cve-2022-48855
Vulnerability from cvelistv5
Published
2024-07-16 12:25
Modified
2024-11-04 12:17
Severity ?
EPSS score ?
Summary
sctp: fix kernel-infoleak for SCTP sockets
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T15:25:01.783Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/3fc0fd724d199e061432b66a8d85b7d48fe485f7"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/41a2864cf719c17294f417726edd411643462ab8"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/2d8fa3fdf4542a2174a72d92018f488d65d848c5"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/bbf59d7ae558940cfa2b36a287fd1e88d83f89f8"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/b7e4d9ba2ddb78801488b4c623875b81fb46b545"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/1502f15b9f29c41883a6139f2923523873282a83"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/d828b0fe6631f3ae8709ac9a10c77c5836c76a08"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/633593a808980f82d251d0ca89730d8bb8b0220c"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-48855",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-10T16:25:52.411711Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-11T17:34:08.096Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"net/sctp/diag.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "3fc0fd724d19",
"status": "affected",
"version": "8f840e47f190",
"versionType": "git"
},
{
"lessThan": "41a2864cf719",
"status": "affected",
"version": "8f840e47f190",
"versionType": "git"
},
{
"lessThan": "2d8fa3fdf454",
"status": "affected",
"version": "8f840e47f190",
"versionType": "git"
},
{
"lessThan": "bbf59d7ae558",
"status": "affected",
"version": "8f840e47f190",
"versionType": "git"
},
{
"lessThan": "b7e4d9ba2ddb",
"status": "affected",
"version": "8f840e47f190",
"versionType": "git"
},
{
"lessThan": "1502f15b9f29",
"status": "affected",
"version": "8f840e47f190",
"versionType": "git"
},
{
"lessThan": "d828b0fe6631",
"status": "affected",
"version": "8f840e47f190",
"versionType": "git"
},
{
"lessThan": "633593a80898",
"status": "affected",
"version": "8f840e47f190",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"net/sctp/diag.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "4.7"
},
{
"lessThan": "4.7",
"status": "unaffected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "4.9.*",
"status": "unaffected",
"version": "4.9.307",
"versionType": "semver"
},
{
"lessThanOrEqual": "4.14.*",
"status": "unaffected",
"version": "4.14.272",
"versionType": "semver"
},
{
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"version": "4.19.235",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.185",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.106",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.29",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.16.*",
"status": "unaffected",
"version": "5.16.15",
"versionType": "semver"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "5.17",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nsctp: fix kernel-infoleak for SCTP sockets\n\nsyzbot reported a kernel infoleak [1] of 4 bytes.\n\nAfter analysis, it turned out r-\u003eidiag_expires is not initialized\nif inet_sctp_diag_fill() calls inet_diag_msg_common_fill()\n\nMake sure to clear idiag_timer/idiag_retrans/idiag_expires\nand let inet_diag_msg_sctpasoc_fill() fill them again if needed.