CVE-2026-23088 (GCVE-0-2026-23088)
Vulnerability from cvelistv5 – Published: 2026-02-04 16:08 – Updated: 2026-02-04 16:08
VLAI?
Title
tracing: Fix crash on synthetic stacktrace field usage
Summary
In the Linux kernel, the following vulnerability has been resolved:
tracing: Fix crash on synthetic stacktrace field usage
When creating a synthetic event based on an existing synthetic event that
had a stacktrace field and the new synthetic event used that field a
kernel crash occurred:
~# cd /sys/kernel/tracing
~# echo 's:stack unsigned long stack[];' > dynamic_events
~# echo 'hist:keys=prev_pid:s0=common_stacktrace if prev_state & 3' >> events/sched/sched_switch/trigger
~# echo 'hist:keys=next_pid:s1=$s0:onmatch(sched.sched_switch).trace(stack,$s1)' >> events/sched/sched_switch/trigger
The above creates a synthetic event that takes a stacktrace when a task
schedules out in a non-running state and passes that stacktrace to the
sched_switch event when that task schedules back in. It triggers the
"stack" synthetic event that has a stacktrace as its field (called "stack").
~# echo 's:syscall_stack s64 id; unsigned long stack[];' >> dynamic_events
~# echo 'hist:keys=common_pid:s2=stack' >> events/synthetic/stack/trigger
~# echo 'hist:keys=common_pid:s3=$s2,i0=id:onmatch(synthetic.stack).trace(syscall_stack,$i0,$s3)' >> events/raw_syscalls/sys_exit/trigger
The above makes another synthetic event called "syscall_stack" that
attaches the first synthetic event (stack) to the sys_exit trace event and
records the stacktrace from the stack event with the id of the system call
that is exiting.
When enabling this event (or using it in a historgram):
~# echo 1 > events/synthetic/syscall_stack/enable
Produces a kernel crash!
BUG: unable to handle page fault for address: 0000000000400010
#PF: supervisor read access in kernel mode
#PF: error_code(0x0000) - not-present page
PGD 0 P4D 0
Oops: Oops: 0000 [#1] SMP PTI
CPU: 6 UID: 0 PID: 1257 Comm: bash Not tainted 6.16.3+deb14-amd64 #1 PREEMPT(lazy) Debian 6.16.3-1
Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.17.0-debian-1.17.0-1 04/01/2014
RIP: 0010:trace_event_raw_event_synth+0x90/0x380
Code: c5 00 00 00 00 85 d2 0f 84 e1 00 00 00 31 db eb 34 0f 1f 00 66 66 2e 0f 1f 84 00 00 00 00 00 66 66 2e 0f 1f 84 00 00 00 00 00 <49> 8b 04 24 48 83 c3 01 8d 0c c5 08 00 00 00 01 cd 41 3b 5d 40 0f
RSP: 0018:ffffd2670388f958 EFLAGS: 00010202
RAX: ffff8ba1065cc100 RBX: 0000000000000000 RCX: 0000000000000000
RDX: 0000000000000001 RSI: fffff266ffda7b90 RDI: ffffd2670388f9b0
RBP: 0000000000000010 R08: ffff8ba104e76000 R09: ffffd2670388fa50
R10: ffff8ba102dd42e0 R11: ffffffff9a908970 R12: 0000000000400010
R13: ffff8ba10a246400 R14: ffff8ba10a710220 R15: fffff266ffda7b90
FS: 00007fa3bc63f740(0000) GS:ffff8ba2e0f48000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000000000400010 CR3: 0000000107f9e003 CR4: 0000000000172ef0
Call Trace:
<TASK>
? __tracing_map_insert+0x208/0x3a0
action_trace+0x67/0x70
event_hist_trigger+0x633/0x6d0
event_triggers_call+0x82/0x130
trace_event_buffer_commit+0x19d/0x250
trace_event_raw_event_sys_exit+0x62/0xb0
syscall_exit_work+0x9d/0x140
do_syscall_64+0x20a/0x2f0
? trace_event_raw_event_sched_switch+0x12b/0x170
? save_fpregs_to_fpstate+0x3e/0x90
? _raw_spin_unlock+0xe/0x30
? finish_task_switch.isra.0+0x97/0x2c0
? __rseq_handle_notify_resume+0xad/0x4c0
? __schedule+0x4b8/0xd00
? restore_fpregs_from_fpstate+0x3c/0x90
? switch_fpu_return+0x5b/0xe0
? do_syscall_64+0x1ef/0x2f0
? do_fault+0x2e9/0x540
? __handle_mm_fault+0x7d1/0xf70
? count_memcg_events+0x167/0x1d0
? handle_mm_fault+0x1d7/0x2e0
? do_user_addr_fault+0x2c3/0x7f0
entry_SYSCALL_64_after_hwframe+0x76/0x7e
The reason is that the stacktrace field is not labeled as such, and is
treated as a normal field and not as a dynamic event that it is.
