CVE-2024-56581
Vulnerability from cvelistv5
Published
2024-12-27 14:23
Modified
2024-12-27 14:23
Severity ?
Summary
In the Linux kernel, the following vulnerability has been resolved: btrfs: ref-verify: fix use-after-free after invalid ref action At btrfs_ref_tree_mod() after we successfully inserted the new ref entry (local variable 'ref') into the respective block entry's rbtree (local variable 'be'), if we find an unexpected action of BTRFS_DROP_DELAYED_REF, we error out and free the ref entry without removing it from the block entry's rbtree. Then in the error path of btrfs_ref_tree_mod() we call btrfs_free_ref_cache(), which iterates over all block entries and then calls free_block_entry() for each one, and there we will trigger a use-after-free when we are called against the block entry to which we added the freed ref entry to its rbtree, since the rbtree still points to the block entry, as we didn't remove it from the rbtree before freeing it in the error path at btrfs_ref_tree_mod(). Fix this by removing the new ref entry from the rbtree before freeing it. Syzbot report this with the following stack traces: BTRFS error (device loop0 state EA): Ref action 2, root 5, ref_root 0, parent 8564736, owner 0, offset 0, num_refs 18446744073709551615 __btrfs_mod_ref+0x7dd/0xac0 fs/btrfs/extent-tree.c:2523 update_ref_for_cow+0x9cd/0x11f0 fs/btrfs/ctree.c:512 btrfs_force_cow_block+0x9f6/0x1da0 fs/btrfs/ctree.c:594 btrfs_cow_block+0x35e/0xa40 fs/btrfs/ctree.c:754 btrfs_search_slot+0xbdd/0x30d0 fs/btrfs/ctree.c:2116 btrfs_insert_empty_items+0x9c/0x1a0 fs/btrfs/ctree.c:4314 btrfs_insert_empty_item fs/btrfs/ctree.h:669 [inline] btrfs_insert_orphan_item+0x1f1/0x320 fs/btrfs/orphan.c:23 btrfs_orphan_add+0x6d/0x1a0 fs/btrfs/inode.c:3482 btrfs_unlink+0x267/0x350 fs/btrfs/inode.c:4293 vfs_unlink+0x365/0x650 fs/namei.c:4469 do_unlinkat+0x4ae/0x830 fs/namei.c:4533 __do_sys_unlinkat fs/namei.c:4576 [inline] __se_sys_unlinkat fs/namei.c:4569 [inline] __x64_sys_unlinkat+0xcc/0xf0 fs/namei.c:4569 do_syscall_x64 arch/x86/entry/common.c:52 [inline] do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x77/0x7f BTRFS error (device loop0 state EA): Ref action 1, root 5, ref_root 5, parent 0, owner 260, offset 0, num_refs 1 __btrfs_mod_ref+0x76b/0xac0 fs/btrfs/extent-tree.c:2521 update_ref_for_cow+0x96a/0x11f0 btrfs_force_cow_block+0x9f6/0x1da0 fs/btrfs/ctree.c:594 btrfs_cow_block+0x35e/0xa40 fs/btrfs/ctree.c:754 btrfs_search_slot+0xbdd/0x30d0 fs/btrfs/ctree.c:2116 btrfs_lookup_inode+0xdc/0x480 fs/btrfs/inode-item.c:411 __btrfs_update_delayed_inode+0x1e7/0xb90 fs/btrfs/delayed-inode.c:1030 btrfs_update_delayed_inode fs/btrfs/delayed-inode.c:1114 [inline] __btrfs_commit_inode_delayed_items+0x2318/0x24a0 fs/btrfs/delayed-inode.c:1137 __btrfs_run_delayed_items+0x213/0x490 fs/btrfs/delayed-inode.c:1171 btrfs_commit_transaction+0x8a8/0x3740 fs/btrfs/transaction.c:2313 prepare_to_relocate+0x3c4/0x4c0 fs/btrfs/relocation.c:3586 relocate_block_group+0x16c/0xd40 fs/btrfs/relocation.c:3611 btrfs_relocate_block_group+0x77d/0xd90 fs/btrfs/relocation.c:4081 btrfs_relocate_chunk+0x12c/0x3b0 fs/btrfs/volumes.c:3377 __btrfs_balance+0x1b0f/0x26b0 fs/btrfs/volumes.c:4161 btrfs_balance+0xbdc/0x10c0 fs/btrfs/volumes.c:4538 BTRFS error (device loop0 state EA): Ref action 2, root 5, ref_root 0, parent 8564736, owner 0, offset 0, num_refs 18446744073709551615 __btrfs_mod_ref+0x7dd/0xac0 fs/btrfs/extent-tree.c:2523 update_ref_for_cow+0x9cd/0x11f0 fs/btrfs/ctree.c:512 btrfs_force_cow_block+0x9f6/0x1da0 fs/btrfs/ctree.c:594 btrfs_cow_block+0x35e/0xa40 fs/btrfs/ctree.c:754 btrfs_search_slot+0xbdd/0x30d0 fs/btrfs/ctree.c:2116 btrfs_lookup_inode+0xdc/0x480 fs/btrfs/inode-item.c:411 __btrfs_update_delayed_inode+0x1e7/0xb90 fs/btrfs/delayed-inode.c:1030 btrfs_update_delayed_i ---truncated---
