Vulnerability-Lookup

GHSA-CMHX-Q3FP-JHF6

Vulnerability from github – Published: 2026-06-25 09:31 – Updated: 2026-06-25 09:31

Details

In the Linux kernel, the following vulnerability has been resolved:

tcp: Add preempt_{disable,enable}_nested() in reqsk_queue_hash_req().

syzbot reported a weird reqsk->rsk_refcnt underflow in __inet_csk_reqsk_queue_drop().

The captured reqsk_put() in __inet_csk_reqsk_queue_drop() is called only when it successfully removes reqsk from ehash.

Moreover, reqsk_timer_handler() calls another reqsk_put() after that.

This indicates that the reqsk was missing both refcnts for ehash and the timer itself.

Since all the syzbot reports had PREEMPT_RT enabled, the only possible scenario is that reqsk_queue_hash_req() is preempted after mod_timer() and before refcount_set(), and then the timer triggered after 1s aborts the reqsk due to its listener's close().

Let's wrap mod_timer() and refcount_set() with preempt_disable_nested() and preempt_enable_nested().

Note that inet_ehash_insert() holds the normal spin_lock() (mutex in PREEMPT_RT), so it must be called outside of preempt_disable_nested(), but this is fine.

The lookup path just ignores 0 sk_refcnt entries in ehash and tries to create another reqsk, but this will fail at inet_ehash_insert().

