CVE-2025-39831 (GCVE-0-2025-39831)

Vulnerability from cvelistv5 – Published: 2025-09-16 13:08 – Updated: 2025-09-29 06:00
VLAI?
Title
fbnic: Move phylink resume out of service_task and into open/close
Summary
In the Linux kernel, the following vulnerability has been resolved: fbnic: Move phylink resume out of service_task and into open/close The fbnic driver was presenting with the following locking assert coming out of a PM resume: [ 42.208116][ T164] RTNL: assertion failed at drivers/net/phy/phylink.c (2611) [ 42.208492][ T164] WARNING: CPU: 1 PID: 164 at drivers/net/phy/phylink.c:2611 phylink_resume+0x190/0x1e0 [ 42.208872][ T164] Modules linked in: [ 42.209140][ T164] CPU: 1 UID: 0 PID: 164 Comm: bash Not tainted 6.17.0-rc2-virtme #134 PREEMPT(full) [ 42.209496][ T164] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.17.0-5.fc42 04/01/2014 [ 42.209861][ T164] RIP: 0010:phylink_resume+0x190/0x1e0 [ 42.210057][ T164] Code: 83 e5 01 0f 85 b0 fe ff ff c6 05 1c cd 3e 02 01 90 ba 33 0a 00 00 48 c7 c6 20 3a 1d a5 48 c7 c7 e0 3e 1d a5 e8 21 b8 90 fe 90 <0f> 0b 90 90 e9 86 fe ff ff e8 42 ea 1f ff e9 e2 fe ff ff 48 89 ef [ 42.210708][ T164] RSP: 0018:ffffc90000affbd8 EFLAGS: 00010296 [ 42.210983][ T164] RAX: 0000000000000000 RBX: ffff8880078d8400 RCX: 0000000000000000 [ 42.211235][ T164] RDX: 0000000000000000 RSI: 1ffffffff4f10938 RDI: 0000000000000001 [ 42.211466][ T164] RBP: 0000000000000000 R08: ffffffffa2ae79ea R09: fffffbfff4b3eb84 [ 42.211707][ T164] R10: 0000000000000003 R11: 0000000000000000 R12: ffff888007ad8000 [ 42.211997][ T164] R13: 0000000000000002 R14: ffff888006a18800 R15: ffffffffa34c59e0 [ 42.212234][ T164] FS: 00007f0dc8e39740(0000) GS:ffff88808f51f000(0000) knlGS:0000000000000000 [ 42.212505][ T164] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 42.212704][ T164] CR2: 00007f0dc8e9fe10 CR3: 000000000b56d003 CR4: 0000000000772ef0 [ 42.213227][ T164] PKRU: 55555554 [ 42.213366][ T164] Call Trace: [ 42.213483][ T164] <TASK> [ 42.213565][ T164] __fbnic_pm_attach.isra.0+0x8e/0xa0 [ 42.213725][ T164] pci_reset_function+0x116/0x1d0 [ 42.213895][ T164] reset_store+0xa0/0x100 [ 42.214025][ T164] ? pci_dev_reset_attr_is_visible+0x50/0x50 [ 42.214221][ T164] ? sysfs_file_kobj+0xc1/0x1e0 [ 42.214374][ T164] ? sysfs_kf_write+0x65/0x160 [ 42.214526][ T164] kernfs_fop_write_iter+0x2f8/0x4c0 [ 42.214677][ T164] ? kernfs_vma_page_mkwrite+0x1f0/0x1f0 [ 42.214836][ T164] new_sync_write+0x308/0x6f0 [ 42.214987][ T164] ? __lock_acquire+0x34c/0x740 [ 42.215135][ T164] ? new_sync_read+0x6f0/0x6f0 [ 42.215288][ T164] ? lock_acquire.part.0+0xbc/0x260 [ 42.215440][ T164] ? ksys_write+0xff/0x200 [ 42.215590][ T164] ? perf_trace_sched_switch+0x6d0/0x6d0 [ 42.215742][ T164] vfs_write+0x65e/0xbb0 [ 42.215876][ T164] ksys_write+0xff/0x200 [ 42.215994][ T164] ? __ia32_sys_read+0xc0/0xc0 [ 42.216141][ T164] ? do_user_addr_fault+0x269/0x9f0 [ 42.216292][ T164] ? rcu_is_watching+0x15/0xd0 [ 42.216442][ T164] do_syscall_64+0xbb/0x360 [ 42.216591][ T164] entry_SYSCALL_64_after_hwframe+0x4b/0x53 [ 42.216784][ T164] RIP: 0033:0x7f0dc8ea9986 A bit of digging showed that we were invoking the phylink_resume as a part of the fbnic_up path when we were enabling the service task while not holding the RTNL lock. We should be enabling this sooner as a part of the ndo_open path and then just letting the service task come online later. This will help to enforce the correct locking and brings the phylink interface online at the same time as the network interface, instead of at a later time. I tested this on QEMU to verify this was working by putting the system to sleep using "echo mem > /sys/power/state" to put the system to sleep in the guest and then using the command "system_wakeup" in the QEMU monitor.