In trace_event_raw_event_synth() the event is field is still treated as a
dynamic array, but the retrieval of the data is considered a normal field,
and the reference is just the meta data:
// Meta data is retrieved instead of a dynamic array
---truncated---
Severity ?
No CVSS data available.
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Linux | Linux |
Affected:
00cf3d672a9dd409418647e9f98784c339c3ff63 , < 98ecbfb2598c9c7ca755a29f402da9d36c057077
(git)
Affected: 00cf3d672a9dd409418647e9f98784c339c3ff63 , < 327af07dff6ab5650b21491eb4f69694999ff3d1 (git) Affected: 00cf3d672a9dd409418647e9f98784c339c3ff63 , < 3b90d099efa2b67239bd3b3dc3521ec584261748 (git) Affected: 00cf3d672a9dd409418647e9f98784c339c3ff63 , < 90f9f5d64cae4e72defd96a2a22760173cb3c9ec (git) Affected: b9453380c1c542fd095a4dbe9251eeba4022bbce (git) Affected: 5f52389bdd9eafb63b3a2f804e02aeb17b6a5f55 (git) Affected: f3baa42afeea0d5f04ad31525e861199d02210cc (git) |
||
{
"containers": {
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"kernel/trace/trace_events_hist.c",
"kernel/trace/trace_events_synth.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "98ecbfb2598c9c7ca755a29f402da9d36c057077",
"status": "affected",
"version": "00cf3d672a9dd409418647e9f98784c339c3ff63",
"versionType": "git"
},
{
"lessThan": "327af07dff6ab5650b21491eb4f69694999ff3d1",
"status": "affected",
"version": "00cf3d672a9dd409418647e9f98784c339c3ff63",
"versionType": "git"
},
{
"lessThan": "3b90d099efa2b67239bd3b3dc3521ec584261748",
"status": "affected",
"version": "00cf3d672a9dd409418647e9f98784c339c3ff63",
"versionType": "git"
},
{
"lessThan": "90f9f5d64cae4e72defd96a2a22760173cb3c9ec",
"status": "affected",
"version": "00cf3d672a9dd409418647e9f98784c339c3ff63",
"versionType": "git"
},
{
"status": "affected",
"version": "b9453380c1c542fd095a4dbe9251eeba4022bbce",
"versionType": "git"
},
{
"status": "affected",
"version": "5f52389bdd9eafb63b3a2f804e02aeb17b6a5f55",
"versionType": "git"
},
{
"status": "affected",
"version": "f3baa42afeea0d5f04ad31525e861199d02210cc",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"kernel/trace/trace_events_hist.c",
"kernel/trace/trace_events_synth.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "6.3"
},
{
"lessThan": "6.3",
"status": "unaffected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.122",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.12.*",
"status": "unaffected",
"version": "6.12.68",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.18.*",
"status": "unaffected",
"version": "6.18.8",
"versionType": "semver"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.19-rc7",
"versionType": "original_commit_for_fix"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.6.122",
"versionStartIncluding": "6.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.12.68",
"versionStartIncluding": "6.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.18.8",
"versionStartIncluding": "6.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.19-rc7",