\n\n[1]\n\nBUG: KMSAN: kernel-infoleak in instrument_copy_to_user include/linux/instrumented.h:121 [inline]\nBUG: KMSAN: kernel-infoleak in copyout lib/iov_iter.c:154 [inline]\nBUG: KMSAN: kernel-infoleak in _copy_to_iter+0x6ef/0x25a0 lib/iov_iter.c:668\n instrument_copy_to_user include/linux/instrumented.h:121 [inline]\n copyout lib/iov_iter.c:154 [inline]\n _copy_to_iter+0x6ef/0x25a0 lib/iov_iter.c:668\n copy_to_iter include/linux/uio.h:162 [inline]\n simple_copy_to_iter+0xf3/0x140 net/core/datagram.c:519\n __skb_datagram_iter+0x2d5/0x11b0 net/core/datagram.c:425\n skb_copy_datagram_iter+0xdc/0x270 net/core/datagram.c:533\n skb_copy_datagram_msg include/linux/skbuff.h:3696 [inline]\n netlink_recvmsg+0x669/0x1c80 net/netlink/af_netlink.c:1977\n sock_recvmsg_nosec net/socket.c:948 [inline]\n sock_recvmsg net/socket.c:966 [inline]\n __sys_recvfrom+0x795/0xa10 net/socket.c:2097\n __do_sys_recvfrom net/socket.c:2115 [inline]\n __se_sys_recvfrom net/socket.c:2111 [inline]\n __x64_sys_recvfrom+0x19d/0x210 net/socket.c:2111\n do_syscall_x64 arch/x86/entry/common.c:51 [inline]\n do_syscall_64+0x54/0xd0 arch/x86/entry/common.c:82\n entry_SYSCALL_64_after_hwframe+0x44/0xae\n\nUninit was created at:\n slab_post_alloc_hook mm/slab.h:737 [inline]\n slab_alloc_node mm/slub.c:3247 [inline]\n __kmalloc_node_track_caller+0xe0c/0x1510 mm/slub.c:4975\n kmalloc_reserve net/core/skbuff.c:354 [inline]\n __alloc_skb+0x545/0xf90 net/core/skbuff.c:426\n alloc_skb include/linux/skbuff.h:1158 [inline]\n netlink_dump+0x3e5/0x16c0 net/netlink/af_netlink.c:2248\n __netlink_dump_start+0xcf8/0xe90 net/netlink/af_netlink.c:2373\n netlink_dump_start include/linux/netlink.h:254 [inline]\n inet_diag_handler_cmd+0x2e7/0x400 net/ipv4/inet_diag.c:1341\n sock_diag_rcv_msg+0x24a/0x620\n netlink_rcv_skb+0x40c/0x7e0 net/netlink/af_netlink.c:2494\n sock_diag_rcv+0x63/0x80 net/core/sock_diag.c:277\n netlink_unicast_kernel net/netlink/af_netlink.c:1317 [inline]\n netlink_unicast+0x1093/0x1360 net/netlink/af_netlink.c:1343\n netlink_sendmsg+0x14d9/0x1720 net/netlink/af_netlink.c:1919\n sock_sendmsg_nosec net/socket.c:705 [inline]\n sock_sendmsg net/socket.c:725 [inline]\n sock_write_iter+0x594/0x690 net/socket.c:1061\n do_iter_readv_writev+0xa7f/0xc70\n do_iter_write+0x52c/0x1500 fs/read_write.c:851\n vfs_writev fs/read_write.c:924 [inline]\n do_writev+0x645/0xe00 fs/read_write.c:967\n __do_sys_writev fs/read_write.c:1040 [inline]\n __se_sys_writev fs/read_write.c:1037 [inline]\n __x64_sys_writev+0xe5/0x120 fs/read_write.c:1037\n do_syscall_x64 arch/x86/entry/common.c:51 [inline]\n do_syscall_64+0x54/0xd0 arch/x86/entry/common.c:82\n entry_SYSCALL_64_after_hwframe+0x44/0xae\n\nBytes 68-71 of 2508 are uninitialized\nMemory access of size 2508 starts at ffff888114f9b000\nData copied to user address 00007f7fe09ff2e0\n\nCPU: 1 PID: 3478 Comm: syz-executor306 Not tainted 5.17.0-rc4-syzkaller #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011"
}
],
"providerMetadata": {
"dateUpdated": "2024-11-04T12:17:54.055Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/3fc0fd724d199e061432b66a8d85b7d48fe485f7"
},
{
"url": "https://git.kernel.org/stable/c/41a2864cf719c17294f417726edd411643462ab8"
},
{
"url": "https://git.kernel.org/stable/c/2d8fa3fdf4542a2174a72d92018f488d65d848c5"
},
{
"url": "https://git.kernel.org/stable/c/bbf59d7ae558940cfa2b36a287fd1e88d83f89f8"
},
{
"url": "https://git.kernel.org/stable/c/b7e4d9ba2ddb78801488b4c623875b81fb46b545"
},
{
"url": "https://git.kernel.org/stable/c/1502f15b9f29c41883a6139f2923523873282a83"
},
{
"url": "https://git.kernel.org/stable/c/d828b0fe6631f3ae8709ac9a10c77c5836c76a08"
