CVE-2024-50252
Vulnerability from cvelistv5
Published
2024-11-09 10:15
Modified
2024-12-19 09:36
Severity ?
EPSS score ?
Summary
In the Linux kernel, the following vulnerability has been resolved:
mlxsw: spectrum_ipip: Fix memory leak when changing remote IPv6 address
The device stores IPv6 addresses that are used for encapsulation in
linear memory that is managed by the driver.
Changing the remote address of an ip6gre net device never worked
properly, but since cited commit the following reproducer [1] would
result in a warning [2] and a memory leak [3]. The problem is that the
new remote address is never added by the driver to its hash table (and
therefore the device) and the old address is never removed from it.
Fix by programming the new address when the configuration of the ip6gre
net device changes and removing the old one. If the address did not
change, then the above would result in increasing the reference count of
the address and then decreasing it.
[1]
# ip link add name bla up type ip6gre local 2001:db8:1::1 remote 2001:db8:2::1 tos inherit ttl inherit
# ip link set dev bla type ip6gre remote 2001:db8:3::1
# ip link del dev bla
# devlink dev reload pci/0000:01:00.0
[2]
WARNING: CPU: 0 PID: 1682 at drivers/net/ethernet/mellanox/mlxsw/spectrum.c:3002 mlxsw_sp_ipv6_addr_put+0x140/0x1d0
Modules linked in:
CPU: 0 UID: 0 PID: 1682 Comm: ip Not tainted 6.12.0-rc3-custom-g86b5b55bc835 #151
Hardware name: Nvidia SN5600/VMOD0013, BIOS 5.13 05/31/2023
RIP: 0010:mlxsw_sp_ipv6_addr_put+0x140/0x1d0
[...]
Call Trace:
<TASK>
mlxsw_sp_router_netdevice_event+0x55f/0x1240
notifier_call_chain+0x5a/0xd0
call_netdevice_notifiers_info+0x39/0x90
unregister_netdevice_many_notify+0x63e/0x9d0
rtnl_dellink+0x16b/0x3a0
rtnetlink_rcv_msg+0x142/0x3f0
netlink_rcv_skb+0x50/0x100
netlink_unicast+0x242/0x390
netlink_sendmsg+0x1de/0x420
____sys_sendmsg+0x2bd/0x320
___sys_sendmsg+0x9a/0xe0
__sys_sendmsg+0x7a/0xd0
do_syscall_64+0x9e/0x1a0
entry_SYSCALL_64_after_hwframe+0x77/0x7f
[3]
unreferenced object 0xffff898081f597a0 (size 32):
comm "ip", pid 1626, jiffies 4294719324
hex dump (first 32 bytes):
20 01 0d b8 00 02 00 00 00 00 00 00 00 00 00 01 ...............
21 49 61 83 80 89 ff ff 00 00 00 00 01 00 00 00 !Ia.............