References
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/4275ac2741941c9c7c2293619fdbacb9f70ba85b
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/6370db28af9a8ae3bbdfe97f8a48f8f995e144cf
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/6fd018aa168e472ce35be32296d109db6adb87ea
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/7c4e39f9d2af4abaf82ca0e315d1fd340456620f
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/a6f9e7a0bf1185c9070c0de03bb85eafb9abd650
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/d2b85ce0561fde894e28fa01bd5d32820d585006
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/dfb9fe7de61f34cc241ab3900bdde93341096e0e
Impacted products
Vendor Product Version
Linux Linux Version: 4.15
Show details on NVD website

To clipboard 

{
  "containers": {
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "fs/btrfs/ref-verify.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "dfb9fe7de61f34cc241ab3900bdde93341096e0e",
              "status": "affected",
              "version": "fd708b81d972a0714b02a60eb4792fdbf15868c4",
              "versionType": "git"
            },
            {
              "lessThan": "6fd018aa168e472ce35be32296d109db6adb87ea",
              "status": "affected",
              "version": "fd708b81d972a0714b02a60eb4792fdbf15868c4",
              "versionType": "git"
            },
            {
              "lessThan": "d2b85ce0561fde894e28fa01bd5d32820d585006",
              "status": "affected",
              "version": "fd708b81d972a0714b02a60eb4792fdbf15868c4",
              "versionType": "git"
            },
            {
              "lessThan": "6370db28af9a8ae3bbdfe97f8a48f8f995e144cf",
              "status": "affected",
              "version": "fd708b81d972a0714b02a60eb4792fdbf15868c4",
              "versionType": "git"
            },
            {
              "lessThan": "4275ac2741941c9c7c2293619fdbacb9f70ba85b",
              "status": "affected",
              "version": "fd708b81d972a0714b02a60eb4792fdbf15868c4",
              "versionType": "git"
            },
            {
              "lessThan": "a6f9e7a0bf1185c9070c0de03bb85eafb9abd650",
              "status": "affected",
              "version": "fd708b81d972a0714b02a60eb4792fdbf15868c4",
              "versionType": "git"
            },
            {
              "lessThan": "7c4e39f9d2af4abaf82ca0e315d1fd340456620f",
              "status": "affected",
              "version": "fd708b81d972a0714b02a60eb4792fdbf15868c4",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "fs/btrfs/ref-verify.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "4.15"
            },
            {
              "lessThan": "4.15",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.287",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.231",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.174",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.120",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.64",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.12.*",
              "status": "unaffected",
