CVE-2024-53170 (GCVE-0-2024-53170)
Vulnerability from cvelistv5
Published
2024-12-27 13:49
Modified
2025-05-04 09:54
Severity ?
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
In the Linux kernel, the following vulnerability has been resolved: block: fix uaf for flush rq while iterating tags blk_mq_clear_flush_rq_mapping() is not called during scsi probe, by checking blk_queue_init_done(). However, QUEUE_FLAG_INIT_DONE is cleared in del_gendisk by commit aec89dc5d421 ("block: keep q_usage_counter in atomic mode after del_gendisk"), hence for disk like scsi, following blk_mq_destroy_queue() will not clear flush rq from tags->rqs[] as well, cause following uaf that is found by our syzkaller for v6.6: ================================================================== BUG: KASAN: slab-use-after-free in blk_mq_find_and_get_req+0x16e/0x1a0 block/blk-mq-tag.c:261 Read of size 4 at addr ffff88811c969c20 by task kworker/1:2H/224909 CPU: 1 PID: 224909 Comm: kworker/1:2H Not tainted 6.6.0-ga836a5060850 #32 Workqueue: kblockd blk_mq_timeout_work Call Trace: __dump_stack lib/dump_stack.c:88 [inline] dump_stack_lvl+0x91/0xf0 lib/dump_stack.c:106 print_address_description.constprop.0+0x66/0x300 mm/kasan/report.c:364 print_report+0x3e/0x70 mm/kasan/report.c:475 kasan_report+0xb8/0xf0 mm/kasan/report.c:588 blk_mq_find_and_get_req+0x16e/0x1a0 block/blk-mq-tag.c:261 bt_iter block/blk-mq-tag.c:288 [inline] __sbitmap_for_each_set include/linux/sbitmap.h:295 [inline] sbitmap_for_each_set include/linux/sbitmap.h:316 [inline] bt_for_each+0x455/0x790 block/blk-mq-tag.c:325 blk_mq_queue_tag_busy_iter+0x320/0x740 block/blk-mq-tag.c:534 blk_mq_timeout_work+0x1a3/0x7b0 block/blk-mq.c:1673 process_one_work+0x7c4/0x1450 kernel/workqueue.c:2631 process_scheduled_works kernel/workqueue.c:2704 [inline] worker_thread+0x804/0xe40 kernel/workqueue.c:2785 kthread+0x346/0x450 kernel/kthread.c:388 ret_from_fork+0x4d/0x80 arch/x86/kernel/process.c:147 ret_from_fork_asm+0x1b/0x30 arch/x86/entry/entry_64.S:293 Allocated by task 942: kasan_save_stack+0x22/0x50 mm/kasan/common.c:45 kasan_set_track+0x25/0x30 mm/kasan/common.c:52 ____kasan_kmalloc mm/kasan/common.c:374 [inline] __kasan_kmalloc mm/kasan/common.c:383 [inline] __kasan_kmalloc+0xaa/0xb0 mm/kasan/common.c:380 kasan_kmalloc include/linux/kasan.h:198 [inline] __do_kmalloc_node mm/slab_common.c:1007 [inline] __kmalloc_node+0x69/0x170 mm/slab_common.c:1014 kmalloc_node include/linux/slab.h:620 [inline] kzalloc_node include/linux/slab.h:732 [inline] blk_alloc_flush_queue+0x144/0x2f0 block/blk-flush.c:499 blk_mq_alloc_hctx+0x601/0x940 block/blk-mq.c:3788 blk_mq_alloc_and_init_hctx+0x27f/0x330 block/blk-mq.c:4261 blk_mq_realloc_hw_ctxs+0x488/0x5e0 block/blk-mq.c:4294 blk_mq_init_allocated_queue+0x188/0x860 block/blk-mq.c:4350 blk_mq_init_queue_data block/blk-mq.c:4166 [inline] blk_mq_init_queue+0x8d/0x100 block/blk-mq.c:4176 scsi_alloc_sdev+0x843/0xd50 drivers/scsi/scsi_scan.c:335 scsi_probe_and_add_lun+0x77c/0xde0 drivers/scsi/scsi_scan.c:1189 __scsi_scan_target+0x1fc/0x5a0 drivers/scsi/scsi_scan.c:1727 scsi_scan_channel drivers/scsi/scsi_scan.c:1815 [inline] scsi_scan_channel+0x14b/0x1e0 drivers/scsi/scsi_scan.c:1791 scsi_scan_host_selected+0x2fe/0x400 drivers/scsi/scsi_scan.c:1844 scsi_scan+0x3a0/0x3f0 drivers/scsi/scsi_sysfs.c:151 store_scan+0x2a/0x60 drivers/scsi/scsi_sysfs.c:191 dev_attr_store+0x5c/0x90 drivers/base/core.c:2388 sysfs_kf_write+0x11c/0x170 fs/sysfs/file.c:136 kernfs_fop_write_iter+0x3fc/0x610 fs/kernfs/file.c:338 call_write_iter include/linux/fs.h:2083 [inline] new_sync_write+0x1b4/0x2d0 fs/read_write.c:493 vfs_write+0x76c/0xb00 fs/read_write.c:586 ksys_write+0x127/0x250 fs/read_write.c:639 do_syscall_x64 arch/x86/entry/common.c:51 [inline] do_syscall_64+0x70/0x120 arch/x86/entry/common.c:81 entry_SYSCALL_64_after_hwframe+0x78/0xe2 Freed by task 244687: kasan_save_stack+0x22/0x50 mm/kasan/common.c:45 kasan_set_track+0x25/0x30 mm/kasan/common.c:52 kasan_save_free_info+0x2b/0x50 mm/kasan/generic.c:522 ____kasan_slab_free mm/kasan/common.c:236 [inline] __kasan_slab_free+0x12a/0x1b0 mm/kasan/common.c:244 kasan_slab_free include/linux/kasan.h:164 [in ---truncated---
References
Impacted products
Vendor Product Version
Linux Linux Version: 6cfeadbff3f8905f2854735ebb88e581402c16c4
Version: 6cfeadbff3f8905f2854735ebb88e581402c16c4
Version: 6cfeadbff3f8905f2854735ebb88e581402c16c4
Version: 6cfeadbff3f8905f2854735ebb88e581402c16c4
Version: 6cfeadbff3f8905f2854735ebb88e581402c16c4
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "LOCAL",
              "availabilityImpact": "HIGH",
              "baseScore": 7.8,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "LOW",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2024-53170",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-02-10T17:13:13.034523Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-416",
                "description": "CWE-416 Use After Free",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-02-10T17:21:09.528Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "block/blk-sysfs.c",
            "block/genhd.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "1921fe7d2836f8be1d321cf430d17e0d4e05301b",
              "status": "affected",
              "version": "6cfeadbff3f8905f2854735ebb88e581402c16c4",
              "versionType": "git"
            },
            {
              "lessThan": "1364a29b71c7837770f1902c49e7a6e234d72c92",
              "status": "affected",
              "version": "6cfeadbff3f8905f2854735ebb88e581402c16c4",
              "versionType": "git"
            },
            {
              "lessThan": "a0e93b9fefafe97d596f9c98701ae6c3b04b3ff6",
              "status": "affected",
              "version": "6cfeadbff3f8905f2854735ebb88e581402c16c4",
              "versionType": "git"
            },
            {
              "lessThan": "61092568f2a9acb0e6e186f03f2e0649a4e86d09",
              "status": "affected",
              "version": "6cfeadbff3f8905f2854735ebb88e581402c16c4",
              "versionType": "git"
            },
            {
              "lessThan": "3802f73bd80766d70f319658f334754164075bc3",
              "status": "affected",
