CVE-2024-41097
Vulnerability from cvelistv5
Published
2024-07-29 15:48
Modified
2024-12-19 09:11
Severity ?
Summary
In the Linux kernel, the following vulnerability has been resolved: usb: atm: cxacru: fix endpoint checking in cxacru_bind() Syzbot is still reporting quite an old issue [1] that occurs due to incomplete checking of present usb endpoints. As such, wrong endpoints types may be used at urb sumbitting stage which in turn triggers a warning in usb_submit_urb(). Fix the issue by verifying that required endpoint types are present for both in and out endpoints, taking into account cmd endpoint type. Unfortunately, this patch has not been tested on real hardware. [1] Syzbot report: usb 1-1: BOGUS urb xfer, pipe 1 != type 3 WARNING: CPU: 0 PID: 8667 at drivers/usb/core/urb.c:502 usb_submit_urb+0xed2/0x18a0 drivers/usb/core/urb.c:502 Modules linked in: CPU: 0 PID: 8667 Comm: kworker/0:4 Not tainted 5.14.0-rc4-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Workqueue: usb_hub_wq hub_event RIP: 0010:usb_submit_urb+0xed2/0x18a0 drivers/usb/core/urb.c:502 ... Call Trace: cxacru_cm+0x3c0/0x8e0 drivers/usb/atm/cxacru.c:649 cxacru_card_status+0x22/0xd0 drivers/usb/atm/cxacru.c:760 cxacru_bind+0x7ac/0x11a0 drivers/usb/atm/cxacru.c:1209 usbatm_usb_probe+0x321/0x1ae0 drivers/usb/atm/usbatm.c:1055 cxacru_usb_probe+0xdf/0x1e0 drivers/usb/atm/cxacru.c:1363 usb_probe_interface+0x315/0x7f0 drivers/usb/core/driver.c:396 call_driver_probe drivers/base/dd.c:517 [inline] really_probe+0x23c/0xcd0 drivers/base/dd.c:595 __driver_probe_device+0x338/0x4d0 drivers/base/dd.c:747 driver_probe_device+0x4c/0x1a0 drivers/base/dd.c:777 __device_attach_driver+0x20b/0x2f0 drivers/base/dd.c:894 bus_for_each_drv+0x15f/0x1e0 drivers/base/bus.c:427 __device_attach+0x228/0x4a0 drivers/base/dd.c:965 bus_probe_device+0x1e4/0x290 drivers/base/bus.c:487 device_add+0xc2f/0x2180 drivers/base/core.c:3354 usb_set_configuration+0x113a/0x1910 drivers/usb/core/message.c:2170 usb_generic_driver_probe+0xba/0x100 drivers/usb/core/generic.c:238 usb_probe_device+0xd9/0x2c0 drivers/usb/core/driver.c:293
References
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/1aac4be1aaa5177506219f01dce5e29194e5e95aPatch
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/23926d316d2836315cb113569f91393266eb5b47Patch
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/2eabb655a968b862bc0c31629a09f0fbf3c80d51Patch
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/5159a81924311c1ec786ad9fdef784ead8676a6aPatch
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/5584c776a1af7807ca815ee6265f2c1429fc5727Patch
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/75ddbf776dd04a09fb9e5267ead5d0c989f84506Patch
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/ac9007520e392541a29daebaae8b9109007bc781Patch
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/f536f09eb45e4de8d1b9accee9d992aa1846f1d4Patch
af854a3a-2127-422b-91ae-364da2661108https://git.kernel.org/stable/c/1aac4be1aaa5177506219f01dce5e29194e5e95aPatch
af854a3a-2127-422b-91ae-364da2661108https://git.kernel.org/stable/c/23926d316d2836315cb113569f91393266eb5b47Patch
af854a3a-2127-422b-91ae-364da2661108https://git.kernel.org/stable/c/2eabb655a968b862bc0c31629a09f0fbf3c80d51Patch
af854a3a-2127-422b-91ae-364da2661108https://git.kernel.org/stable/c/5159a81924311c1ec786ad9fdef784ead8676a6aPatch
af854a3a-2127-422b-91ae-364da2661108https://git.kernel.org/stable/c/5584c776a1af7807ca815ee6265f2c1429fc5727Patch
af854a3a-2127-422b-91ae-364da2661108https://git.kernel.org/stable/c/75ddbf776dd04a09fb9e5267ead5d0c989f84506Patch
af854a3a-2127-422b-91ae-364da2661108https://git.kernel.org/stable/c/ac9007520e392541a29daebaae8b9109007bc781Patch