Severity ?
No CVSS data available.
Assigner
References
Impacted products
Vendor Product Version
Linux Linux Affected: 69684376eed517817251ea6a768cfc315350d5c1 , < 7aab65c62a8a8b48c02e600fe9367b2af662fcb6 (git)
Affected: 69684376eed517817251ea6a768cfc315350d5c1 , < 3ac5f54e47eb348a4bc26e600c63b4d778a22e23 (git)
Affected: 69684376eed517817251ea6a768cfc315350d5c1 , < 6ede14a2c6365e7e5d855643c7c8390b5268c467 (git)
Create a notification for this product.
    Linux Linux Affected: 6.11
Unaffected: 0 , < 6.11 (semver)
Unaffected: 6.12.45 , ≤ 6.12.* (semver)
Unaffected: 6.16.5 , ≤ 6.16.* (semver)
Unaffected: 6.17 , ≤ * (original_commit_for_fix)
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/net/ethernet/meta/fbnic/fbnic_netdev.c",
            "drivers/net/ethernet/meta/fbnic/fbnic_pci.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "7aab65c62a8a8b48c02e600fe9367b2af662fcb6",
              "status": "affected",
              "version": "69684376eed517817251ea6a768cfc315350d5c1",
              "versionType": "git"
            },
            {
              "lessThan": "3ac5f54e47eb348a4bc26e600c63b4d778a22e23",
              "status": "affected",
              "version": "69684376eed517817251ea6a768cfc315350d5c1",
              "versionType": "git"
            },
            {
              "lessThan": "6ede14a2c6365e7e5d855643c7c8390b5268c467",
              "status": "affected",
              "version": "69684376eed517817251ea6a768cfc315350d5c1",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/net/ethernet/meta/fbnic/fbnic_netdev.c",
            "drivers/net/ethernet/meta/fbnic/fbnic_pci.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "6.11"
            },
            {
              "lessThan": "6.11",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.12.*",
              "status": "unaffected",
              "version": "6.12.45",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.16.*",
              "status": "unaffected",
              "version": "6.16.5",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.17",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.12.45",
                  "versionStartIncluding": "6.11",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.16.5",
                  "versionStartIncluding": "6.11",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.17",
                  "versionStartIncluding": "6.11",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nfbnic: Move phylink resume out of service_task and into open/close\n\nThe fbnic driver was presenting with the following locking assert coming\nout of a PM resume:\n[   42.208116][  T164] RTNL: assertion failed at drivers/net/phy/phylink.c (2611)\n[   42.208492][  T164] WARNING: CPU: 1 PID: 164 at drivers/net/phy/phylink.c:2611 phylink_resume+0x190/0x1e0\n[   42.208872][  T164] Modules linked in:\n[   42.209140][  T164] CPU: 1 UID: 0 PID: 164 Comm: bash Not tainted 6.17.0-rc2-virtme #134 PREEMPT(full)\n[   42.209496][  T164] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.17.0-5.fc42 04/01/2014\n[   42.209861][  T164] RIP: 0010:phylink_resume+0x190/0x1e0\n[   42.210057][  T164] Code: 83 e5 01 0f 85 b0 fe ff ff c6 05 1c cd 3e 02 01 90 ba 33 0a 00 00 48 c7 c6 20 3a 1d a5 48 c7 c7 e0 3e 1d a5 e8 21 b8 90 fe 90 \u003c0f\u003e 0b 90 90 e9 86 fe ff ff e8 42 ea 1f ff e9 e2 fe ff ff 48 89 ef\n[   42.210708][  T164] RSP: 0018:ffffc90000affbd8 EFLAGS: 00010296\n[   42.210983][  T164] RAX: 0000000000000000 RBX: ffff8880078d8400 RCX: 0000000000000000\n[   42.211235][  T164] RDX: 0000000000000000 RSI: 1ffffffff4f10938 RDI: 0000000000000001\n[   42.211466][  T164] RBP: 0000000000000000 R08: ffffffffa2ae79ea R09: fffffbfff4b3eb84\n[   42.211707][  T164] R10: 0000000000000003 R11: 0000000000000000 R12: ffff888007ad8000\n[   42.211997][  T164] R13: 0000000000000002 R14: ffff888006a18800 R15: ffffffffa34c59e0\n[   42.212234][  T164] FS:  00007f0dc8e39740(0000) GS:ffff88808f51f000(0000) knlGS:0000000000000000\n[   42.212505][  