[0]: refcount_t: underflow; use-after-free. WARNING: lib/refcount.c:28 at refcount_warn_saturate+0xb2/0x110 lib/refcount.c:28, CPU#0: ktimers/0/16 Modules linked in: CPU: 0 UID: 0 PID: 16 Comm: ktimers/0 Tainted: G L syzkaller #0 PREEMPT_{RT,(full)} Tainted: [L]=SOFTLOCKUP Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 RIP: 0010:refcount_warn_saturate+0xb2/0x110 lib/refcount.c:28 Code: e4 7d d1 0a 67 48 0f b9 3a eb 4a e8 38 3d 23 fd 48 8d 3d e1 7d d1 0a 67 48 0f b9 3a eb 37 e8 25 3d 23 fd 48 8d 3d de 7d d1 0a <67> 48 0f b9 3a eb 24 e8 12 3d 23 fd 48 8d 3d db 7d d1 0a 67 48 0f RSP: 0000:ffffc90000157948 EFLAGS: 00010246 RAX: ffffffff84a1301b RBX: 0000000000000003 RCX: ffff88801ca98000 RDX: 0000000000000100 RSI: 0000000000000000 RDI: ffffffff8f72ae00 RBP: ffffffff99ae3b01 R08: ffff88801ca98000 R09: 0000000000000005 R10: 0000000000000100 R11: 0000000000000004 R12: ffff8880425ef568 R13: ffff8880425ef4f8 R14: ffff8880425ef578 R15: 0000000000000000 FS: 0000000000000000(0000) GS:ffff888126386000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007f7b46710e9c CR3: 000000000dbb6000 CR4: 00000000003526f0 Call Trace: __refcount_sub_and_test include/linux/refcount.h:400 [inline] __refcount_dec_and_test include/linux/refcount.h:432 [inline] refcount_dec_and_test include/linux/refcount.h:450 [inline] reqsk_put include/net/request_sock.h:136 [inline] __inet_csk_reqsk_queue_drop+0x3ce/0x440 net/ipv4/inet_connection_sock.c:1007 reqsk_timer_handler+0x651/0xdf0 net/ipv4/inet_connection_sock.c:1137 call_timer_fn+0x192/0x5e0 kernel/time/timer.c:1748 expire_timers kernel/time/timer.c:1799 [inline] __run_timers kernel/time/timer.c:2374 [inline] __run_timer_base+0x6a3/0x9f0 kernel/time/timer.c:2386 run_timer_base kernel/time/timer.c:2395 [inline] run_timer_softirq+0x67/0x170 kernel/time/timer.c:2403 handle_softirqs+0x1de/0x6d0 kernel/softirq.c:622 __do_softirq kernel/softirq.c:656 [inline] run_ktimerd+0x69/0x100 kernel/softirq.c:1151 smpboot_thread_fn+0x541/0xa50 kernel/smpboot.c:160 kthread+0x388/0x470 kernel/kthread.c:436 ret_from_fork+0x514/0xb70 arch/x86/kernel/process.c:158 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2026-53260"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-06-25T09:16:43Z",
    "severity": null
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\ntcp: Add preempt_{disable,enable}_nested() in reqsk_queue_hash_req().\n\nsyzbot reported a weird reqsk-\u003ersk_refcnt underflow in\n__inet_csk_reqsk_queue_drop().\n\nThe captured reqsk_put() in __inet_csk_reqsk_queue_drop()\nis called only when it successfully removes reqsk from ehash.\n\nMoreover, reqsk_timer_handler() calls another reqsk_put()\nafter that.\n\nThis indicates that the reqsk was missing both refcnts for\nehash and the timer itself.\n\nSince all the syzbot reports had PREEMPT_RT enabled, the only\npossible scenario is that reqsk_queue_hash_req() is preempted\nafter mod_timer() and before refcount_set(), and then the timer\ntriggered after 1s aborts the reqsk due to its listener\u0027s close().