backtrace (crc fd9be911):
[<00000000df89c55d>] __kmalloc_cache_noprof+0x1da/0x260
[<00000000ff2a1ddb>] mlxsw_sp_ipv6_addr_kvdl_index_get+0x281/0x340
[<000000009ddd445d>] mlxsw_sp_router_netdevice_event+0x47b/0x1240
[<00000000743e7757>] notifier_call_chain+0x5a/0xd0
[<000000007c7b9e13>] call_netdevice_notifiers_info+0x39/0x90
[<000000002509645d>] register_netdevice+0x5f7/0x7a0
[<00000000c2e7d2a9>] ip6gre_newlink_common.isra.0+0x65/0x130
[<0000000087cd6d8d>] ip6gre_newlink+0x72/0x120
[<000000004df7c7cc>] rtnl_newlink+0x471/0xa20
[<0000000057ed632a>] rtnetlink_rcv_msg+0x142/0x3f0
[<0000000032e0d5b5>] netlink_rcv_skb+0x50/0x100
[<00000000908bca63>] netlink_unicast+0x242/0x390
[<00000000cdbe1c87>] netlink_sendmsg+0x1de/0x420
[<0000000011db153e>] ____sys_sendmsg+0x2bd/0x320
[<000000003b6d53eb>] ___sys_sendmsg+0x9a/0xe0
[<00000000cae27c62>] __sys_sendmsg+0x7a/0xd0
References
Impacted products
{ "containers": { "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Linux", "programFiles": [ "drivers/net/ethernet/mellanox/mlxsw/spectrum_ipip.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "lessThan": "d8f298eb6659eb6a38e26b79e77de4449dc6e61b", "status": "affected", "version": "cf42911523e02026cb56d329e584ae5923e94ba1", "versionType": "git" }, { "lessThan": "31384aa2ad05c29c7745000f321154f42de24d1a", "status": "affected", "version": "cf42911523e02026cb56d329e584ae5923e94ba1", "versionType": "git" }, { "lessThan": "c1bbdbe07f0bc3bc9f87efe4672d67208c6d6942", "status": "affected", "version": "cf42911523e02026cb56d329e584ae5923e94ba1", "versionType": "git" }, { "lessThan": "12ae97c531fcd3bfd774d4dfeaeac23eafe24280", "status": "affected", "version": "cf42911523e02026cb56d329e584ae5923e94ba1", "versionType": "git" } ] }, { "defaultStatus": "affected", "product": "Linux", "programFiles": [ "drivers/net/ethernet/mellanox/mlxsw/spectrum_ipip.c" ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "versions": [ { "status": "affected", "version": "5.17" }, { "lessThan": "5.17", "status": "unaffected", "version": "0", "versionType": "semver" }, { "lessThanOrEqual": "6.1.*", "status": "unaffected", "version": "6.1.116", "versionType": "semver" }, { "lessThanOrEqual": "6.6.*", "status": "unaffected", "version": "6.6.60", "versionType": "semver" }, { "lessThanOrEqual": "6.11.*", "status": "unaffected", "version": "6.11.7", "versionType": "semver" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "6.12", "versionType": "original_commit_for_fix" } ] } ], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmlxsw: spectrum_ipip: Fix memory leak when changing remote IPv6 address\n\nThe device stores IPv6 addresses that are used for encapsulation in\nlinear memory that is managed by the driver.\n\nChanging the remote address of an ip6gre net device never worked\nproperly, but since cited commit the following reproducer [1] would\nresult in a warning [2] and a memory leak [3]. The problem is that the\nnew remote address is never added by the driver to its hash table (and\ntherefore the device) and the old address is never removed from it.