T164] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[   42.212704][  T164] CR2: 00007f0dc8e9fe10 CR3: 000000000b56d003 CR4: 0000000000772ef0\n[   42.213227][  T164] PKRU: 55555554\n[   42.213366][  T164] Call Trace:\n[   42.213483][  T164]  \u003cTASK\u003e\n[   42.213565][  T164]  __fbnic_pm_attach.isra.0+0x8e/0xa0\n[   42.213725][  T164]  pci_reset_function+0x116/0x1d0\n[   42.213895][  T164]  reset_store+0xa0/0x100\n[   42.214025][  T164]  ? pci_dev_reset_attr_is_visible+0x50/0x50\n[   42.214221][  T164]  ? sysfs_file_kobj+0xc1/0x1e0\n[   42.214374][  T164]  ? sysfs_kf_write+0x65/0x160\n[   42.214526][  T164]  kernfs_fop_write_iter+0x2f8/0x4c0\n[   42.214677][  T164]  ? kernfs_vma_page_mkwrite+0x1f0/0x1f0\n[   42.214836][  T164]  new_sync_write+0x308/0x6f0\n[   42.214987][  T164]  ? __lock_acquire+0x34c/0x740\n[   42.215135][  T164]  ? new_sync_read+0x6f0/0x6f0\n[   42.215288][  T164]  ? lock_acquire.part.0+0xbc/0x260\n[   42.215440][  T164]  ? ksys_write+0xff/0x200\n[   42.215590][  T164]  ? perf_trace_sched_switch+0x6d0/0x6d0\n[   42.215742][  T164]  vfs_write+0x65e/0xbb0\n[   42.215876][  T164]  ksys_write+0xff/0x200\n[   42.215994][  T164]  ? __ia32_sys_read+0xc0/0xc0\n[   42.216141][  T164]  ? do_user_addr_fault+0x269/0x9f0\n[   42.216292][  T164]  ? rcu_is_watching+0x15/0xd0\n[   42.216442][  T164]  do_syscall_64+0xbb/0x360\n[   42.216591][  T164]  entry_SYSCALL_64_after_hwframe+0x4b/0x53\n[   42.216784][  T164] RIP: 0033:0x7f0dc8ea9986\n\nA bit of digging showed that we were invoking the phylink_resume as a part\nof the fbnic_up path when we were enabling the service task while not\nholding the RTNL lock. We should be enabling this sooner as a part of the\nndo_open path and then just letting the service task come online later.\nThis will help to enforce the correct locking and brings the phylink\ninterface online at the same time as the network interface, instead of at a\nlater time.\n\nI tested this on QEMU to verify this was working by putting the system to\nsleep using \"echo mem \u003e /sys/power/state\" to put the system to sleep in the\nguest and then using the command \"system_wakeup\" in the QEMU monitor."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-09-29T06:00:34.431Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/7aab65c62a8a8b48c02e600fe9367b2af662fcb6"
        },
        {
          "url": "https://git.kernel.org/stable/c/3ac5f54e47eb348a4bc26e600c63b4d778a22e23"
        },
        {
          "url": "https://git.kernel.org/stable/c/6ede14a2c6365e7e5d855643c7c8390b5268c467"
        }
      ],
      "title": "fbnic: Move phylink resume out of service_task and into open/close",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2025-39831",
    "datePublished": "2025-09-16T13:08:48.841Z",
    "dateReserved": "2025-04-16T07:20:57.140Z",
    "dateUpdated": "2025-09-29T06:00:34.431Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2025-39831\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2025-09-16T14:15:51.320\",\"lastModified\":\"2025-12-02T18:39:28.853\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\nfbnic: Move phylink resume out of service_task and into open/close\\n\\nThe fbnic driver was presenting with the following locking assert coming\\nout of a PM resume:\\n[   42.208116][  T164] RTNL: assertion failed at drivers/net/phy/phylink.c (2611)\\n[   42.208492][  T164] WARNING: CPU: 1 PID: 164 at drivers/net/phy/phylink.c:2611 phylink_resume+0x190/0x1e0\\n[   42.208872][  T164] Modules linked in:\\n[   42.209140][  T164] CPU: 1 UID: 0 PID: 164 Comm: bash Not tainted 6.17.0-rc2-virtme #134 PREEMPT(full)\\n[   42.209496][  T164] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.17.0-5.fc42 04/01/2014\\n[   42.209861][  T164] RIP: 0010:phylink_resume+0x190/0x1e0\\n[   42.210057][  T164] Code: 83 e5 01 0f 85 b0 fe ff ff c6 05 1c cd 3e 02 01 90 ba 33 0a 00 00 48 c7 c6 20 3a 1d a5 48 c7 c7 e0 3e 1d a5 e8 21 b8 90 fe 90 \u003c0f\u003e 0b 90 90 e9 86 fe ff ff e8 42 ea 1f ff e9 e2 fe ff ff 48 89 