\n\nLet\u0027s wrap mod_timer() and refcount_set() with\npreempt_disable_nested() and preempt_enable_nested().\n\nNote that inet_ehash_insert() holds the normal spin_lock()\n(mutex in PREEMPT_RT), so it must be called outside of\npreempt_disable_nested(), but this is fine.\n\nThe lookup path just ignores 0 sk_refcnt entries in ehash\nand tries to create another reqsk, but this will fail at\ninet_ehash_insert().\n\n[0]:\nrefcount_t: underflow; use-after-free.\nWARNING: lib/refcount.c:28 at refcount_warn_saturate+0xb2/0x110 lib/refcount.c:28, CPU#0: ktimers/0/16\nModules linked in:\nCPU: 0 UID: 0 PID: 16 Comm: ktimers/0 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)}\nTainted: [L]=SOFTLOCKUP\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026\nRIP: 0010:refcount_warn_saturate+0xb2/0x110 lib/refcount.c:28\nCode: e4 7d d1 0a 67 48 0f b9 3a eb 4a e8 38 3d 23 fd 48 8d 3d e1 7d d1 0a 67 48 0f b9 3a eb 37 e8 25 3d 23 fd 48 8d 3d de 7d d1 0a \u003c67\u003e 48 0f b9 3a eb 24 e8 12 3d 23 fd 48 8d 3d db 7d d1 0a 67 48 0f\nRSP: 0000:ffffc90000157948 EFLAGS: 00010246\nRAX: ffffffff84a1301b RBX: 0000000000000003 RCX: ffff88801ca98000\nRDX: 0000000000000100 RSI: 0000000000000000 RDI: ffffffff8f72ae00\nRBP: ffffffff99ae3b01 R08: ffff88801ca98000 R09: 0000000000000005\nR10: 0000000000000100 R11: 0000000000000004 R12: ffff8880425ef568\nR13: ffff8880425ef4f8 R14: ffff8880425ef578 R15: 0000000000000000\nFS:  0000000000000000(0000) GS:ffff888126386000(0000) knlGS:0000000000000000\nCS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007f7b46710e9c CR3: 000000000dbb6000 CR4: 00000000003526f0\nCall Trace:\n \u003cTASK\u003e\n __refcount_sub_and_test include/linux/refcount.h:400 [inline]\n __refcount_dec_and_test include/linux/refcount.h:432 [inline]\n refcount_dec_and_test include/linux/refcount.h:450 [inline]\n reqsk_put include/net/request_sock.h:136 [inline]\n __inet_csk_reqsk_queue_drop+0x3ce/0x440 net/ipv4/inet_connection_sock.c:1007\n reqsk_timer_handler+0x651/0xdf0 net/ipv4/inet_connection_sock.c:1137\n call_timer_fn+0x192/0x5e0 kernel/time/timer.c:1748\n expire_timers kernel/time/timer.c:1799 [inline]\n __run_timers kernel/time/timer.c:2374 [inline]\n __run_timer_base+0x6a3/0x9f0 kernel/time/timer.c:2386\n run_timer_base kernel/time/timer.c:2395 [inline]\n run_timer_softirq+0x67/0x170 kernel/time/timer.c:2403\n handle_softirqs+0x1de/0x6d0 kernel/softirq.c:622\n __do_softirq kernel/softirq.c:656 [inline]\n run_ktimerd+0x69/0x100 kernel/softirq.c:1151\n smpboot_thread_fn+0x541/0xa50 kernel/smpboot.c:160\n kthread+0x388/0x470 kernel/kthread.c:436\n ret_from_fork+0x514/0xb70 arch/x86/kernel/process.c:158\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245\n \u003c/TASK\u003e",
  "id": "GHSA-cmhx-q3fp-jhf6",
  "modified": "2026-06-25T09:31:22Z",
  "published": "2026-06-25T09:31:22Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-53260"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/b183215ff714efb747d9d5a429322ba6404b5401"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/e10902df24488ca722303133acfc82490f7d59ad"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

