cve-2024-40927
Vulnerability from cvelistv5
Published
2024-07-12 12:25
Modified
2024-12-19 09:08
Severity ?
Summary
In the Linux kernel, the following vulnerability has been resolved: xhci: Handle TD clearing for multiple streams case When multiple streams are in use, multiple TDs might be in flight when an endpoint is stopped. We need to issue a Set TR Dequeue Pointer for each, to ensure everything is reset properly and the caches cleared. Change the logic so that any N>1 TDs found active for different streams are deferred until after the first one is processed, calling xhci_invalidate_cancelled_tds() again from xhci_handle_cmd_set_deq() to queue another command until we are done with all of them. Also change the error/"should never happen" paths to ensure we at least clear any affected TDs, even if we can't issue a command to clear the hardware cache, and complain loudly with an xhci_warn() if this ever happens. This problem case dates back to commit e9df17eb1408 ("USB: xhci: Correct assumptions about number of rings per endpoint.") early on in the XHCI driver's life, when stream support was first added. It was then identified but not fixed nor made into a warning in commit 674f8438c121 ("xhci: split handling halted endpoints into two steps"), which added a FIXME comment for the problem case (without materially changing the behavior as far as I can tell, though the new logic made the problem more obvious). Then later, in commit 94f339147fc3 ("xhci: Fix failure to give back some cached cancelled URBs."), it was acknowledged again. [Mathias: commit 94f339147fc3 ("xhci: Fix failure to give back some cached cancelled URBs.") was a targeted regression fix to the previously mentioned patch. Users reported issues with usb stuck after unmounting/disconnecting UAS devices. This rolled back the TD clearing of multiple streams to its original state.] Apparently the commit author was aware of the problem (yet still chose to submit it): It was still mentioned as a FIXME, an xhci_dbg() was added to log the problem condition, and the remaining issue was mentioned in the commit description. The choice of making the log type xhci_dbg() for what is, at this point, a completely unhandled and known broken condition is puzzling and unfortunate, as it guarantees that no actual users would see the log in production, thereby making it nigh undebuggable (indeed, even if you turn on DEBUG, the message doesn't really hint at there being a problem at all). It took me *months* of random xHC crashes to finally find a reliable repro and be able to do a deep dive debug session, which could all have been avoided had this unhandled, broken condition been actually reported with a warning, as it should have been as a bug intentionally left in unfixed (never mind that it shouldn't have been left in at all). > Another fix to solve clearing the caches of all stream rings with > cancelled TDs is needed, but not as urgent. 3 years after that statement and 14 years after the original bug was introduced, I think it's finally time to fix it. And maybe next time let's not leave bugs unfixed (that are actually worse than the original bug), and let's actually get people to review kernel commits please. Fixes xHC crashes and IOMMU faults with UAS devices when handling errors/faults. Easiest repro is to use `hdparm` to mark an early sector (e.g. 1024) on a disk as bad, then `cat /dev/sdX > /dev/null` in a loop. At least in the case of JMicron controllers, the read errors end up having to cancel two TDs (for two queued requests to different streams) and the one that didn't get cleared properly ends up faulting the xHC entirely when it tries to access DMA pages that have since been unmapped, referred to by the stale TDs. This normally happens quickly (after two or three loops). After this fix, I left the `cat` in a loop running overnight and experienced no xHC failures, with all read errors recovered properly. Repro'd and tested on an Apple M1 Mac Mini (dwc3 host). On systems without an IOMMU, this bug would instead silently corrupt freed memory, making this a ---truncated---
Impacted products
Vendor Product Version
Linux Linux Version: 2.6.35