              "version": "6.12.4",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.13-rc2",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: ref-verify: fix use-after-free after invalid ref action\n\nAt btrfs_ref_tree_mod() after we successfully inserted the new ref entry\n(local variable \u0027ref\u0027) into the respective block entry\u0027s rbtree (local\nvariable \u0027be\u0027), if we find an unexpected action of BTRFS_DROP_DELAYED_REF,\nwe error out and free the ref entry without removing it from the block\nentry\u0027s rbtree. Then in the error path of btrfs_ref_tree_mod() we call\nbtrfs_free_ref_cache(), which iterates over all block entries and then\ncalls free_block_entry() for each one, and there we will trigger a\nuse-after-free when we are called against the block entry to which we\nadded the freed ref entry to its rbtree, since the rbtree still points\nto the block entry, as we didn\u0027t remove it from the rbtree before freeing\nit in the error path at btrfs_ref_tree_mod(). Fix this by removing the\nnew ref entry from the rbtree before freeing it.\n\nSyzbot report this with the following stack traces:\n\n   BTRFS error (device loop0 state EA):   Ref action 2, root 5, ref_root 0, parent 8564736, owner 0, offset 0, num_refs 18446744073709551615\n      __btrfs_mod_ref+0x7dd/0xac0 fs/btrfs/extent-tree.c:2523\n      update_ref_for_cow+0x9cd/0x11f0 fs/btrfs/ctree.c:512\n      btrfs_force_cow_block+0x9f6/0x1da0 fs/btrfs/ctree.c:594\n      btrfs_cow_block+0x35e/0xa40 fs/btrfs/ctree.c:754\n      btrfs_search_slot+0xbdd/0x30d0 fs/btrfs/ctree.c:2116\n      btrfs_insert_empty_items+0x9c/0x1a0 fs/btrfs/ctree.c:4314\n      btrfs_insert_empty_item fs/btrfs/ctree.h:669 [inline]\n      btrfs_insert_orphan_item+0x1f1/0x320 fs/btrfs/orphan.c:23\n      btrfs_orphan_add+0x6d/0x1a0 fs/btrfs/inode.c:3482\n      btrfs_unlink+0x267/0x350 fs/btrfs/inode.c:4293\n      vfs_unlink+0x365/0x650 fs/namei.c:4469\n      do_unlinkat+0x4ae/0x830 fs/namei.c:4533\n      __do_sys_unlinkat fs/namei.c:4576 [inline]\n      __se_sys_unlinkat fs/namei.c:4569 [inline]\n      __x64_sys_unlinkat+0xcc/0xf0 fs/namei.c:4569\n      do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n      do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n      entry_SYSCALL_64_after_hwframe+0x77/0x7f\n   BTRFS error (device loop0 state EA):   Ref action 1, root 5, ref_root 5, parent 0, owner 260, offset 0, num_refs 1\n      __btrfs_mod_ref+0x76b/0xac0 fs/btrfs/extent-tree.c:2521\n      update_ref_for_cow+0x96a/0x11f0\n      btrfs_force_cow_block+0x9f6/0x1da0 fs/btrfs/ctree.c:594\n      btrfs_cow_block+0x35e/0xa40 fs/btrfs/ctree.c:754\n      btrfs_search_slot+0xbdd/0x30d0 fs/btrfs/ctree.c:2116\n      btrfs_lookup_inode+0xdc/0x480 fs/btrfs/inode-item.c:411\n      __btrfs_update_delayed_inode+0x1e7/0xb90 fs/btrfs/delayed-inode.c:1030\n      btrfs_update_delayed_inode fs/btrfs/delayed-inode.c:1114 [inline]\n      __btrfs_commit_inode_delayed_items+0x2318/0x24a0 fs/btrfs/delayed-inode.c:1137\n      __btrfs_run_delayed_items+0x213/0x490 fs/btrfs/delayed-inode.c:1171\n      btrfs_commit_transaction+0x8a8/0x3740 fs/btrfs/transaction.c:2313\n      prepare_to_relocate+0x3c4/0x4c0 fs/btrfs/relocation.c:3586\n      relocate_block_group+0x16c/0xd40 fs/btrfs/relocation.c:3611\n      btrfs_relocate_block_group+0x77d/0xd90 fs/btrfs/relocation.c:4081\n      btrfs_relocate_chunk+0x12c/0x3b0 fs/btrfs/volumes.c:3377\n      __btrfs_balance+0x1b0f/0x26b0 fs/btrfs/volumes.c:4161\n      btrfs_balance+0xbdc/0x10c0 