CVE-2026-53260 (GCVE-0-2026-53260)

Vulnerability from cvelistv5 – Published: 2026-06-25 08:39 – Updated: 2026-06-25 08:39

Title

tcp: Add preempt_{disable,enable}_nested() in reqsk_queue_hash_req().

Summary

In the Linux kernel, the following vulnerability has been resolved: tcp: Add preempt_{disable,enable}_nested() in reqsk_queue_hash_req(). syzbot reported a weird reqsk->rsk_refcnt underflow in __inet_csk_reqsk_queue_drop(). The captured reqsk_put() in __inet_csk_reqsk_queue_drop() is called only when it successfully removes reqsk from ehash. Moreover, reqsk_timer_handler() calls another reqsk_put() after that. This indicates that the reqsk was missing both refcnts for ehash and the timer itself. Since all the syzbot reports had PREEMPT_RT enabled, the only possible scenario is that reqsk_queue_hash_req() is preempted after mod_timer() and before refcount_set(), and then the timer triggered after 1s aborts the reqsk due to its listener's close(). Let's wrap mod_timer() and refcount_set() with preempt_disable_nested() and preempt_enable_nested(). Note that inet_ehash_insert() holds the normal spin_lock() (mutex in PREEMPT_RT), so it must be called outside of preempt_disable_nested(), but this is fine. The lookup path just ignores 0 sk_refcnt entries in ehash and tries to create another reqsk, but this will fail at inet_ehash_insert(). [0]: refcount_t: underflow; use-after-free. WARNING: lib/refcount.c:28 at refcount_warn_saturate+0xb2/0x110 lib/refcount.c:28, CPU#0: ktimers/0/16 Modules linked in: CPU: 0 UID: 0 PID: 16 Comm: ktimers/0 Tainted: G L syzkaller #0 PREEMPT_{RT,(full)} Tainted: [L]=SOFTLOCKUP Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 RIP: 0010:refcount_warn_saturate+0xb2/0x110 lib/refcount.c:28 Code: e4 7d d1 0a 67 48 0f b9 3a eb 4a e8 38 3d 23 fd 48 8d 3d e1 7d d1 0a 67 48 0f b9 3a eb 37 e8 25 3d 23 fd 48 8d 3d de 7d d1 0a <67> 48 0f b9 3a eb 24 e8 12 3d 23 fd 48 8d 3d db 7d d1 0a 67 48 0f RSP: 0000:ffffc90000157948 EFLAGS: 00010246 RAX: ffffffff84a1301b RBX: 0000000000000003 RCX: ffff88801ca98000 RDX: 0000000000000100 RSI: 0000000000000000 RDI: ffffffff8f72ae00 RBP: ffffffff99ae3b01 R08: ffff88801ca98000 R09: 0000000000000005 R10: 0000000000000100 R11: 0000000000000004 R12: ffff8880425ef568 R13: ffff8880425ef4f8 R14: ffff8880425ef578 R15: 0000000000000000 FS: 0000000000000000(0000) GS:ffff888126386000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007f7b46710e9c CR3: 000000000dbb6000 CR4: 00000000003526f0 Call Trace: <TASK> __refcount_sub_and_test include/linux/refcount.h:400 [inline] __refcount_dec_and_test include/linux/refcount.h:432 [inline] refcount_dec_and_test include/linux/refcount.h:450 [inline] reqsk_put include/net/request_sock.h:136 [inline] __inet_csk_reqsk_queue_drop+0x3ce/0x440 net/ipv4/inet_connection_sock.c:1007 reqsk_timer_handler+0x651/0xdf0 net/ipv4/inet_connection_sock.c:1137 call_timer_fn+0x192/0x5e0 kernel/time/timer.c:1748 expire_timers kernel/time/timer.c:1799 [inline] __run_timers kernel/time/timer.c:2374 [inline] __run_timer_base+0x6a3/0x9f0 kernel/time/timer.c:2386 run_timer_base kernel/time/timer.c:2395 [inline] run_timer_softirq+0x67/0x170 kernel/time/timer.c:2403 handle_softirqs+0x1de/0x6d0 kernel/softirq.c:622 __do_softirq kernel/softirq.c:656 [inline] run_ktimerd+0x69/0x100 kernel/softirq.c:1151 smpboot_thread_fn+0x541/0xa50 kernel/smpboot.c:160 kthread+0x388/0x470 kernel/kthread.c:436 ret_from_fork+0x514/0xb70 arch/x86/kernel/process.c:158 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245 </TASK>