              "version": "6cfeadbff3f8905f2854735ebb88e581402c16c4",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "block/blk-sysfs.c",
            "block/genhd.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.19"
            },
            {
              "lessThan": "5.19",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.127",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.74",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.11.*",
              "status": "unaffected",
              "version": "6.11.11",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.12.*",
              "status": "unaffected",
              "version": "6.12.2",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.13",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.1.127",
                  "versionStartIncluding": "5.19",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.6.74",
                  "versionStartIncluding": "5.19",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.11.11",
                  "versionStartIncluding": "5.19",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.12.2",
                  "versionStartIncluding": "5.19",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.13",
                  "versionStartIncluding": "5.19",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nblock: fix uaf for flush rq while iterating tags\n\nblk_mq_clear_flush_rq_mapping() is not called during scsi probe, by\nchecking blk_queue_init_done(). However, QUEUE_FLAG_INIT_DONE is cleared\nin del_gendisk by commit aec89dc5d421 (\"block: keep q_usage_counter in\natomic mode after del_gendisk\"), hence for disk like scsi, following\nblk_mq_destroy_queue() will not clear flush rq from tags-\u003erqs[] as well,\ncause following uaf that is found by our syzkaller for v6.6:\n\n==================================================================\nBUG: KASAN: slab-use-after-free in blk_mq_find_and_get_req+0x16e/0x1a0 block/blk-mq-tag.c:261\nRead of size 4 at addr ffff88811c969c20 by task kworker/1:2H/224909\n\nCPU: 1 PID: 224909 Comm: kworker/1:2H Not tainted 6.6.0-ga836a5060850 #32\nWorkqueue: kblockd blk_mq_timeout_work\nCall Trace:\n\n__dump_stack lib/dump_stack.c:88 [inline]\ndump_stack_lvl+0x91/0xf0 lib/dump_stack.c:106\nprint_address_description.constprop.0+0x66/0x300 mm/kasan/report.c:364\nprint_report+0x3e/0x70 mm/kasan/report.c:475\nkasan_report+0xb8/0xf0 mm/kasan/report.c:588\nblk_mq_find_and_get_req+0x16e/0x1a0 block/blk-mq-tag.c:261\nbt_iter block/blk-mq-tag.c:288 [inline]\n__sbitmap_for_each_set include/linux/sbitmap.h:295 [inline]\nsbitmap_for_each_set include/linux/sbitmap.h:316 [inline]\nbt_for_each+0x455/0x790 block/blk-mq-tag.c:325\nblk_mq_queue_tag_busy_iter+0x320/0x740 block/blk-mq-tag.c:534\nblk_mq_timeout_work+0x1a3/0x7b0 block/blk-mq.c:1673\nprocess_one_work+0x7c4/0x1450 kernel/workqueue.c:2631\nprocess_scheduled_works kernel/workqueue.c:2704 [inline]\nworker_thread+0x804/0xe40 kernel/workqueue.c:2785\nkthread+0x346/0x450 kernel/kthread.c:388\nret_from_fork+0x4d/0x80 arch/x86/kernel/process.c:147\nret_from_fork_asm+0x1b/0x30 arch/x86/entry/entry_64.S:293\n\nAllocated by task 942:\nkasan_save_stack+0x22/0x50 