},
{
"url": "https://git.kernel.org/stable/c/633593a808980f82d251d0ca89730d8bb8b0220c"
}
],
"title": "sctp: fix kernel-infoleak for SCTP sockets",
"x_generator": {
"engine": "bippy-9e1c9544281a"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2022-48855",
"datePublished": "2024-07-16T12:25:21.145Z",
"dateReserved": "2024-07-16T11:38:08.918Z",
"dateUpdated": "2024-11-04T12:17:54.055Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2022-48855\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2024-07-16T13:15:12.550\",\"lastModified\":\"2024-11-21T07:34:13.223\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\nsctp: fix kernel-infoleak for SCTP sockets\\n\\nsyzbot reported a kernel infoleak [1] of 4 bytes.\\n\\nAfter analysis, it turned out r-\u003eidiag_expires is not initialized\\nif inet_sctp_diag_fill() calls inet_diag_msg_common_fill()\\n\\nMake sure to clear idiag_timer/idiag_retrans/idiag_expires\\nand let inet_diag_msg_sctpasoc_fill() fill them again if needed.\\n\\n[1]\\n\\nBUG: KMSAN: kernel-infoleak in instrument_copy_to_user include/linux/instrumented.h:121 [inline]\\nBUG: KMSAN: kernel-infoleak in copyout lib/iov_iter.c:154 [inline]\\nBUG: KMSAN: kernel-infoleak in _copy_to_iter+0x6ef/0x25a0 lib/iov_iter.c:668\\n instrument_copy_to_user include/linux/instrumented.h:121 [inline]\\n copyout lib/iov_iter.c:154 [inline]\\n _copy_to_iter+0x6ef/0x25a0 lib/iov_iter.c:668\\n copy_to_iter include/linux/uio.h:162 [inline]\\n simple_copy_to_iter+0xf3/0x140 net/core/datagram.c:519\\n __skb_datagram_iter+0x2d5/0x11b0 net/core/datagram.c:425\\n skb_copy_datagram_iter+0xdc/0x270 net/core/datagram.c:533\\n skb_copy_datagram_msg include/linux/skbuff.h:3696 [inline]\\n netlink_recvmsg+0x669/0x1c80 net/netlink/af_netlink.c:1977\\n sock_recvmsg_nosec net/socket.c:948 [inline]\\n sock_recvmsg net/socket.c:966 [inline]\\n __sys_recvfrom+0x795/0xa10 net/socket.c:2097\\n __do_sys_recvfrom net/socket.c:2115 [inline]\\n __se_sys_recvfrom net/socket.c:2111 [inline]\\n __x64_sys_recvfrom+0x19d/0x210 net/socket.c:2111\\n do_syscall_x64 arch/x86/entry/common.c:51 [inline]\\n do_syscall_64+0x54/0xd0 arch/x86/entry/common.c:82\\n entry_SYSCALL_64_after_hwframe+0x44/0xae\\n\\nUninit was created at:\\n slab_post_alloc_hook mm/slab.h:737 [inline]\\n slab_alloc_node mm/slub.c:3247 [inline]\\n __kmalloc_node_track_caller+0xe0c/0x1510 mm/slub.c:4975\\n kmalloc_reserve net/core/skbuff.c:354 [inline]\\n __alloc_skb+0x545/0xf90 net/core/skbuff.c:426\\n alloc_skb include/linux/skbuff.h:1158 [inline]\\n netlink_dump+0x3e5/0x16c0 net/netlink/af_netlink.c:2248\\n __netlink_dump_start+0xcf8/0xe90 net/netlink/af_netlink.c:2373\\n netlink_dump_start include/linux/netlink.h:254 [inline]\\n inet_diag_handler_cmd+0x2e7/0x400 net/ipv4/inet_diag.c:1341\\n sock_diag_rcv_msg+0x24a/0x620\\n netlink_rcv_skb+0x40c/0x7e0 net/netlink/af_netlink.c:2494\\n sock_diag_rcv+0x63/0x80 net/core/sock_diag.c:277\\n netlink_unicast_kernel net/netlink/af_netlink.c:1317 [inline]\\n netlink_unicast+0x1093/0x1360 net/netlink/af_netlink.c:1343\\n netlink_sendmsg+0x14d9/0x1720 net/netlink/af_netlink.c:1919\\n sock_sendmsg_nosec net/socket.c:705 [inline]\\n sock_sendmsg net/socket.c:725 [inline]\\n sock_write_iter+0x594/0x690 net/socket.c:1061\\n do_iter_readv_writev+0xa7f/0xc70\\n do_iter_write+0x52c/0x1500 fs/read_write.c:851\\n vfs_writev fs/read_write.c:924 [inline]\\n do_writev+0x645/0xe00 fs/read_write.c:967\\n __do_sys_writev fs/read_write.c:1040 [inline]\\n __se_sys_writev fs/read_write.c:1037 [inline]\\n __x64_sys_writev+0xe5/0x120 fs/read_write.c:1037\\n do_syscall_x64 arch/x86/entry/common.c:51 [inline]\\n do_syscall_64+0x54/0xd0 arch/x86/entry/common.c:82\\n entry_SYSCALL_64_after_hwframe+0x44/0xae\\n\\nBytes 68-71 of 2508 are uninitialized\\nMemory access of size 2508 starts at ffff888114f9b000\\nData copied to user address 00007f7fe09ff2e0\\n\\nCPU: 1 PID: 3478 Comm: syz-executor306 Not tainted 5.17.0-rc4-syzkaller #0\\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011\"},{\"lang\":\"es\",\"value\":\"En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: sctp: corrige la fuga de informaci\u00f3n del kernel para sockets SCTP syzbot inform\u00f3 una fuga de informaci\u00f3n del kernel [1] de 4 bytes. Despu\u00e9s del an\u00e1lisis, result\u00f3 que r-\u0026gt;idiag_expires no se inicializa si inet_sctp_diag_fill() llama a inet_diag_msg_common_fill(). Aseg\u00farese de borrar idiag_timer/idiag_retrans/idiag_expires y deje que inet_diag_msg_sctpasoc_fill() los complete nuevamente si es necesario. [1] ERROR: KMSAN: kernel-infoleak en instrument_copy_to_user include/linux/instrumented.h:121 [en l\u00ednea] ERROR: KMSAN: kernel-infoleak en copia lib/iov_iter.c:154 [en l\u00ednea] ERROR: KMSAN: kernel-infoleak en _copy_to_iter+0x6ef/0x25a0 lib/iov_iter.c:668 instrument_copy_to_user include/linux/instrumented.h:121 [en l\u00ednea] copia lib/iov_iter.c:154 [en l\u00ednea] _copy_to_iter+0x6ef/0x25a0 lib/iov_iter.c:668 copy_to_iter include/linux/uio.h:162 [en l\u00ednea] simple_copy_to_iter+0xf3/0x140 net/core/datagram.c:519 __skb_datagram_iter+0x2d5/0x11b0 net/core/datagram.c:425 skb_copy_datagram_iter+0xdc/0x270 net/core/datagram .c:533 skb_copy_datagram_msg include/linux/skbuff.h:3696 [en l\u00ednea] netlink_recvmsg+0x669/0x1c80 net/netlink/af_netlink.c:1977 sock_recvmsg_nosec net/socket.c:948 [en l\u00ednea] sock_recvmsg net/socket.c:966 [en l\u00ednea] __sys_recvfrom+0x795/0xa10 net/socket.c:2097 __do_sys_recvfrom net/socket.c:2115 [en l\u00ednea] __se_sys_recvfrom net/socket.c:2111 [en l\u00ednea] __x64_sys_recvfrom+0x19d/0x210 net/socket.c: 2111 hacer_syscall_x64 arch/x86/entry/common.c:51 [en l\u00ednea] do_syscall_64+0x54/0xd0 arch/x86/entry/common.c:82 Entry_SYSCALL_64_after_hwframe+0x44/0xae Uninit se cre\u00f3 en: slab_post_alloc_hook mm/slab.h:737 [en l\u00ednea ] slab_alloc_node mm/slub.c:3247 [en l\u00ednea] __kmalloc_node_track_caller+0xe0c/0x1510 mm/slub.c:4975 kmalloc_reserve net/core/skbuff.c:354 [en l\u00ednea] __alloc_skb+0x545/0xf90 net/core/skbuff.c: 426 alloc_skb include/linux/skbuff.h:1158 [en l\u00ednea] netlink_dump+0x3e5/0x16c0 net/netlink/af_netlink.c:2248 __netlink_dump_start+0xcf8/0xe90 net/netlink/af_netlink.c:2373 netlink_dump_start include/linux/netlink.h :254 [en l\u00ednea] inet_diag_handler_cmd+0x2e7/0x400 net/ipv4/inet_diag.c:1341 sock_diag_rcv_msg+0x24a/0x620 netlink_rcv_skb+0x40c/0x7e0 net/netlink/af_netlink.c:2494 sock_diag_rcv+0x63/ 0x80 net/core/sock_diag.c : 277 netlink_unicast_kernel net/netlink/af_netlink.c: 1317 [en l\u00ednea] netlink_unicast+0x1093/0x1360 netlink/af_netlink.c: 1343 netlink_sendmsg+0x14d9/0x1720 net/netlink/socks OCKE.C: 705 [en l\u00ednea] sock_sendmsg net/socket.c:725 [en l\u00ednea] sock_write_iter+0x594/0x690 net/socket.c:1061 do_iter_readv_writev+0xa7f/0xc70 do_iter_write+0x52c/0x1500 fs/read_write.c:851 vfs_writev fs/read_ escribir.c :924 [en l\u00ednea] do_writev+0x645/0xe00 fs/read_write.c:967 __do_sys_writev fs/read_write.c:1040 [en l\u00ednea] __se_sys_writev fs/read_write.c:1037 [en l\u00ednea] __x64_sys_writev+0xe5/0x120 fs/read_write.c: 1037 do_syscall_x64 arch/x86/entry/common.c:51 [inline] do_syscall_64+0x54/0xd0 arch/x86/entry/common.c:82 Entry_SYSCALL_64_after_hwframe+0x44/0xae Los bytes 68-71 de 2508 no est\u00e1n inicializados Acceso a memoria de tama\u00f1o 2508 comienza en ffff888114f9b000 Datos copiados a la direcci\u00f3n de usuario 00007f7fe09ff2e0 CPU: 1 PID: 3478 Comm: syz-executor306 Not tainted 5.17.0-rc4-syzkaller #0 Nombre de hardware: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H\",\"baseScore\":7.1,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.2}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-401\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.7\",\"versionEndExcluding\":\"4.9.307\",\"matchCriteriaId\":\"67BCFB82-DA50-41CF-8E7E-3853D6A41F6D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.10\",\"versionEndExcluding\":\"4.14.272\",\"matchCriteriaId\":\"7F0FA2C5-4E50-48A6-9D72-7C133B60EF05\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.15\",\"versionEndExcluding\":\"4.19.235\",\"matchCriteriaId\":\"F8671D74-E8CD-4E41-A93F-3E3E88125D16\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.20\",\"versionEndExcluding\":\"5.4.185\",\"matchCriteriaId\":\"B374BFBF-C879-4A72-921F-C850CF7DFB99\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.5\",\"versionEndExcluding\":\"5.10.106\",\"matchCriteriaId\":\"6A4F38AC-99A2-48DF-B132-C9F785B309B8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.11\",\"versionEndExcluding\":\"5.15.29\",\"matchCriteriaId\":\"15DC6588-B28F-4637-9A1E-3753B34A40CF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.16\",\"versionEndExcluding\":\"5.16.15\",\"matchCriteriaId\":\"83FDEDF2-0E19-4879-91FD-171E66D1B335\"}]}]}],\"references\":[{\"url\":\"https://git.kernel.org/stable/c/1502f15b9f29c41883a6139f2923523873282a83\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/2d8fa3fdf4542a2174a72d92018f488d65d848c5\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/3fc0fd724d199e061432b66a8d85b7d48fe485f7\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/41a2864cf719c17294f417726edd411643462ab8\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/633593a808980f82d251d0ca89730d8bb8b0220c\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/b7e4d9ba2ddb78801488b4c623875b81fb46b545\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/bbf59d7ae558940cfa2b36a287fd1e88d83f89f8\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/d828b0fe6631f3ae8709ac9a10c77c5836c76a08\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/1502f15b9f29c41883a6139f2923523873282a83\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/2d8fa3fdf4542a2174a72d92018f488d65d848c5\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/3fc0fd724d199e061432b66a8d85b7d48fe485f7\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/41a2864cf719c17294f417726edd411643462ab8\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/633593a808980f82d251d0ca89730d8bb8b0220c\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/b7e4d9ba2ddb78801488b4c623875b81fb46b545\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/bbf59d7ae558940cfa2b36a287fd1e88d83f89f8\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/d828b0fe6631f3ae8709ac9a10c77c5836c76a08\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]}]}}"
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.