\n\nFix by programming the new address when the configuration of the ip6gre\nnet device changes and removing the old one. If the address did not\nchange, then the above would result in increasing the reference count of\nthe address and then decreasing it.\n\n[1]\n # ip link add name bla up type ip6gre local 2001:db8:1::1 remote 2001:db8:2::1 tos inherit ttl inherit\n # ip link set dev bla type ip6gre remote 2001:db8:3::1\n # ip link del dev bla\n # devlink dev reload pci/0000:01:00.0\n\n[2]\nWARNING: CPU: 0 PID: 1682 at drivers/net/ethernet/mellanox/mlxsw/spectrum.c:3002 mlxsw_sp_ipv6_addr_put+0x140/0x1d0\nModules linked in:\nCPU: 0 UID: 0 PID: 1682 Comm: ip Not tainted 6.12.0-rc3-custom-g86b5b55bc835 #151\nHardware name: Nvidia SN5600/VMOD0013, BIOS 5.13 05/31/2023\nRIP: 0010:mlxsw_sp_ipv6_addr_put+0x140/0x1d0\n[...]\nCall Trace:\n \u003cTASK\u003e\n mlxsw_sp_router_netdevice_event+0x55f/0x1240\n notifier_call_chain+0x5a/0xd0\n call_netdevice_notifiers_info+0x39/0x90\n unregister_netdevice_many_notify+0x63e/0x9d0\n rtnl_dellink+0x16b/0x3a0\n rtnetlink_rcv_msg+0x142/0x3f0\n netlink_rcv_skb+0x50/0x100\n netlink_unicast+0x242/0x390\n netlink_sendmsg+0x1de/0x420\n ____sys_sendmsg+0x2bd/0x320\n ___sys_sendmsg+0x9a/0xe0\n __sys_sendmsg+0x7a/0xd0\n do_syscall_64+0x9e/0x1a0\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\n[3]\nunreferenced object 0xffff898081f597a0 (size 32):\n comm \"ip\", pid 1626, jiffies 4294719324\n hex dump (first 32 bytes):\n 20 01 0d b8 00 02 00 00 00 00 00 00 00 00 00 01 ...............\n 21 49 61 83 80 89 ff ff 00 00 00 00 01 00 00 00 !Ia.............\n backtrace (crc fd9be911):\n [\u003c00000000df89c55d\u003e] __kmalloc_cache_noprof+0x1da/0x260\n [\u003c00000000ff2a1ddb\u003e] mlxsw_sp_ipv6_addr_kvdl_index_get+0x281/0x340\n [\u003c000000009ddd445d\u003e] mlxsw_sp_router_netdevice_event+0x47b/0x1240\n [\u003c00000000743e7757\u003e] notifier_call_chain+0x5a/0xd0\n [\u003c000000007c7b9e13\u003e] call_netdevice_notifiers_info+0x39/0x90\n [\u003c000000002509645d\u003e] register_netdevice+0x5f7/0x7a0\n [\u003c00000000c2e7d2a9\u003e] ip6gre_newlink_common.isra.0+0x65/0x130\n [\u003c0000000087cd6d8d\u003e] ip6gre_newlink+0x72/0x120\n [\u003c000000004df7c7cc\u003e] rtnl_newlink+0x471/0xa20\n [\u003c0000000057ed632a\u003e] rtnetlink_rcv_msg+0x142/0x3f0\n [\u003c0000000032e0d5b5\u003e] netlink_rcv_skb+0x50/0x100\n [\u003c00000000908bca63\u003e] netlink_unicast+0x242/0x390\n [\u003c00000000cdbe1c87\u003e] netlink_sendmsg+0x1de/0x420\n [\u003c0000000011db153e\u003e] ____sys_sendmsg+0x2bd/0x320\n [\u003c000000003b6d53eb\u003e] ___sys_sendmsg+0x9a/0xe0\n [\u003c00000000cae27c62\u003e] __sys_sendmsg+0x7a/0xd0" } ], "providerMetadata": { "dateUpdated": "2024-12-19T09:36:35.399Z", "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux" }, "references": [ { "url": "https://git.kernel.org/stable/c/d8f298eb6659eb6a38e26b79e77de4449dc6e61b" }, { "url": "https://git.kernel.org/stable/c/31384aa2ad05c29c7745000f321154f42de24d1a" }, { "url": "https://git.kernel.org/stable/c/c1bbdbe07f0bc3bc9f87efe4672d67208c6d6942" }, { "url": "https://git.kernel.org/stable/c/12ae97c531fcd3bfd774d4dfeaeac23eafe24280" } ], "title": "mlxsw: spectrum_ipip: Fix memory leak when changing remote IPv6 address", "x_generator": { "engine": "bippy-5f407fcff5a0" } } }, "cveMetadata": { "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "assignerShortName": "Linux", "cveId": "CVE-2024-50252", "datePublished": "2024-11-09T10:15:00.949Z", "dateReserved": "2024-10-21T19:36:19.979Z", "dateUpdated": "2024-12-19T09:36:35.399Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1", "meta": { "nvd": "{\"cve\":{\"id\":\"CVE-2024-50252\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2024-11-09T11:15:10.973\",\"lastModified\":\"2024-11-14T18:08:17.857\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\nmlxsw: spectrum_ipip: Fix memory leak when changing remote IPv6 address\\n\\nThe device stores IPv6 addresses that are used for encapsulation in\\nlinear memory that is managed by the driver.\\n\\nChanging the remote address of an ip6gre net device never worked\\nproperly, but since cited commit the following reproducer [1] would\\nresult in a warning [2] and a memory leak [3]. The problem is that the\\nnew remote address is never added by the driver to its hash table (and\\ntherefore the device) and the old address is never removed from it.\\n\\nFix by programming the new address when the configuration of the ip6gre\\nnet device changes and removing the old one. If the address did not\\nchange, then the above would result in increasing the reference count of\\nthe address and then decreasing it.\\n\\n[1]\\n # ip link add name bla up type ip6gre local 2001:db8:1::1 remote 2001:db8:2::1 tos inherit ttl inherit\\n # ip link set dev bla type ip6gre remote 2001:db8:3::1\\n # ip link del dev bla\\n # devlink dev reload pci/0000:01:00.0\\n\\n[2]\\nWARNING: CPU: 0 PID: 1682 at drivers/net/ethernet/mellanox/mlxsw/spectrum.c:3002 mlxsw_sp_ipv6_addr_put+0x140/0x1d0\\nModules linked in:\\nCPU: 0 UID: 0 PID: 1682 Comm: ip Not tainted 6.12.0-rc3-custom-g86b5b55bc835 #151\\nHardware name: Nvidia SN5600/VMOD0013, BIOS 5.13 05/31/2023\\nRIP: 0010:mlxsw_sp_ipv6_addr_put+0x140/0x1d0\\n[...]\\nCall Trace:\\n \u003cTASK\u003e\\n mlxsw_sp_router_netdevice_event+0x55f/0x1240\\n notifier_call_chain+0x5a/0xd0\\n call_netdevice_notifiers_info+0x39/0x90\\n unregister_netdevice_many_notify+0x63e/0x9d0\\n rtnl_dellink+0x16b/0x3a0\\n rtnetlink_rcv_msg+0x142/0x3f0\\n netlink_rcv_skb+0x50/0x100\\n netlink_unicast+0x242/0x390\\n netlink_sendmsg+0x1de/0x420\\n ____sys_sendmsg+0x2bd/0x320\\n ___sys_sendmsg+0x9a/0xe0\\n __sys_sendmsg+0x7a/0xd0\\n do_syscall_64+0x9e/0x1a0\\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\\n\\n[3]\\nunreferenced object 0xffff898081f597a0 (size 32):\\n comm \\\"ip\\\", pid 1626, jiffies 4294719324\\n hex dump (first 32 bytes):\\n 20 01 0d b8 00 02 00 00 00 00 00 00 00 00 00 01 ...............\\n 21 49 61 83 80 89 ff ff 00 00 00 00 01 00 00 00 !Ia.............