mm/kasan/common.c:45\nkasan_set_track+0x25/0x30 mm/kasan/common.c:52\n____kasan_kmalloc mm/kasan/common.c:374 [inline]\n__kasan_kmalloc mm/kasan/common.c:383 [inline]\n__kasan_kmalloc+0xaa/0xb0 mm/kasan/common.c:380\nkasan_kmalloc include/linux/kasan.h:198 [inline]\n__do_kmalloc_node mm/slab_common.c:1007 [inline]\n__kmalloc_node+0x69/0x170 mm/slab_common.c:1014\nkmalloc_node include/linux/slab.h:620 [inline]\nkzalloc_node include/linux/slab.h:732 [inline]\nblk_alloc_flush_queue+0x144/0x2f0 block/blk-flush.c:499\nblk_mq_alloc_hctx+0x601/0x940 block/blk-mq.c:3788\nblk_mq_alloc_and_init_hctx+0x27f/0x330 block/blk-mq.c:4261\nblk_mq_realloc_hw_ctxs+0x488/0x5e0 block/blk-mq.c:4294\nblk_mq_init_allocated_queue+0x188/0x860 block/blk-mq.c:4350\nblk_mq_init_queue_data block/blk-mq.c:4166 [inline]\nblk_mq_init_queue+0x8d/0x100 block/blk-mq.c:4176\nscsi_alloc_sdev+0x843/0xd50 drivers/scsi/scsi_scan.c:335\nscsi_probe_and_add_lun+0x77c/0xde0 drivers/scsi/scsi_scan.c:1189\n__scsi_scan_target+0x1fc/0x5a0 drivers/scsi/scsi_scan.c:1727\nscsi_scan_channel drivers/scsi/scsi_scan.c:1815 [inline]\nscsi_scan_channel+0x14b/0x1e0 drivers/scsi/scsi_scan.c:1791\nscsi_scan_host_selected+0x2fe/0x400 drivers/scsi/scsi_scan.c:1844\nscsi_scan+0x3a0/0x3f0 drivers/scsi/scsi_sysfs.c:151\nstore_scan+0x2a/0x60 drivers/scsi/scsi_sysfs.c:191\ndev_attr_store+0x5c/0x90 drivers/base/core.c:2388\nsysfs_kf_write+0x11c/0x170 fs/sysfs/file.c:136\nkernfs_fop_write_iter+0x3fc/0x610 fs/kernfs/file.c:338\ncall_write_iter include/linux/fs.h:2083 [inline]\nnew_sync_write+0x1b4/0x2d0 fs/read_write.c:493\nvfs_write+0x76c/0xb00 fs/read_write.c:586\nksys_write+0x127/0x250 fs/read_write.c:639\ndo_syscall_x64 arch/x86/entry/common.c:51 [inline]\ndo_syscall_64+0x70/0x120 arch/x86/entry/common.c:81\nentry_SYSCALL_64_after_hwframe+0x78/0xe2\n\nFreed by task 244687:\nkasan_save_stack+0x22/0x50 mm/kasan/common.c:45\nkasan_set_track+0x25/0x30 mm/kasan/common.c:52\nkasan_save_free_info+0x2b/0x50 mm/kasan/generic.c:522\n____kasan_slab_free mm/kasan/common.c:236 [inline]\n__kasan_slab_free+0x12a/0x1b0 mm/kasan/common.c:244\nkasan_slab_free include/linux/kasan.h:164 [in\n---truncated---"
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-05-04T09:54:49.212Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/1921fe7d2836f8be1d321cf430d17e0d4e05301b"
        },
        {
          "url": "https://git.kernel.org/stable/c/1364a29b71c7837770f1902c49e7a6e234d72c92"
        },
        {
          "url": "https://git.kernel.org/stable/c/a0e93b9fefafe97d596f9c98701ae6c3b04b3ff6"
        },
        {
          "url": "https://git.kernel.org/stable/c/61092568f2a9acb0e6e186f03f2e0649a4e86d09"
        },
        {
          "url": "https://git.kernel.org/stable/c/3802f73bd80766d70f319658f334754164075bc3"
        }
      ],
      "title": "block: fix uaf for flush rq while iterating tags",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2024-53170",
    "datePublished": "2024-12-27T13:49:15.712Z",
    "dateReserved": "2024-11-19T17:17:25.006Z",