"versionStartIncluding": "6.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.10.237",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.15.124",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.1.43",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ntracing: Fix crash on synthetic stacktrace field usage\n\nWhen creating a synthetic event based on an existing synthetic event that\nhad a stacktrace field and the new synthetic event used that field a\nkernel crash occurred:\n\n ~# cd /sys/kernel/tracing\n ~# echo \u0027s:stack unsigned long stack[];\u0027 \u003e dynamic_events\n ~# echo \u0027hist:keys=prev_pid:s0=common_stacktrace if prev_state \u0026 3\u0027 \u003e\u003e events/sched/sched_switch/trigger\n ~# echo \u0027hist:keys=next_pid:s1=$s0:onmatch(sched.sched_switch).trace(stack,$s1)\u0027 \u003e\u003e events/sched/sched_switch/trigger\n\nThe above creates a synthetic event that takes a stacktrace when a task\nschedules out in a non-running state and passes that stacktrace to the\nsched_switch event when that task schedules back in. It triggers the\n\"stack\" synthetic event that has a stacktrace as its field (called \"stack\").\n\n ~# echo \u0027s:syscall_stack s64 id; unsigned long stack[];\u0027 \u003e\u003e dynamic_events\n ~# echo \u0027hist:keys=common_pid:s2=stack\u0027 \u003e\u003e events/synthetic/stack/trigger\n ~# echo \u0027hist:keys=common_pid:s3=$s2,i0=id:onmatch(synthetic.stack).trace(syscall_stack,$i0,$s3)\u0027 \u003e\u003e events/raw_syscalls/sys_exit/trigger\n\nThe above makes another synthetic event called \"syscall_stack\" that\nattaches the first synthetic event (stack) to the sys_exit trace event and\nrecords the stacktrace from the stack event with the id of the system call\nthat is exiting.\n\nWhen enabling this event (or using it in a historgram):\n\n ~# echo 1 \u003e events/synthetic/syscall_stack/enable\n\nProduces a kernel crash!\n\n BUG: unable to handle page fault for address: 0000000000400010\n #PF: supervisor read access in kernel mode\n #PF: error_code(0x0000) - not-present page\n PGD 0 P4D 0\n Oops: Oops: 0000 [#1] SMP PTI\n CPU: 6 UID: 0 PID: 1257 Comm: bash Not tainted 6.16.3+deb14-amd64 #1 PREEMPT(lazy) Debian 6.16.3-1\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.17.0-debian-1.17.0-1 04/01/2014\n RIP: 0010:trace_event_raw_event_synth+0x90/0x380\n Code: c5 00 00 00 00 85 d2 0f 84 e1 00 00 00 31 db eb 34 0f 1f 00 66 66 2e 0f 1f 84 00 00 00 00 00 66 66 2e 0f 1f 84 00 00 00 00 00 \u003c49\u003e 8b 04 24 48 83 c3 01 8d 0c c5 08 00 00 00 01 cd 41 3b 5d 40 0f\n RSP: 0018:ffffd2670388f958 EFLAGS: 00010202\n RAX: ffff8ba1065cc100 RBX: 0000000000000000 RCX: 0000000000000000\n RDX: 0000000000000001 RSI: fffff266ffda7b90 RDI: ffffd2670388f9b0\n RBP: 0000000000000010 R08: ffff8ba104e76000 R09: ffffd2670388fa50\n R10: ffff8ba102dd42e0 R11: ffffffff9a908970 R12: 0000000000400010\n R13: ffff8ba10a246400 R14: ffff8ba10a710220 R15: fffff266ffda7b90\n FS: 00007fa3bc63f740(0000) GS:ffff8ba2e0f48000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 0000000000400010 CR3: 0000000107f9e003 CR4: 0000000000172ef0\n Call Trace:\n \u003cTASK\u003e\n ? __tracing_map_insert+0x208/0x3a0\n action_trace+0x67/0x70\n event_hist_trigger+0x633/0x6d0\n event_triggers_call+0x82/0x130\n trace_event_buffer_commit+0x19d/0x250\n trace_event_raw_event_sys_exit+0x62/0xb0\n syscall_exit_work+0x9d/0x140\n do_syscall_64+0x20a/0x2f0\n ? trace_event_raw_event_sched_switch+0x12b/0x170\n ? save_fpregs_to_fpstate+0x3e/0x90\n ? _raw_spin_unlock+0xe/0x30\n ? finish_task_switch.isra.0+0x97/0x2c0\n ? __rseq_handle_notify_resume+0xad/0x4c0\n ? __schedule+0x4b8/0xd00\n ? restore_fpregs_from_fpstate+0x3c/0x90\n ? switch_fpu_return+0x5b/0xe0\n ? do_syscall_64+0x1ef/0x2f0\n ? do_fault+0x2e9/0x540\n ? __handle_mm_fault+0x7d1/0xf70\n ? count_memcg_events+0x167/0x1d0\n ? handle_mm_fault+0x1d7/0x2e0\n ? do_user_addr_fault+0x2c3/0x7f0\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nThe reason is that the stacktrace field is not labeled as such, and is\ntreated as a normal field and not as a dynamic event that it is.\n\nIn trace_event_raw_event_synth() the event is field is still treated as a\ndynamic array, but the retrieval of the data is considered a normal field,\nand the reference is just the meta data:\n\n// Meta data is retrieved instead of a dynamic array\n---truncated---"
}
],
"providerMetadata": {
"dateUpdated": "2026-02-04T16:08:11.717Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/98ecbfb2598c9c7ca755a29f402da9d36c057077"
},
{
"url": "https://git.kernel.org/stable/c/327af07dff6ab5650b21491eb4f69694999ff3d1"
},
{
"url": "https://git.kernel.org/stable/c/3b90d099efa2b67239bd3b3dc3521ec584261748"
},
{
"url": "https://git.kernel.org/stable/c/90f9f5d64cae4e72defd96a2a22760173cb3c9ec"
}
],
"title": "tracing: Fix crash on synthetic stacktrace field usage",
"x_generator": {
"engine": "bippy-1.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2026-23088",
"datePublished": "2026-02-04T16:08:11.717Z",
"dateReserved": "2026-01-13T15:37:45.961Z",
"dateUpdated": "2026-02-04T16:08:11.717Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2026-23088\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2026-02-04T17:16:19.673\",\"lastModified\":\"2026-02-05T14:57:20.563\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\ntracing: Fix crash on synthetic stacktrace field usage\\n\\nWhen creating a synthetic event based on an existing synthetic event that\\nhad a stacktrace field and the new synthetic event used that field a\\nkernel crash occurred:\\n\\n ~# cd /sys/kernel/tracing\\n ~# echo \u0027s:stack unsigned long stack[];\u0027 \u003e dynamic_events\\n ~# echo \u0027hist:keys=prev_pid:s0=common_stacktrace if prev_state \u0026 3\u0027 \u003e\u003e events/sched/sched_switch/trigger\\n ~# echo \u0027hist:keys=next_pid:s1=$s0:onmatch(sched.sched_switch).trace(stack,$s1)\u0027 \u003e\u003e events/sched/sched_switch/trigger\\n\\nThe above creates a synthetic event that takes a stacktrace when a task\\nschedules out in a non-running state and passes that stacktrace to the\\nsched_switch event when that task schedules back in. It triggers the\\n\\\"stack\\\" synthetic event that has a stacktrace as its field (called \\\"stack\\\").\\n\\n ~# echo \u0027s:syscall_stack s64 id; unsigned long stack[];\u0027 \u003e\u003e dynamic_events\\n ~# echo \u0027hist:keys=common_pid:s2=stack\u0027 \u003e\u003e events/synthetic/stack/trigger\\n ~# echo \u0027hist:keys=common_pid:s3=$s2,i0=id:onmatch(synthetic.stack).trace(syscall_stack,$i0,$s3)\u0027 \u003e\u003e events/raw_syscalls/sys_exit/trigger\\n\\nThe above makes another synthetic event called \\\"syscall_stack\\\" that\\nattaches the first synthetic event (stack) to the sys_exit trace event and\\nrecords the stacktrace from the stack event with the id of the system call\\nthat is exiting.