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T04:39:55.945Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/26460c1afa311524f588e288a4941432f0de6228"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/633f72cb6124ecda97b641fbc119340bd88d51a9"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/949be4ec5835e0ccb3e2a8ab0e46179cb5512518"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/61593dc413c3655e4328a351555235bc3089486a"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/5ceac4402f5d975e5a01c806438eb4e554771577"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-40927",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-10T17:05:11.586761Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-11T17:33:03.177Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/usb/host/xhci-ring.c",
            "drivers/usb/host/xhci.h"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "26460c1afa311524f588e288a4941432f0de6228",
              "status": "affected",
              "version": "e9df17eb1408cfafa3d1844bfc7f22c7237b31b8",
              "versionType": "git"
            },
            {
              "lessThan": "633f72cb6124ecda97b641fbc119340bd88d51a9",
              "status": "affected",
              "version": "e9df17eb1408cfafa3d1844bfc7f22c7237b31b8",
              "versionType": "git"
            },
            {
              "lessThan": "949be4ec5835e0ccb3e2a8ab0e46179cb5512518",
              "status": "affected",
              "version": "e9df17eb1408cfafa3d1844bfc7f22c7237b31b8",
              "versionType": "git"
            },
            {
              "lessThan": "61593dc413c3655e4328a351555235bc3089486a",
              "status": "affected",
              "version": "e9df17eb1408cfafa3d1844bfc7f22c7237b31b8",
              "versionType": "git"
            },
            {
              "lessThan": "5ceac4402f5d975e5a01c806438eb4e554771577",
              "status": "affected",
              "version": "e9df17eb1408cfafa3d1844bfc7f22c7237b31b8",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/usb/host/xhci-ring.c",
            "drivers/usb/host/xhci.h"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "2.6.35"
            },
            {
              "lessThan": "2.6.35",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.162",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.95",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.35",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.9.*",
              "status": "unaffected",
              "version": "6.9.6",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.10",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nxhci: Handle TD clearing for multiple streams case\n\nWhen multiple streams are in use, multiple TDs might be in flight when\nan endpoint is stopped. We need to issue a Set TR Dequeue Pointer for\neach, to ensure everything is reset properly and the caches cleared.\nChange the logic so that any N\u003e1 TDs found active for different streams\nare deferred until after the first one is processed, calling\nxhci_invalidate_cancelled_tds() again from xhci_handle_cmd_set_deq() to\nqueue another command until we are done with all of them. Also change\nthe error/\"should never happen\" paths to ensure we at least clear any\naffected TDs, even if we can\u0027t issue a command to clear the hardware\ncache, and complain loudly with an xhci_warn() if this ever happens.\n\nThis problem case dates back to commit e9df17eb1408 (\"USB: xhci: Correct\nassumptions about number of rings per endpoint.\") early on in the XHCI\ndriver\u0027s life, when stream support was first added.\nIt was then identified but not fixed nor made into a warning in commit\n674f8438c121 (\"xhci: split handling halted endpoints into two steps\"),\nwhich added a FIXME comment for the problem case (without materially\nchanging the behavior as far as I can tell, though the new logic made\nthe problem more obvious).\n\nThen later, in commit 94f339147fc3 (\"xhci: Fix failure to give back some\ncached cancelled URBs.\"), it was acknowledged again.\n\n[Mathias: commit 94f339147fc3 (\"xhci: Fix failure to give back some cached\ncancelled URBs.\") was a targeted regression fix to the previously mentioned\npatch. Users reported issues with usb stuck after unmounting/disconnecting\nUAS devices. This rolled back the TD clearing of multiple streams to its\noriginal state.]