Severity

No CVSS data available.

Assigner

Linux

References

2 references

URL	Tags
https://git.kernel.org/stable/c/b183215ff714efb74…
https://git.kernel.org/stable/c/e10902df24488ca72…

Impacted products

2 products

Vendor	Product	Version
Linux	Linux	Affected: d2d6422f8bd17c6bb205133e290625a564194496 , < b183215ff714efb747d9d5a429322ba6404b5401 (git) Affected: d2d6422f8bd17c6bb205133e290625a564194496 , < e10902df24488ca722303133acfc82490f7d59ad (git)
Linux	Linux	Affected: 6.12 Unaffected: 0 , < 6.12 (semver) Unaffected: 7.0.13 , ≤ 7.0.* (semver) Unaffected: 7.1 , ≤ * (original_commit_for_fix)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "net/ipv4/inet_connection_sock.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "b183215ff714efb747d9d5a429322ba6404b5401",
              "status": "affected",
              "version": "d2d6422f8bd17c6bb205133e290625a564194496",
              "versionType": "git"
            },
            {
              "lessThan": "e10902df24488ca722303133acfc82490f7d59ad",
              "status": "affected",
              "version": "d2d6422f8bd17c6bb205133e290625a564194496",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "net/ipv4/inet_connection_sock.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "6.12"
            },
            {
              "lessThan": "6.12",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "7.0.*",
              "status": "unaffected",
              "version": "7.0.13",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "7.1",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "7.0.13",
                  "versionStartIncluding": "6.12",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "7.1",
                  "versionStartIncluding": "6.12",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ntcp: Add preempt_{disable,enable}_nested() in reqsk_queue_hash_req().\n\nsyzbot reported a weird reqsk-\u003ersk_refcnt underflow in\n__inet_csk_reqsk_queue_drop().\n\nThe captured reqsk_put() in __inet_csk_reqsk_queue_drop()\nis called only when it successfully removes reqsk from ehash.\n\nMoreover, reqsk_timer_handler() calls another reqsk_put()\nafter that.\n\nThis indicates that the reqsk was missing both refcnts for\nehash and the timer itself.\n\nSince all the syzbot reports had PREEMPT_RT enabled, the only\npossible scenario is that reqsk_queue_hash_req() is preempted\nafter mod_timer() and before refcount_set(), and then the timer\ntriggered after 1s aborts the reqsk due to its listener\u0027s close().\n\nLet\u0027s wrap mod_timer() and refcount_set() with\npreempt_disable_nested() and preempt_enable_nested().\n\nNote that inet_ehash_insert() holds the normal spin_lock()\n(mutex in PREEMPT_RT), so it must be called outside of\npreempt_disable_nested(), but this is fine.\n\nThe lookup path just ignores 0 sk_refcnt entries in ehash\nand tries to create another reqsk, but this will fail at\ninet_ehash_insert().\n\n[0]:\nrefcount_t: underflow; use-after-free.\nWARNING: lib/refcount.c:28 at refcount_warn_saturate+0xb2/0x110 lib/refcount.c:28, CPU#0: ktimers/0/16\nModules linked in:\nCPU: 0 UID: 0 PID: 16 Comm: ktimers/0 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)}\nTainted: [L]=SOFTLOCKUP\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026\nRIP: 0010:refcount_warn_saturate+0xb2/0x110 lib/refcount.c:28\nCode: e4 7d d1 0a 67 48 0f b9 3a eb 4a e8 38 3d 23 fd 48 8d 3d e1 7d d1 0a 67 48 0f b9 3a eb 37 e8 25 3d 23 fd 48 8d 3d de 7d d1 0a \u003c67\u003e 48 0f b9 3a eb 24 e8 12 3d 23 fd 48 8d 3d db 7d d1 0a 67 48 0f\nRSP: 0000:ffffc90000157948 EFLAGS: 00010246\nRAX: ffffffff84a1301b RBX: 0000000000000003 RCX: ffff88801ca98000\nRDX: 0000000000000100 RSI: 0000000000000000 RDI: ffffffff8f72ae00\nRBP: ffffffff99ae3b01 R08: ffff88801ca98000 R09: 0000000000000005\nR10: 0000000000000100 R11: 0000000000000004 R12: ffff8880425ef568\nR13: ffff8880425ef4f8 R14: ffff8880425ef578 R15: 0000000000000000\nFS:  0000000000000000(0000) GS:ffff888126386000(0000) knlGS:0000000000000000\nCS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007f7b46710e9c CR3: 000000000dbb6000 CR4: 00000000003526f0\nCall Trace:\n \u003cTASK\u003e\n __refcount_sub_and_test include/linux/refcount.h:400 [inline]\n __refcount_dec_and_test include/linux/refcount.h:432 [inline]\n refcount_dec_and_test include/linux/refcount.h:450 [inline]\n reqsk_put include/net/request_sock.h:136 [inline]\n __inet_csk_reqsk_queue_drop+0x3ce/0x440 net/ipv4/inet_connection_sock.c:1007\n reqsk_timer_handler+0x651/0xdf0 net/ipv4/inet_connection_sock.c:1137\n call_timer_fn+0x192/0x5e0 kernel/time/timer.c:1748\n expire_timers kernel/time/timer.c:1799 [inline]\n __run_timers kernel/time/timer.c:2374 [inline]\n __run_timer_base+0x6a3/0x9f0 kernel/time/timer.c:2386\n run_timer_base kernel/time/timer.c:2395 [inline]\n run_timer_softirq+0x67/0x170 kernel/time/timer.c:2403\n handle_softirqs+0x1de/0x6d0 kernel/softirq.c:622\n __do_softirq kernel/softirq.c:656 [inline]\n run_ktimerd+0x69/0x100 kernel/softirq.c:1151\n smpboot_thread_fn+0x541/0xa50 kernel/smpboot.c:160\n kthread+0x388/0x470 kernel/kthread.c:436\n ret_from_fork+0x514/0xb70 arch/x86/kernel/process.c:158\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245\n \u003c/TASK\u003e"
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-06-25T08:39:49.229Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/b183215ff714efb747d9d5a429322ba6404b5401"
        },
        {
          "url": "https://git.kernel.org/stable/c/e10902df24488ca722303133acfc82490f7d59ad"
        }
      ],
      "title": "tcp: Add preempt_{disable,enable}_nested() in reqsk_queue_hash_req().",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2026-53260",
    "datePublished": "2026-06-25T08:39:49.229Z",
    "dateReserved": "2026-06-09T07:44:35.394Z",
    "dateUpdated": "2026-06-25T08:39:49.229Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

GHSA-CMHX-Q3FP-JHF6

CVE-2026-53260 (GCVE-0-2026-53260)

Tags

Sightings

Nomenclature