\\n backtrace (crc fd9be911):\\n [\u003c00000000df89c55d\u003e] __kmalloc_cache_noprof+0x1da/0x260\\n [\u003c00000000ff2a1ddb\u003e] mlxsw_sp_ipv6_addr_kvdl_index_get+0x281/0x340\\n [\u003c000000009ddd445d\u003e] mlxsw_sp_router_netdevice_event+0x47b/0x1240\\n [\u003c00000000743e7757\u003e] notifier_call_chain+0x5a/0xd0\\n [\u003c000000007c7b9e13\u003e] call_netdevice_notifiers_info+0x39/0x90\\n [\u003c000000002509645d\u003e] register_netdevice+0x5f7/0x7a0\\n [\u003c00000000c2e7d2a9\u003e] ip6gre_newlink_common.isra.0+0x65/0x130\\n [\u003c0000000087cd6d8d\u003e] ip6gre_newlink+0x72/0x120\\n [\u003c000000004df7c7cc\u003e] rtnl_newlink+0x471/0xa20\\n [\u003c0000000057ed632a\u003e] rtnetlink_rcv_msg+0x142/0x3f0\\n [\u003c0000000032e0d5b5\u003e] netlink_rcv_skb+0x50/0x100\\n [\u003c00000000908bca63\u003e] netlink_unicast+0x242/0x390\\n [\u003c00000000cdbe1c87\u003e] netlink_sendmsg+0x1de/0x420\\n [\u003c0000000011db153e\u003e] ____sys_sendmsg+0x2bd/0x320\\n [\u003c000000003b6d53eb\u003e] ___sys_sendmsg+0x9a/0xe0\\n [\u003c00000000cae27c62\u003e] __sys_sendmsg+0x7a/0xd0\"},{\"lang\":\"es\",\"value\":\"En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: mlxsw: spectrum_ipip: Corrige la p\u00e9rdida de memoria al cambiar la direcci\u00f3n IPv6 remota El dispositivo almacena direcciones IPv6 que se utilizan para la encapsulaci\u00f3n en la memoria lineal que administra el controlador. Cambiar la direcci\u00f3n remota de un dispositivo ip6gre net nunca funcion\u00f3 correctamente, pero desde el commit citada, el siguiente reproductor [1] dar\u00eda como resultado una advertencia [2] y una p\u00e9rdida de memoria [3]. El problema es que el controlador nunca agrega la nueva direcci\u00f3n remota a su tabla hash (y, por lo tanto, al dispositivo) y la direcci\u00f3n anterior nunca se elimina de ella. Corrija programando la nueva direcci\u00f3n cuando cambie la configuraci\u00f3n del dispositivo ip6gre net y eliminando la anterior. Si la direcci\u00f3n no cambiara, lo anterior dar\u00eda como resultado un aumento en el recuento de referencia de la direcci\u00f3n y luego una disminuci\u00f3n. [1] # ip link add name bla up type ip6gre local 2001:db8:1::1 remote 2001:db8:2::1 tos heritage ttl heritage # ip link set dev bla type ip6gre remote 2001:db8:3::1 # ip link del dev bla # devlink dev reload pci/0000:01:00.0 [2] ADVERTENCIA: CPU: 0 PID: 1682 en drivers/net/ethernet/mellanox/mlxsw/spectrum.c:3002 mlxsw_sp_ipv6_addr_put+0x140/0x1d0 M\u00f3dulos vinculados: CPU: 0 UID: 0 PID: 1682 Comm: ip No contaminado 6.12.0-rc3-custom-g86b5b55bc835 #151 Nombre del hardware: Nvidia SN5600/VMOD0013, BIOS 5.13 31/05/2023 RIP: 0010:mlxsw_sp_ipv6_addr_put+0x140/0x1d0 [...] Seguimiento de llamadas: mlxsw_sp_router_netdevice_event+0x55f/0x1240 notifier_call_chain+0x5a/0xd0 call_netdevice_notifiers_info+0x39/0x90 unregister_netdevice_many_notify+0x63e/0x9d0 rtnl_dellink+0x16b/0x3a0 rtnetlink_rcv_msg+0x142/0x3f0 netlink_rcv_skb+0x50/0x100 netlink_unicast+0x242/0x390 netlink_sendmsg+0x1de/0x420 ____sys_sendmsg+0x2bd/0x320 ___sys_sendmsg+0x9a/0xe0 __sys_sendmsg+0x7a/0xd0 do_syscall_64+0x9e/0x1a0 entry_SYSCALL_64_after_hwframe+0x77/0x7f [3] objeto sin referencia 0xffff898081f597a0 (tama\u00f1o 32): comm \\\"ip\\\", pid 1626, jiffies 4294719324 volcado hexadecimal (primeros 32 bytes): 20 01 0d b8 00 02 00 00 00 00 00 00 00 00 00 01 ............... 