\n\nApparently the commit author was aware of the problem (yet still chose\nto submit it): It was still mentioned as a FIXME, an xhci_dbg() was\nadded to log the problem condition, and the remaining issue was mentioned\nin the commit description. The choice of making the log type xhci_dbg()\nfor what is, at this point, a completely unhandled and known broken\ncondition is puzzling and unfortunate, as it guarantees that no actual\nusers would see the log in production, thereby making it nigh\nundebuggable (indeed, even if you turn on DEBUG, the message doesn\u0027t\nreally hint at there being a problem at all).\n\nIt took me *months* of random xHC crashes to finally find a reliable\nrepro and be able to do a deep dive debug session, which could all have\nbeen avoided had this unhandled, broken condition been actually reported\nwith a warning, as it should have been as a bug intentionally left in\nunfixed (never mind that it shouldn\u0027t have been left in at all).\n\n\u003e Another fix to solve clearing the caches of all stream rings with\n\u003e cancelled TDs is needed, but not as urgent.\n\n3 years after that statement and 14 years after the original bug was\nintroduced, I think it\u0027s finally time to fix it. And maybe next time\nlet\u0027s not leave bugs unfixed (that are actually worse than the original\nbug), and let\u0027s actually get people to review kernel commits please.\n\nFixes xHC crashes and IOMMU faults with UAS devices when handling\nerrors/faults. Easiest repro is to use `hdparm` to mark an early sector\n(e.g. 1024) on a disk as bad, then `cat /dev/sdX \u003e /dev/null` in a loop.\nAt least in the case of JMicron controllers, the read errors end up\nhaving to cancel two TDs (for two queued requests to different streams)\nand the one that didn\u0027t get cleared properly ends up faulting the xHC\nentirely when it tries to access DMA pages that have since been unmapped,\nreferred to by the stale TDs. This normally happens quickly (after two\nor three loops). After this fix, I left the `cat` in a loop running\novernight and experienced no xHC failures, with all read errors\nrecovered properly. Repro\u0027d and tested on an Apple M1 Mac Mini\n(dwc3 host).\n\nOn systems without an IOMMU, this bug would instead silently corrupt\nfreed memory, making this a\n---truncated---"
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-12-19T09:08:21.011Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/26460c1afa311524f588e288a4941432f0de6228"
        },
        {
          "url": "https://git.kernel.org/stable/c/633f72cb6124ecda97b641fbc119340bd88d51a9"
        },
        {
          "url": "https://git.kernel.org/stable/c/949be4ec5835e0ccb3e2a8ab0e46179cb5512518"
        },
        {
          "url": "https://git.kernel.org/stable/c/61593dc413c3655e4328a351555235bc3089486a"
        },
        {
          "url": "https://git.kernel.org/stable/c/5ceac4402f5d975e5a01c806438eb4e554771577"
        }
      ],
      "title": "xhci: Handle TD clearing for multiple streams case",
      "x_generator": {
        "engine": "bippy-5f407fcff5a0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2024-40927",
    "datePublished": "2024-07-12T12:25:07.101Z",
    "dateReserved": "2024-07-12T12:17:45.583Z",
    "dateUpdated": "2024-12-19T09:08:21.011Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2024-40927\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2024-07-12T13:15:15.477\",\"lastModified\":\"2024-11-21T09:31:53.210\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\nxhci: Handle TD clearing for multiple streams case\\n\\nWhen multiple streams are in use, multiple TDs might be in flight when\\nan endpoint is stopped. We need to issue a Set TR Dequeue Pointer for\\neach, to ensure everything is reset properly and the caches cleared.\\nChange the logic so that any N\u003e1 TDs found active for different streams\\nare deferred until after the first one is processed, calling\\nxhci_invalidate_cancelled_tds() again from xhci_handle_cmd_set_deq() to\\nqueue another command until we are done with all of them. Also change\\nthe error/\\\"should never happen\\\" paths to ensure we at least clear any\\naffected TDs, even if we can\u0027t issue a command to clear the hardware\\ncache, and complain loudly with an xhci_warn() if this ever happens.\\n\\nThis problem case dates back to commit e9df17eb1408 (\\\"USB: xhci: Correct\\nassumptions about number of rings per endpoint.