fs/btrfs/volumes.c:4538\n   BTRFS error (device loop0 state EA):   Ref action 2, root 5, ref_root 0, parent 8564736, owner 0, offset 0, num_refs 18446744073709551615\n      __btrfs_mod_ref+0x7dd/0xac0 fs/btrfs/extent-tree.c:2523\n      update_ref_for_cow+0x9cd/0x11f0 fs/btrfs/ctree.c:512\n      btrfs_force_cow_block+0x9f6/0x1da0 fs/btrfs/ctree.c:594\n      btrfs_cow_block+0x35e/0xa40 fs/btrfs/ctree.c:754\n      btrfs_search_slot+0xbdd/0x30d0 fs/btrfs/ctree.c:2116\n      btrfs_lookup_inode+0xdc/0x480 fs/btrfs/inode-item.c:411\n      __btrfs_update_delayed_inode+0x1e7/0xb90 fs/btrfs/delayed-inode.c:1030\n      btrfs_update_delayed_i\n---truncated---"
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-12-27T14:23:23.193Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/dfb9fe7de61f34cc241ab3900bdde93341096e0e"
        },
        {
          "url": "https://git.kernel.org/stable/c/6fd018aa168e472ce35be32296d109db6adb87ea"
        },
        {
          "url": "https://git.kernel.org/stable/c/d2b85ce0561fde894e28fa01bd5d32820d585006"
        },
        {
          "url": "https://git.kernel.org/stable/c/6370db28af9a8ae3bbdfe97f8a48f8f995e144cf"
        },
        {
          "url": "https://git.kernel.org/stable/c/4275ac2741941c9c7c2293619fdbacb9f70ba85b"
        },
        {
          "url": "https://git.kernel.org/stable/c/a6f9e7a0bf1185c9070c0de03bb85eafb9abd650"
        },
        {
          "url": "https://git.kernel.org/stable/c/7c4e39f9d2af4abaf82ca0e315d1fd340456620f"
        }
      ],
      "title": "btrfs: ref-verify: fix use-after-free after invalid ref action",
      "x_generator": {
        "engine": "bippy-5f407fcff5a0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2024-56581",
    "datePublished": "2024-12-27T14:23:23.193Z",
    "dateReserved": "2024-12-27T14:03:06.000Z",
    "dateUpdated": "2024-12-27T14:23:23.193Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2024-56581\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2024-12-27T15:15:17.207\",\"lastModified\":\"2024-12-27T15:15:17.207\",\"vulnStatus\":\"Received\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\nbtrfs: ref-verify: fix use-after-free after invalid ref action\\n\\nAt btrfs_ref_tree_mod() after we successfully inserted the new ref entry\\n(local variable \u0027ref\u0027) into the respective block entry\u0027s rbtree (local\\nvariable \u0027be\u0027), if we find an unexpected action of BTRFS_DROP_DELAYED_REF,\\nwe error out and free the ref entry without removing it from the block\\nentry\u0027s rbtree. Then in the error path of btrfs_ref_tree_mod() we call\\nbtrfs_free_ref_cache(), which iterates over all block entries and then\\ncalls free_block_entry() for each one, and there we will trigger a\\nuse-after-free when we are called against the block entry to which we\\nadded the freed ref entry to its rbtree, since the rbtree still points\\nto the block entry, as we didn\u0027t remove it from the rbtree before freeing\\nit in the error path at btrfs_ref_tree_mod(). Fix this by removing the\\nnew ref entry from the rbtree before freeing it.