema es que durante nvme_setup_io_queues, se llama a pci_free_irq para cada dispositivo, lo que resulta en una llamada a Shutdown_pirq. Por lo tanto, con muchos dispositivos nvme es probable que alcance esta ejecuci\u00f3n durante el arranque porque habr\u00e1 m\u00faltiples llamadas a Shutdown_pirq y startup_pirq que se ejecutan potencialmente en paralelo. ------------[ cortar aqu\u00ed ]------------ blkfront: xvda: barrera o descarga: deshabilitado; subvenciones persistentes: habilitadas; descriptores indirectos: habilitado; b\u00fafer de rebote: \u00a1ERROR del kernel habilitado en drivers/xen/events/events_base.c:499! c\u00f3digo de operaci\u00f3n no v\u00e1lido: 0000 [#1] SMP PTI CPU: 44 PID: 375 Comm: kworker/u257:23 No contaminado 5.10.201-191.748.amzn2.x86_64 #1 Nombre de hardware: Xen HVM domU, BIOS 4.11.amazon 24/08 /2006 Cola de trabajo: nvme-reset-wq nvme_reset_work RIP: 0010:bind_evtchn_to_cpu+0xdf/0xf0 C\u00f3digo: 5d 41 5e c3 cc cc cc cc 44 89 f7 e8 2b 55 ad ff 49 89 c5 48 85 c0 0f 84 64 ff ff ff 4c 8b 68 30 41 83 fe ff 0f 85 60 ff ff ff \u0026lt;0f\u0026gt; 0b 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 0f 1f 44 00 00 RSP: 0000:ffffc9000d533b08 EFLAGS: 00010046 RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000006 RDX: 0000000000000028 RSI: 00000000ffffffff RDI: 00000000ffffffff RBP: ffff888107419680 R08: 00000000000 00000 R09: ffffffff82d72b00 R10: 00000000000000000 R11: 0000000000000000 R12: 00000000000001ed R13: 00000000000000000 R14: 00000000ffffffff R15 : 0000000000000002 FS: 0000000000000000(0000) GS:ffff88bc8b500000( 0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00000000000000000 CR3: 0000000002610001 CR4: 000000000017 06e0 DR0: 0000000000000000 DR1: 00000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Seguimiento de llamadas: ? show_trace_log_lvl+0x1c1/0x2d9? show_trace_log_lvl+0x1c1/0x2d9? set_affinity_irq+0xdc/0x1c0? __die_body.cold+0x8/0xd ? morir+0x2b/0x50 ? do_trap+0x90/0x110? bind_evtchn_to_cpu+0xdf/0xf0? do_error_trap+0x65/0x80? bind_evtchn_to_cpu+0xdf/0xf0? exc_invalid_op+0x4e/0x70? bind_evtchn_to_cpu+0xdf/0xf0? asm_exc_invalid_op+0x12/0x20? bind_evtchn_to_cpu+0xdf/0x ---truncado---\"}],\"metrics\":{},\"references\":[{\"url\":\"https://git.kernel.org/stable/c/0fc88aeb2e32b76db3fe6a624b8333dbe621b8fd\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/20980195ec8d2e41653800c45c8c367fa1b1f2b4\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/585a344af6bcac222608a158fc2830ff02712af5\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/9470f5b2503cae994098dea9682aee15b313fa44\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/9be71aa12afa91dfe457b3fb4a444c42b1ee036b\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/ea592baf9e41779fe9a0424c03dd2f324feca3b3\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/fa765c4b4aed2d64266b694520ecb025c862c5a9\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading...

Loading...

Loading...

Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.