\\\") early on in the XHCI\\ndriver\u0027s life, when stream support was first added.\\nIt was then identified but not fixed nor made into a warning in commit\\n674f8438c121 (\\\"xhci: split handling halted endpoints into two steps\\\"),\\nwhich added a FIXME comment for the problem case (without materially\\nchanging the behavior as far as I can tell, though the new logic made\\nthe problem more obvious).\\n\\nThen later, in commit 94f339147fc3 (\\\"xhci: Fix failure to give back some\\ncached cancelled URBs.\\\"), it was acknowledged again.\\n\\n[Mathias: commit 94f339147fc3 (\\\"xhci: Fix failure to give back some cached\\ncancelled URBs.\\\") was a targeted regression fix to the previously mentioned\\npatch. Users reported issues with usb stuck after unmounting/disconnecting\\nUAS devices. This rolled back the TD clearing of multiple streams to its\\noriginal state.]\\n\\nApparently the commit author was aware of the problem (yet still chose\\nto submit it): It was still mentioned as a FIXME, an xhci_dbg() was\\nadded to log the problem condition, and the remaining issue was mentioned\\nin the commit description. The choice of making the log type xhci_dbg()\\nfor what is, at this point, a completely unhandled and known broken\\ncondition is puzzling and unfortunate, as it guarantees that no actual\\nusers would see the log in production, thereby making it nigh\\nundebuggable (indeed, even if you turn on DEBUG, the message doesn\u0027t\\nreally hint at there being a problem at all).\\n\\nIt took me *months* of random xHC crashes to finally find a reliable\\nrepro and be able to do a deep dive debug session, which could all have\\nbeen avoided had this unhandled, broken condition been actually reported\\nwith a warning, as it should have been as a bug intentionally left in\\nunfixed (never mind that it shouldn\u0027t have been left in at all).\\n\\n\u003e Another fix to solve clearing the caches of all stream rings with\\n\u003e cancelled TDs is needed, but not as urgent.\\n\\n3 years after that statement and 14 years after the original bug was\\nintroduced, I think it\u0027s finally time to fix it. And maybe next time\\nlet\u0027s not leave bugs unfixed (that are actually worse than the original\\nbug), and let\u0027s actually get people to review kernel commits please.\\n\\nFixes xHC crashes and IOMMU faults with UAS devices when handling\\nerrors/faults. Easiest repro is to use `hdparm` to mark an early sector\\n(e.g. 1024) on a disk as bad, then `cat /dev/sdX \u003e /dev/null` in a loop.\\nAt least in the case of JMicron controllers, the read errors end up\\nhaving to cancel two TDs (for two queued requests to different streams)\\nand the one that didn\u0027t get cleared properly ends up faulting the xHC\\nentirely when it tries to access DMA pages that have since been unmapped,\\nreferred to by the stale TDs. This normally happens quickly (after two\\nor three loops). After this fix, I left the `cat` in a loop running\\novernight and experienced no xHC failures, with all read errors\\nrecovered properly. Repro\u0027d and tested on an Apple M1 Mac Mini\\n(dwc3 host).\\n\\nOn systems without an IOMMU, this bug would instead silently corrupt\\nfreed memory, making this a\\n---truncated---\"},{\"lang\":\"es\",\"value\":\"En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: xhci: Manejar el borrado de TD para el caso de m\u00faltiples flujos Cuando se utilizan m\u00faltiples flujos, es posible que haya m\u00faltiples TD en vuelo cuando se detiene un endpoint. Necesitamos emitir un puntero de salida de cola TR para cada uno, para garantizar que todo se restablezca correctamente y se borren los cach\u00e9s. Cambie la l\u00f3gica para que cualquier N\u0026gt;1 TD que se encuentre activo para diferentes flujos se difiera hasta despu\u00e9s de que se procese el primero, llamando a xhci_invalidate_cancelled_tds() nuevamente desde xhci_handle_cmd_set_deq() para poner en cola otro comando hasta que hayamos terminado con todos ellos. Tambi\u00e9n cambie las rutas de error/\\\"nunca deber\u00eda suceder\\\" para asegurarnos de que al menos borramos los TD afectados, incluso si no podemos emitir un comando para borrar el cach\u00e9 del hardware, y quejarnos en voz alta con un xhci_warn() si esto alguna vez sucede. Este caso de problema se remonta al commit e9df17eb1408 (\\\"USB: xhci: Suposiciones correctas sobre el n\u00famero de anillos por endpoint.