\\n\\nSyzbot report this with the following stack traces:\\n\\n   BTRFS error (device loop0 state EA):   Ref action 2, root 5, ref_root 0, parent 8564736, owner 0, offset 0, num_refs 18446744073709551615\\n      __btrfs_mod_ref+0x7dd/0xac0 fs/btrfs/extent-tree.c:2523\\n      update_ref_for_cow+0x9cd/0x11f0 fs/btrfs/ctree.c:512\\n      btrfs_force_cow_block+0x9f6/0x1da0 fs/btrfs/ctree.c:594\\n      btrfs_cow_block+0x35e/0xa40 fs/btrfs/ctree.c:754\\n      btrfs_search_slot+0xbdd/0x30d0 fs/btrfs/ctree.c:2116\\n      btrfs_insert_empty_items+0x9c/0x1a0 fs/btrfs/ctree.c:4314\\n      btrfs_insert_empty_item fs/btrfs/ctree.h:669 [inline]\\n      btrfs_insert_orphan_item+0x1f1/0x320 fs/btrfs/orphan.c:23\\n      btrfs_orphan_add+0x6d/0x1a0 fs/btrfs/inode.c:3482\\n      btrfs_unlink+0x267/0x350 fs/btrfs/inode.c:4293\\n      vfs_unlink+0x365/0x650 fs/namei.c:4469\\n      do_unlinkat+0x4ae/0x830 fs/namei.c:4533\\n      __do_sys_unlinkat fs/namei.c:4576 [inline]\\n      __se_sys_unlinkat fs/namei.c:4569 [inline]\\n      __x64_sys_unlinkat+0xcc/0xf0 fs/namei.c:4569\\n      do_syscall_x64 arch/x86/entry/common.c:52 [inline]\\n      do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\\n      entry_SYSCALL_64_after_hwframe+0x77/0x7f\\n   BTRFS error (device loop0 state EA):   Ref action 1, root 5, ref_root 5, parent 0, owner 260, offset 0, num_refs 1\\n      __btrfs_mod_ref+0x76b/0xac0 fs/btrfs/extent-tree.c:2521\\n      update_ref_for_cow+0x96a/0x11f0\\n      btrfs_force_cow_block+0x9f6/0x1da0 fs/btrfs/ctree.c:594\\n      btrfs_cow_block+0x35e/0xa40 fs/btrfs/ctree.c:754\\n      btrfs_search_slot+0xbdd/0x30d0 fs/btrfs/ctree.c:2116\\n      btrfs_lookup_inode+0xdc/0x480 fs/btrfs/inode-item.c:411\\n      __btrfs_update_delayed_inode+0x1e7/0xb90 fs/btrfs/delayed-inode.c:1030\\n      btrfs_update_delayed_inode fs/btrfs/delayed-inode.c:1114 [inline]\\n      __btrfs_commit_inode_delayed_items+0x2318/0x24a0 fs/btrfs/delayed-inode.c:1137\\n      __btrfs_run_delayed_items+0x213/0x490 fs/btrfs/delayed-inode.c:1171\\n      btrfs_commit_transaction+0x8a8/0x3740 fs/btrfs/transaction.c:2313\\n      prepare_to_relocate+0x3c4/0x4c0 fs/btrfs/relocation.c:3586\\n      relocate_block_group+0x16c/0xd40 fs/btrfs/relocation.c:3611\\n      btrfs_relocate_block_group+0x77d/0xd90 fs/btrfs/relocation.c:4081\\n      btrfs_relocate_chunk+0x12c/0x3b0 fs/btrfs/volumes.c:3377\\n      __btrfs_balance+0x1b0f/0x26b0 fs/btrfs/volumes.c:4161\\n      btrfs_balance+0xbdc/0x10c0 fs/btrfs/volumes.c:4538\\n   BTRFS error (device loop0 state EA):   Ref action 2, root 5, ref_root 0, parent 8564736, owner 0, offset 0, num_refs 18446744073709551615\\n      __btrfs_mod_ref+0x7dd/0xac0 fs/btrfs/extent-tree.c:2523\\n      update_ref_for_cow+0x9cd/0x11f0 fs/btrfs/ctree.c:512\\n      btrfs_force_cow_block+0x9f6/0x1da0 fs/btrfs/ctree.c:594\\n      btrfs_cow_block+0x35e/0xa40 fs/btrfs/ctree.c:754\\n      btrfs_search_slot+0xbdd/0x30d0 fs/btrfs/ctree.c:2116\\n      btrfs_lookup_inode+0xdc/0x480 fs/btrfs/inode-item.c:411\\n      __btrfs_update_delayed_inode+0x1e7/0xb90 fs/btrfs/delayed-inode.c:1030\\n      btrfs_update_delayed_i\\n---truncated---\"}],\"metrics\":{},\"references\":[{\"url\":\"https://git.kernel.org/stable/c/4275ac2741941c9c7c2293619fdbacb9f70ba85b\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/6370db28af9a8ae3bbdfe97f8a48f8f995e144cf\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/6fd018aa168e472ce35be32296d109db6adb87ea\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/7c4e39f9d2af4abaf82ca0e315d1fd340456620f\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/a6f9e7a0bf1185c9070c0de03bb85eafb9abd650\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/d2b85ce0561fde894e28fa01bd5d32820d585006\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/dfb9fe7de61f34cc241ab3900bdde93341096e0e\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.