af854a3a-2127-422b-91ae-364da2661108https://git.kernel.org/stable/c/f536f09eb45e4de8d1b9accee9d992aa1846f1d4Patch
Impacted products
Vendor Product Version
Linux Linux Version: 2.6.36
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T04:46:52.472Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/5159a81924311c1ec786ad9fdef784ead8676a6a"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/23926d316d2836315cb113569f91393266eb5b47"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/75ddbf776dd04a09fb9e5267ead5d0c989f84506"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/1aac4be1aaa5177506219f01dce5e29194e5e95a"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/5584c776a1af7807ca815ee6265f2c1429fc5727"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/f536f09eb45e4de8d1b9accee9d992aa1846f1d4"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/ac9007520e392541a29daebaae8b9109007bc781"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/2eabb655a968b862bc0c31629a09f0fbf3c80d51"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-41097",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-10T16:20:18.903942Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-11T17:33:08.858Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/usb/atm/cxacru.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "5159a81924311c1ec786ad9fdef784ead8676a6a",
              "status": "affected",
              "version": "902ffc3c707c1d459ea57428a619a807cbe412f9",
              "versionType": "git"
            },
            {
              "lessThan": "23926d316d2836315cb113569f91393266eb5b47",
              "status": "affected",
              "version": "902ffc3c707c1d459ea57428a619a807cbe412f9",
              "versionType": "git"
            },
            {
              "lessThan": "75ddbf776dd04a09fb9e5267ead5d0c989f84506",
              "status": "affected",
              "version": "902ffc3c707c1d459ea57428a619a807cbe412f9",
              "versionType": "git"
            },
            {
              "lessThan": "1aac4be1aaa5177506219f01dce5e29194e5e95a",
              "status": "affected",
              "version": "902ffc3c707c1d459ea57428a619a807cbe412f9",
              "versionType": "git"
            },
            {
              "lessThan": "5584c776a1af7807ca815ee6265f2c1429fc5727",
              "status": "affected",
              "version": "902ffc3c707c1d459ea57428a619a807cbe412f9",
              "versionType": "git"
            },
            {
              "lessThan": "f536f09eb45e4de8d1b9accee9d992aa1846f1d4",
              "status": "affected",
              "version": "902ffc3c707c1d459ea57428a619a807cbe412f9",
              "versionType": "git"
            },
            {
              "lessThan": "ac9007520e392541a29daebaae8b9109007bc781",
              "status": "affected",
              "version": "902ffc3c707c1d459ea57428a619a807cbe412f9",
              "versionType": "git"
            },
            {
              "lessThan": "2eabb655a968b862bc0c31629a09f0fbf3c80d51",
              "status": "affected",
              "version": "902ffc3c707c1d459ea57428a619a807cbe412f9",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/usb/atm/cxacru.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "2.6.36"
            },
            {
              "lessThan": "2.6.36",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.19.*",
              "status": "unaffected",