ef\\n[   42.210708][  T164] RSP: 0018:ffffc90000affbd8 EFLAGS: 00010296\\n[   42.210983][  T164] RAX: 0000000000000000 RBX: ffff8880078d8400 RCX: 0000000000000000\\n[   42.211235][  T164] RDX: 0000000000000000 RSI: 1ffffffff4f10938 RDI: 0000000000000001\\n[   42.211466][  T164] RBP: 0000000000000000 R08: ffffffffa2ae79ea R09: fffffbfff4b3eb84\\n[   42.211707][  T164] R10: 0000000000000003 R11: 0000000000000000 R12: ffff888007ad8000\\n[   42.211997][  T164] R13: 0000000000000002 R14: ffff888006a18800 R15: ffffffffa34c59e0\\n[   42.212234][  T164] FS:  00007f0dc8e39740(0000) GS:ffff88808f51f000(0000) knlGS:0000000000000000\\n[   42.212505][  T164] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033\\n[   42.212704][  T164] CR2: 00007f0dc8e9fe10 CR3: 000000000b56d003 CR4: 0000000000772ef0\\n[   42.213227][  T164] PKRU: 55555554\\n[   42.213366][  T164] Call Trace:\\n[   42.213483][  T164]  \u003cTASK\u003e\\n[   42.213565][  T164]  __fbnic_pm_attach.isra.0+0x8e/0xa0\\n[   42.213725][  T164]  pci_reset_function+0x116/0x1d0\\n[   42.213895][  T164]  reset_store+0xa0/0x100\\n[   42.214025][  T164]  ? pci_dev_reset_attr_is_visible+0x50/0x50\\n[   42.214221][  T164]  ? sysfs_file_kobj+0xc1/0x1e0\\n[   42.214374][  T164]  ? sysfs_kf_write+0x65/0x160\\n[   42.214526][  T164]  kernfs_fop_write_iter+0x2f8/0x4c0\\n[   42.214677][  T164]  ? kernfs_vma_page_mkwrite+0x1f0/0x1f0\\n[   42.214836][  T164]  new_sync_write+0x308/0x6f0\\n[   42.214987][  T164]  ? __lock_acquire+0x34c/0x740\\n[   42.215135][  T164]  ? new_sync_read+0x6f0/0x6f0\\n[   42.215288][  T164]  ? lock_acquire.part.0+0xbc/0x260\\n[   42.215440][  T164]  ? ksys_write+0xff/0x200\\n[   42.215590][  T164]  ? perf_trace_sched_switch+0x6d0/0x6d0\\n[   42.215742][  T164]  vfs_write+0x65e/0xbb0\\n[   42.215876][  T164]  ksys_write+0xff/0x200\\n[   42.215994][  T164]  ? __ia32_sys_read+0xc0/0xc0\\n[   42.216141][  T164]  ? do_user_addr_fault+0x269/0x9f0\\n[   42.216292][  T164]  ? rcu_is_watching+0x15/0xd0\\n[   42.216442][  T164]  do_syscall_64+0xbb/0x360\\n[   42.216591][  T164]  entry_SYSCALL_64_after_hwframe+0x4b/0x53\\n[   42.216784][  T164] RIP: 0033:0x7f0dc8ea9986\\n\\nA bit of digging showed that we were invoking the phylink_resume as a part\\nof the fbnic_up path when we were enabling the service task while not\\nholding the RTNL lock. We should be enabling this sooner as a part of the\\nndo_open path and then just letting the service task come online later.\\nThis will help to enforce the correct locking and brings the phylink\\ninterface online at the same time as the network interface, instead of at a\\nlater time.\\n\\nI tested this on QEMU to verify this was working by putting the system to\\nsleep using \\\"echo mem \u003e /sys/power/state\\\" to put the system to sleep in the\\nguest and then using the command \\\"system_wakeup\\\" in the QEMU monitor.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":5.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.11\",\"versionEndExcluding\":\"6.12.45\",\"matchCriteriaId\":\"E85AB024-3CA8-4477-92B3-E99DB29C1EA2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.13\",\"versionEndExcluding\":\"6.16.5\",\"matchCriteriaId\":\"EB781080-7001-4FA1-B388-517FFEFBC73E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:6.17:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"327D22EF-390B-454C-BD31-2ED23C998A1C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:6.17:rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"C730CD9A-D969-4A8E-9522-162AAF7C0EE9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:6.17:rc3:*:*:*:*:*:*\",\"matchCriteriaId\":\"39982C4B-716E-4B2F-8196-FA301F47807D\"}]}]}],\"references\":[{\"url\":\"https://git.kernel.org/stable/c/3ac5f54e47eb348a4bc26e600c63b4d778a22e23\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/6ede14a2c6365e7e5d855643c7c8390b5268c467\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/7aab65c62a8a8b48c02e600fe9367b2af662fcb6\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.