\\\") al principio de la vida del controlador XHCI, cuando se agreg\u00f3 por primera vez el soporte de transmisi\u00f3n. Luego se identific\u00f3, pero no se solucion\u00f3 ni se convirti\u00f3 en una advertencia en el commit 674f8438c121 (\\\"xhci: dividir el manejo de endpoints detenidos en dos pasos\\\"), que agreg\u00f3 un comentario FIXME para el caso del problema (sin cambiar materialmente el comportamiento, hasta donde yo s\u00e9). , aunque la nueva l\u00f3gica hizo que el problema fuera m\u00e1s obvio). Luego, m\u00e1s tarde, en el commit 94f339147fc3 (\\\"xhci: Se corrigi\u00f3 el error al devolver algunas URB canceladas en cach\u00e9\\\"), se reconoci\u00f3 nuevamente. [Mathias: commit 94f339147fc3 (\\\"xhci: Se corrigi\u00f3 el error al devolver algunas URB canceladas en cach\u00e9\\\") fue una soluci\u00f3n de regresi\u00f3n espec\u00edfica para el parche mencionado anteriormente. Los usuarios informaron problemas con el USB atascado despu\u00e9s de desmontar/desconectar dispositivos UAS. Esto revirti\u00f3 la limpieza de TD de m\u00faltiples transmisiones a su estado original.] Aparentemente, el autor de el commit estaba al tanto del problema (pero a\u00fan as\u00ed decidi\u00f3 enviarlo): todav\u00eda se mencionaba como FIXME, se agreg\u00f3 un xhci_dbg() para registrar el condici\u00f3n del problema y el problema restante se mencion\u00f3 en la descripci\u00f3n de El commit. La elecci\u00f3n de crear el tipo de registro xhci_dbg() para lo que, en este momento, es una condici\u00f3n rota completamente no controlada y conocida es desconcertante y desafortunada, ya que garantiza que ning\u00fan usuario real ver\u00e1 el registro en producci\u00f3n, lo que lo hace casi no depurable ( de hecho, incluso si activa DEBUG, el mensaje realmente no indica que haya ning\u00fan problema). Me tom\u00f3 *meses* de fallas aleatorias de xHC para finalmente encontrar una reproducci\u00f3n confiable y poder realizar una sesi\u00f3n de depuraci\u00f3n profunda, que podr\u00eda haberse evitado si esta condici\u00f3n rota y no controlada se hubiera informado con una advertencia, como deber\u00eda haber sido. ha sido un error que se dej\u00f3 intencionalmente sin corregir (sin importar que no deber\u00eda haberse dejado en absoluto). \u0026gt; Se necesita otra soluci\u00f3n para solucionar el borrado de los cach\u00e9s de todos los anillos de transmisi\u00f3n con \u0026gt; TD cancelados, pero no es tan urgente. 3 a\u00f1os despu\u00e9s de esa declaraci\u00f3n y 14 a\u00f1os despu\u00e9s de que se introdujo el error original, creo que finalmente es hora de solucionarlo. Y tal vez la pr\u00f3xima vez no dejemos errores sin corregir (que en realidad son peores que el error original), y hagamos que la gente revise las confirmaciones del kernel, por favor. Soluciona fallas de xHC y fallas de IOMMU con dispositivos UAS al manejar errores/fallas. La reproducci\u00f3n m\u00e1s sencilla es usar `hdparm` para marcar un sector inicial (por ejemplo, 1024) en un disco como defectuoso, luego `cat /dev/sdX \u0026gt; /dev/null` en un bucle. ---truncado---\"}],\"metrics\":{},\"references\":[{\"url\":\"https://git.kernel.org/stable/c/26460c1afa311524f588e288a4941432f0de6228\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/5ceac4402f5d975e5a01c806438eb4e554771577\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/61593dc413c3655e4328a351555235bc3089486a\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/633f72cb6124ecda97b641fbc119340bd88d51a9\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/949be4ec5835e0ccb3e2a8ab0e46179cb5512518\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/26460c1afa311524f588e288a4941432f0de6228\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://git.kernel.org/stable/c/5ceac4402f5d975e5a01c806438eb4e554771577\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://git.kernel.org/stable/c/61593dc413c3655e4328a351555235bc3089486a\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://git.kernel.org/stable/c/633f72cb6124ecda97b641fbc119340bd88d51a9\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://git.kernel.org/stable/c/949be4ec5835e0ccb3e2a8ab0e46179cb5512518\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.