              "version": "4.19.317",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.279",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.221",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.162",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.97",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.37",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.9.*",
              "status": "unaffected",
              "version": "6.9.8",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.10",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: atm: cxacru: fix endpoint checking in cxacru_bind()\n\nSyzbot is still reporting quite an old issue [1] that occurs due to\nincomplete checking of present usb endpoints. As such, wrong\nendpoints types may be used at urb sumbitting stage which in turn\ntriggers a warning in usb_submit_urb().\n\nFix the issue by verifying that required endpoint types are present\nfor both in and out endpoints, taking into account cmd endpoint type.\n\nUnfortunately, this patch has not been tested on real hardware.\n\n[1] Syzbot report:\nusb 1-1: BOGUS urb xfer, pipe 1 != type 3\nWARNING: CPU: 0 PID: 8667 at drivers/usb/core/urb.c:502 usb_submit_urb+0xed2/0x18a0 drivers/usb/core/urb.c:502\nModules linked in:\nCPU: 0 PID: 8667 Comm: kworker/0:4 Not tainted 5.14.0-rc4-syzkaller #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011\nWorkqueue: usb_hub_wq hub_event\nRIP: 0010:usb_submit_urb+0xed2/0x18a0 drivers/usb/core/urb.c:502\n...\nCall Trace:\n cxacru_cm+0x3c0/0x8e0 drivers/usb/atm/cxacru.c:649\n cxacru_card_status+0x22/0xd0 drivers/usb/atm/cxacru.c:760\n cxacru_bind+0x7ac/0x11a0 drivers/usb/atm/cxacru.c:1209\n usbatm_usb_probe+0x321/0x1ae0 drivers/usb/atm/usbatm.c:1055\n cxacru_usb_probe+0xdf/0x1e0 drivers/usb/atm/cxacru.c:1363\n usb_probe_interface+0x315/0x7f0 drivers/usb/core/driver.c:396\n call_driver_probe drivers/base/dd.c:517 [inline]\n really_probe+0x23c/0xcd0 drivers/base/dd.c:595\n __driver_probe_device+0x338/0x4d0 drivers/base/dd.c:747\n driver_probe_device+0x4c/0x1a0 drivers/base/dd.c:777\n __device_attach_driver+0x20b/0x2f0 drivers/base/dd.c:894\n bus_for_each_drv+0x15f/0x1e0 drivers/base/bus.c:427\n __device_attach+0x228/0x4a0 drivers/base/dd.c:965\n bus_probe_device+0x1e4/0x290 drivers/base/bus.c:487\n device_add+0xc2f/0x2180 drivers/base/core.c:3354\n usb_set_configuration+0x113a/0x1910 drivers/usb/core/message.c:2170\n usb_generic_driver_probe+0xba/0x100 drivers/usb/core/generic.c:238\n usb_probe_device+0xd9/0x2c0 drivers/usb/core/driver.c:293"
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-12-19T09:11:57.520Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/5159a81924311c1ec786ad9fdef784ead8676a6a"
        },
        {
          "url": "https://git.kernel.org/stable/c/23926d316d2836315cb113569f91393266eb5b47"
        },
        {
          "url": "https://git.kernel.org/stable/c/75ddbf776dd04a09fb9e5267ead5d0c989f84506"
        },
        {
          "url": "https://git.kernel.org/stable/c/1aac4be1aaa5177506219f01dce5e29194e5e95a"
        },
        {
          "url": "https://git.kernel.org/stable/c/5584c776a1af7807ca815ee6265f2c1429fc5727"
        },
        {
          "url": "https://git.kernel.org/stable/c/f536f09eb45e4de8d1b9accee9d992aa1846f1d4"
        },
        {
          "url": "https://git.kernel.org/stable/c/ac9007520e392541a29daebaae8b9109007bc781"
        },
        {
          "url": "https://git.kernel.org/stable/c/2eabb655a968b862bc0c31629a09f0fbf3c80d51"
        }
      ],
      "title": "usb: atm: cxacru: fix endpoint checking in cxacru_bind()",
      "x_generator": {
        "engine": "bippy-5f407fcff5a0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2024-41097",
    "datePublished": "2024-07-29T15:48:10.175Z",
    "dateReserved": "2024-07-12T12:17:45.637Z",