    "dateUpdated": "2025-05-04T09:54:49.212Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2024-53170\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2024-12-27T14:15:24.183\",\"lastModified\":\"2025-02-10T18:15:27.237\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\nblock: fix uaf for flush rq while iterating tags\\n\\nblk_mq_clear_flush_rq_mapping() is not called during scsi probe, by\\nchecking blk_queue_init_done(). However, QUEUE_FLAG_INIT_DONE is cleared\\nin del_gendisk by commit aec89dc5d421 (\\\"block: keep q_usage_counter in\\natomic mode after del_gendisk\\\"), hence for disk like scsi, following\\nblk_mq_destroy_queue() will not clear flush rq from tags-\u003erqs[] as well,\\ncause following uaf that is found by our syzkaller for v6.6:\\n\\n==================================================================\\nBUG: KASAN: slab-use-after-free in blk_mq_find_and_get_req+0x16e/0x1a0 block/blk-mq-tag.c:261\\nRead of size 4 at addr ffff88811c969c20 by task kworker/1:2H/224909\\n\\nCPU: 1 PID: 224909 Comm: kworker/1:2H Not tainted 6.6.0-ga836a5060850 #32\\nWorkqueue: kblockd blk_mq_timeout_work\\nCall Trace:\\n\\n__dump_stack lib/dump_stack.c:88 [inline]\\ndump_stack_lvl+0x91/0xf0 lib/dump_stack.c:106\\nprint_address_description.constprop.0+0x66/0x300 mm/kasan/report.c:364\\nprint_report+0x3e/0x70 mm/kasan/report.c:475\\nkasan_report+0xb8/0xf0 mm/kasan/report.c:588\\nblk_mq_find_and_get_req+0x16e/0x1a0 block/blk-mq-tag.c:261\\nbt_iter block/blk-mq-tag.c:288 [inline]\\n__sbitmap_for_each_set include/linux/sbitmap.h:295 [inline]\\nsbitmap_for_each_set include/linux/sbitmap.h:316 [inline]\\nbt_for_each+0x455/0x790 block/blk-mq-tag.c:325\\nblk_mq_queue_tag_busy_iter+0x320/0x740 block/blk-mq-tag.c:534\\nblk_mq_timeout_work+0x1a3/0x7b0 block/blk-mq.c:1673\\nprocess_one_work+0x7c4/0x1450 kernel/workqueue.c:2631\\nprocess_scheduled_works kernel/workqueue.c:2704 [inline]\\nworker_thread+0x804/0xe40 kernel/workqueue.c:2785\\nkthread+0x346/0x450 kernel/kthread.c:388\\nret_from_fork+0x4d/0x80 arch/x86/kernel/process.c:147\\nret_from_fork_asm+0x1b/0x30 arch/x86/entry/entry_64.S:293\\n\\nAllocated by task 942:\\nkasan_save_stack+0x22/0x50 mm/kasan/common.c:45\\nkasan_set_track+0x25/0x30 mm/kasan/common.c:52\\n____kasan_kmalloc mm/kasan/common.c:374 [inline]\\n__kasan_kmalloc mm/kasan/common.c:383 [inline]\\n__kasan_kmalloc+0xaa/0xb0 mm/kasan/common.c:380\\nkasan_kmalloc include/linux/kasan.h:198 [inline]\\n__do_kmalloc_node mm/slab_common.c:1007 [inline]\\n__kmalloc_node+0x69/0x170 mm/slab_common.c:1014\\nkmalloc_node include/linux/slab.h:620 [inline]\\nkzalloc_node include/linux/slab.h:732 [inline]\\nblk_alloc_flush_queue+0x144/0x2f0 block/blk-flush.c:499\\nblk_mq_alloc_hctx+0x601/0x940 block/blk-mq.c:3788\\nblk_mq_alloc_and_init_hctx+0x27f/0x330 block/blk-mq.c:4261\\nblk_mq_realloc_hw_ctxs+0x488/0x5e0 block/blk-mq.c:4294\\nblk_mq_init_allocated_queue+0x188/0x860 block/blk-mq.c:4350\\nblk_mq_init_queue_data block/blk-mq.c:4166 [inline]\\nblk_mq_init_queue+0x8d/0x100 block/blk-mq.c:4176\\nscsi_alloc_sdev+0x843/0xd50 drivers/scsi/scsi_scan.c:335\\nscsi_probe_and_add_lun+0x77c/0xde0 drivers/scsi/scsi_scan.c:1189\\n__scsi_scan_target+0x1fc/0x5a0 drivers/scsi/scsi_scan.c:1727\\nscsi_scan_channel