\\n\\nWhen enabling this event (or using it in a historgram):\\n\\n ~# echo 1 \u003e events/synthetic/syscall_stack/enable\\n\\nProduces a kernel crash!\\n\\n BUG: unable to handle page fault for address: 0000000000400010\\n #PF: supervisor read access in kernel mode\\n #PF: error_code(0x0000) - not-present page\\n PGD 0 P4D 0\\n Oops: Oops: 0000 [#1] SMP PTI\\n CPU: 6 UID: 0 PID: 1257 Comm: bash Not tainted 6.16.3+deb14-amd64 #1 PREEMPT(lazy) Debian 6.16.3-1\\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.17.0-debian-1.17.0-1 04/01/2014\\n RIP: 0010:trace_event_raw_event_synth+0x90/0x380\\n Code: c5 00 00 00 00 85 d2 0f 84 e1 00 00 00 31 db eb 34 0f 1f 00 66 66 2e 0f 1f 84 00 00 00 00 00 66 66 2e 0f 1f 84 00 00 00 00 00 \u003c49\u003e 8b 04 24 48 83 c3 01 8d 0c c5 08 00 00 00 01 cd 41 3b 5d 40 0f\\n RSP: 0018:ffffd2670388f958 EFLAGS: 00010202\\n RAX: ffff8ba1065cc100 RBX: 0000000000000000 RCX: 0000000000000000\\n RDX: 0000000000000001 RSI: fffff266ffda7b90 RDI: ffffd2670388f9b0\\n RBP: 0000000000000010 R08: ffff8ba104e76000 R09: ffffd2670388fa50\\n R10: ffff8ba102dd42e0 R11: ffffffff9a908970 R12: 0000000000400010\\n R13: ffff8ba10a246400 R14: ffff8ba10a710220 R15: fffff266ffda7b90\\n FS: 00007fa3bc63f740(0000) GS:ffff8ba2e0f48000(0000) knlGS:0000000000000000\\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\\n CR2: 0000000000400010 CR3: 0000000107f9e003 CR4: 0000000000172ef0\\n Call Trace:\\n \u003cTASK\u003e\\n ? __tracing_map_insert+0x208/0x3a0\\n action_trace+0x67/0x70\\n event_hist_trigger+0x633/0x6d0\\n event_triggers_call+0x82/0x130\\n trace_event_buffer_commit+0x19d/0x250\\n trace_event_raw_event_sys_exit+0x62/0xb0\\n syscall_exit_work+0x9d/0x140\\n do_syscall_64+0x20a/0x2f0\\n ? trace_event_raw_event_sched_switch+0x12b/0x170\\n ? save_fpregs_to_fpstate+0x3e/0x90\\n ? _raw_spin_unlock+0xe/0x30\\n ? finish_task_switch.isra.0+0x97/0x2c0\\n ? __rseq_handle_notify_resume+0xad/0x4c0\\n ? __schedule+0x4b8/0xd00\\n ? restore_fpregs_from_fpstate+0x3c/0x90\\n ? switch_fpu_return+0x5b/0xe0\\n ? do_syscall_64+0x1ef/0x2f0\\n ? do_fault+0x2e9/0x540\\n ? __handle_mm_fault+0x7d1/0xf70\\n ? count_memcg_events+0x167/0x1d0\\n ? handle_mm_fault+0x1d7/0x2e0\\n ? do_user_addr_fault+0x2c3/0x7f0\\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\\n\\nThe reason is that the stacktrace field is not labeled as such, and is\\ntreated as a normal field and not as a dynamic event that it is.\\n\\nIn trace_event_raw_event_synth() the event is field is still treated as a\\ndynamic array, but the retrieval of the data is considered a normal field,\\nand the reference is just the meta data:\\n\\n// Meta data is retrieved instead of a dynamic array\\n---truncated---\"}],\"metrics\":{},\"references\":[{\"url\":\"https://git.kernel.org/stable/c/327af07dff6ab5650b21491eb4f69694999ff3d1\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/3b90d099efa2b67239bd3b3dc3521ec584261748\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/90f9f5d64cae4e72defd96a2a22760173cb3c9ec\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/98ecbfb2598c9c7ca755a29f402da9d36c057077\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"}]}}"
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…