    "dateUpdated": "2024-12-19T09:11:57.520Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2024-41097\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2024-07-29T16:15:04.753\",\"lastModified\":\"2024-11-21T09:32:14.393\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\nusb: atm: cxacru: fix endpoint checking in cxacru_bind()\\n\\nSyzbot is still reporting quite an old issue [1] that occurs due to\\nincomplete checking of present usb endpoints. As such, wrong\\nendpoints types may be used at urb sumbitting stage which in turn\\ntriggers a warning in usb_submit_urb().\\n\\nFix the issue by verifying that required endpoint types are present\\nfor both in and out endpoints, taking into account cmd endpoint type.\\n\\nUnfortunately, this patch has not been tested on real hardware.\\n\\n[1] Syzbot report:\\nusb 1-1: BOGUS urb xfer, pipe 1 != type 3\\nWARNING: CPU: 0 PID: 8667 at drivers/usb/core/urb.c:502 usb_submit_urb+0xed2/0x18a0 drivers/usb/core/urb.c:502\\nModules linked in:\\nCPU: 0 PID: 8667 Comm: kworker/0:4 Not tainted 5.14.0-rc4-syzkaller #0\\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011\\nWorkqueue: usb_hub_wq hub_event\\nRIP: 0010:usb_submit_urb+0xed2/0x18a0 drivers/usb/core/urb.c:502\\n...\\nCall Trace:\\n cxacru_cm+0x3c0/0x8e0 drivers/usb/atm/cxacru.c:649\\n cxacru_card_status+0x22/0xd0 drivers/usb/atm/cxacru.c:760\\n cxacru_bind+0x7ac/0x11a0 drivers/usb/atm/cxacru.c:1209\\n usbatm_usb_probe+0x321/0x1ae0 drivers/usb/atm/usbatm.c:1055\\n cxacru_usb_probe+0xdf/0x1e0 drivers/usb/atm/cxacru.c:1363\\n usb_probe_interface+0x315/0x7f0 drivers/usb/core/driver.c:396\\n call_driver_probe drivers/base/dd.c:517 [inline]\\n really_probe+0x23c/0xcd0 drivers/base/dd.c:595\\n __driver_probe_device+0x338/0x4d0 drivers/base/dd.c:747\\n driver_probe_device+0x4c/0x1a0 drivers/base/dd.c:777\\n __device_attach_driver+0x20b/0x2f0 drivers/base/dd.c:894\\n bus_for_each_drv+0x15f/0x1e0 drivers/base/bus.c:427\\n __device_attach+0x228/0x4a0 drivers/base/dd.c:965\\n bus_probe_device+0x1e4/0x290 drivers/base/bus.c:487\\n device_add+0xc2f/0x2180 drivers/base/core.c:3354\\n usb_set_configuration+0x113a/0x1910 drivers/usb/core/message.c:2170\\n usb_generic_driver_probe+0xba/0x100 drivers/usb/core/generic.c:238\\n usb_probe_device+0xd9/0x2c0 drivers/usb/core/driver.c:293\"},{\"lang\":\"es\",\"value\":\"En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: usb: atm: cxacru: corrige la comprobaci\u00f3n de endpoints en cxacru_bind() Syzbot todav\u00eda informa de un problema bastante antiguo [1] que se produce debido a una comprobaci\u00f3n incompleta de los endpoints USB actuales. Como tal, se pueden usar tipos de endpoints incorrectos en la etapa de env\u00edo de urb, lo que a su vez activa una advertencia en usb_submit_urb(). Solucione el problema verificando que los tipos de endpoints requeridos est\u00e9n presentes tanto para los endpoints de entrada como para los de salida, teniendo en cuenta el tipo de endpoint cmd. Desafortunadamente, este parche no ha sido probado en hardware real. [1] Informe Syzbot: usb 1-1: BOGUS urb xfer, tuber\u00eda 1! = tipo 3 ADVERTENCIA: CPU: 0 PID: 8667 en drivers/usb/core/urb.c:502 usb_submit_urb+0xed2/0x18a0 drivers/usb/ core/urb.c:502 M\u00f3dulos vinculados en: CPU: 0 PID: 8667 Comm: kworker/0:4 Not tainted 5.14.0-rc4-syzkaller #0 Nombre del hardware: Google Google Compute Engine/Google Compute Engine, BIOS Google 01 /01/2011 Cola de trabajo: usb_hub_wq hub_event RIP: 0010:usb_submit_urb+0xed2/0x18a0 drivers/usb/core/urb.c:502 ... Seguimiento de llamadas: cxacru_cm+0x3c0/0x8e0 drivers/usb/atm/cxacru.c:649 cxacru_card_status+0x22/0xd0 