21 49 61 83 80 89 y siguientes y siguientes 00 00 00 00 01 00 00 00 !Ia............. seguimiento inverso (crc fd9be911): [\u0026lt;00000000df89c55d\u0026gt;] __kmalloc_cache_noprof+0x1da/0x260 [\u0026lt;00000000ff2a1ddb\u0026gt;] mlxsw_sp_ipv6_addr_kvdl_index_get+0x281/0x340 [\u0026lt;000000009ddd445d\u0026gt;] mlxsw_sp_router_netdevice_event+0x47b/0x1240 [\u0026lt;00000000743e7757\u0026gt;] cadena_de_llamadas_de_notificador+0x5a/0xd0 [\u0026lt;000000007c7b9e13\u0026gt;] informaci\u00f3n_de_notificadores_de_dispositivo_de_red_de_llamada+0x39/0x90 [\u0026lt;000000002509645d\u0026gt;] registro_dispositivo_de_red+0x5f7/0x7a0 [\u0026lt;00000000c2e7d2a9\u0026gt;] ip6gre_newlink_common.isra.0+0x65/0x130 [\u0026lt;0000000087cd6d8d\u0026gt;] ip6gre_newlink+0x72/0x120 [\u0026lt;000000004df7c7cc\u0026gt;] rtnl_newlink+0x471/0xa20 [\u0026lt;0000000057ed632a\u0026gt;] rtnetlink_rcv_msg+0x142/0x3f0 [\u0026lt;0000000032e0d5b5\u0026gt;] netlink_rcv_skb+0x50/0x100 [\u0026lt;00000000908bca63\u0026gt;] netlink_unicast+0x242/0x390 [\u0026lt;00000000cdbe1c87\u0026gt;] netlink_sendmsg+0x1de/0x420 [\u0026lt;0000000011db153e\u0026gt;] ____sys_sendmsg+0x2bd/0x320 [\u0026lt;000000003b6d53eb\u0026gt;] ___sys_sendmsg+0x9a/0xe0 [\u0026lt;00000000cae27c62\u0026gt;] __sys_sendmsg+0x7a/0xd0\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":5.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-401\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.17\",\"versionEndExcluding\":\"6.1.116\",\"matchCriteriaId\":\"252AD171-75DB-4B57-93D9-E5FBF4064DC7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.2\",\"versionEndExcluding\":\"6.6.60\",\"matchCriteriaId\":\"75088E5E-2400-4D20-915F-7A65C55D9CCD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.7\",\"versionEndExcluding\":\"6.11.7\",\"matchCriteriaId\":\"E96F53A4-5E87-4A70-BD9A-BC327828D57F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:6.12:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"7F361E1D-580F-4A2D-A509-7615F73167A1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:6.12:rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"925478D0-3E3D-4E6F-ACD5-09F28D5DF82C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:6.12:rc3:*:*:*:*:*:*\",\"matchCriteriaId\":\"3C95E234-D335-4B6C-96BF-E2CEBD8654ED\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:6.12:rc4:*:*:*:*:*:*\",\"matchCriteriaId\":\"E0F717D8-3014-4F84-8086-0124B2111379\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:6.12:rc5:*:*:*:*:*:*\",\"matchCriteriaId\":\"24DBE6C7-2AAE-4818-AED2-E131F153D2FA\"}]}]}],\"references\":[{\"url\":\"https://git.kernel.org/stable/c/12ae97c531fcd3bfd774d4dfeaeac23eafe24280\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/31384aa2ad05c29c7745000f321154f42de24d1a\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/c1bbdbe07f0bc3bc9f87efe4672d67208c6d6942\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/d8f298eb6659eb6a38e26b79e77de4449dc6e61b\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]}]}}" } }
Loading…
Loading…
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.