drivers/usb/atm/cxacru.c:760 cxacru_bind+0x7ac/0x11a0 drivers/usb/atm/cxacru.c:1209 usbatm_usb_probe+0x321/0x1ae0 drivers/usb/atm/usbatm.c:1055 cxacru_usb_probe+ 0xdf/0x1e0 drivers/usb/atm/cxacru.c:1363 usb_probe_interface+0x315/0x7f0 drivers/usb/core/driver.c:396 call_driver_probe drivers/base/dd.c:517 [en l\u00ednea] Actually_probe+0x23c/0xcd0 drivers/ base/dd.c:595 __driver_probe_device+0x338/0x4d0 drivers/base/dd.c:747 driver_probe_device+0x4c/0x1a0 drivers/base/dd.c:777 __device_attach_driver+0x20b/0x2f0 drivers/base/dd.c:894 bus_for_each_drv +0x15f/0x1e0 drivers/base/bus.c:427 __device_attach+0x228/0x4a0 drivers/base/dd.c:965 bus_probe_device+0x1e4/0x290 drivers/base/bus.c:487 device_add+0xc2f/0x2180 drivers/base/ core.c:3354 usb_set_configuration+0x113a/0x1910 drivers/usb/core/message.c:2170 usb_generic_driver_probe+0xba/0x100 drivers/usb/core/generic.c:238 usb_probe_device+0xd9/0x2c0 drivers/usb/core/driver. c:293\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":5.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2.6.36\",\"versionEndExcluding\":\"4.19.317\",\"matchCriteriaId\":\"F047368E-4579-4AAA-86A2-1456F0A34F5D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.20\",\"versionEndExcluding\":\"5.4.279\",\"matchCriteriaId\":\"F4E38E58-1B9F-4DF2-AD3D-A8BEAA2959D8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.5\",\"versionEndExcluding\":\"5.10.221\",\"matchCriteriaId\":\"659E1520-6345-41AF-B893-A7C0647585A0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.11\",\"versionEndExcluding\":\"5.15.162\",\"matchCriteriaId\":\"10A39ACC-3005-40E8-875C-98A372D1FFD5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.16\",\"versionEndExcluding\":\"6.1.97\",\"matchCriteriaId\":\"748B6C4B-1F61-47F9-96CC-8899B8412D84\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.2\",\"versionEndExcluding\":\"6.6.37\",\"matchCriteriaId\":\"D72E033B-5323-4C4D-8818-36E1EBC3535F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.7\",\"versionEndExcluding\":\"6.9.8\",\"matchCriteriaId\":\"E95105F2-32E3-4C5F-9D18-7AEFD0E6275C\"}]}]}],\"references\":[{\"url\":\"https://git.kernel.org/stable/c/1aac4be1aaa5177506219f01dce5e29194e5e95a\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/23926d316d2836315cb113569f91393266eb5b47\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/2eabb655a968b862bc0c31629a09f0fbf3c80d51\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/5159a81924311c1ec786ad9fdef784ead8676a6a\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/5584c776a1af7807ca815ee6265f2c1429fc5727\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/75ddbf776dd04a09fb9e5267ead5d0c989f84506\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/ac9007520e392541a29daebaae8b9109007bc781\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/f536f09eb45e4de8d1b9accee9d992aa1846f1d4\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/1aac4be1aaa5177506219f01dce5e29194e5e95a\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/23926d316d2836315cb113569f91393266eb5b47\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/2eabb655a968b862bc0c31629a09f0fbf3c80d51\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/5159a81924311c1ec786ad9fdef784ead8676a6a\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/5584c776a1af7807ca815ee6265f2c1429fc5727\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/75ddbf776dd04a09fb9e5267ead5d0c989f84506\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/ac9007520e392541a29daebaae8b9109007bc781\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/f536f09eb45e4de8d1b9accee9d992aa1846f1d4\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.