drivers/scsi/scsi_scan.c:1815 [inline]\\nscsi_scan_channel+0x14b/0x1e0 drivers/scsi/scsi_scan.c:1791\\nscsi_scan_host_selected+0x2fe/0x400 drivers/scsi/scsi_scan.c:1844\\nscsi_scan+0x3a0/0x3f0 drivers/scsi/scsi_sysfs.c:151\\nstore_scan+0x2a/0x60 drivers/scsi/scsi_sysfs.c:191\\ndev_attr_store+0x5c/0x90 drivers/base/core.c:2388\\nsysfs_kf_write+0x11c/0x170 fs/sysfs/file.c:136\\nkernfs_fop_write_iter+0x3fc/0x610 fs/kernfs/file.c:338\\ncall_write_iter include/linux/fs.h:2083 [inline]\\nnew_sync_write+0x1b4/0x2d0 fs/read_write.c:493\\nvfs_write+0x76c/0xb00 fs/read_write.c:586\\nksys_write+0x127/0x250 fs/read_write.c:639\\ndo_syscall_x64 arch/x86/entry/common.c:51 [inline]\\ndo_syscall_64+0x70/0x120 arch/x86/entry/common.c:81\\nentry_SYSCALL_64_after_hwframe+0x78/0xe2\\n\\nFreed by task 244687:\\nkasan_save_stack+0x22/0x50 mm/kasan/common.c:45\\nkasan_set_track+0x25/0x30 mm/kasan/common.c:52\\nkasan_save_free_info+0x2b/0x50 mm/kasan/generic.c:522\\n____kasan_slab_free mm/kasan/common.c:236 [inline]\\n__kasan_slab_free+0x12a/0x1b0 mm/kasan/common.c:244\\nkasan_slab_free include/linux/kasan.h:164 [in\\n---truncated---\"},{\"lang\":\"es\",\"value\":\"En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: bloque: corregir uaf para flush rq mientras se itera etiquetas blk_mq_clear_flush_rq_mapping() no se llama durante la sonda scsi, al verificar blk_queue_init_done(). Sin embargo, QUEUE_FLAG_INIT_DONE se borra en del_gendisk por el commit aec89dc5d421 (\\\"bloque: mantener q_usage_counter en modo at\u00f3mico despu\u00e9s de del_gendisk\\\"), por lo tanto, para discos como scsi, seguir blk_mq_destroy_queue() tampoco borrar\u00e1 el flush rq de tags-\u0026gt;rqs[], debido al siguiente uaf que nuestro syzkaller encuentra para v6.6: ===================================================================== ERROR: KASAN: slab-use-after-free en blk_mq_find_and_get_req+0x16e/0x1a0 block/blk-mq-tag.c:261 Lectura de tama\u00f1o 4 en la direcci\u00f3n ffff88811c969c20 por la tarea kworker/1:2H/224909 CPU: 1 PID: 224909 Comm: kworker/1:2H No contaminado 6.6.0-ga836a5060850 #32 Cola de trabajo: kblockd blk_mq_timeout_work Seguimiento de llamadas: __dump_stack lib/dump_stack.c:88 [en l\u00ednea] dump_stack_lvl+0x91/0xf0 lib/dump_stack.c:106 print_address_description.constprop.0+0x66/0x300 mm/kasan/report.c:364 print_report+0x3e/0x70 mm/kasan/report.c:475 kasan_report+0xb8/0xf0 mm/kasan/report.c:588 blk_mq_find_and_get_req+0x16e/0x1a0 bloque/blk-mq-tag.c:261 bt_iter bloque/blk-mq-tag.c:288 [en l\u00ednea] __sbitmap_for_each_set include/linux/sbitmap.h:295 [en l\u00ednea] sbitmap_for_each_set include/linux/sbitmap.h:316 [en l\u00ednea] bt_for_each+0x455/0x790 bloque/blk-mq-tag.c:325 blk_mq_queue_tag_busy_iter+0x320/0x740 bloque/blk-mq-tag.c:534 blk_mq_timeout_work+0x1a3/0x7b0 bloque/blk-mq.c:1673 proceso_uno_trabajo+0x7c4/0x1450 kernel/workqueue.c:2631 proceso_trabajos_programados kernel/workqueue.c:2704 [en l\u00ednea] subproceso_trabajador+0x804/0xe40 kernel/workqueue.c:2785 subproceso_k+0x346/0x450 kernel/kthread.c:388 ret_de_bifurcaci\u00f3n+0x4d/0x80 arch/x86/kernel/process.c:147 ret_de_bifurcaci\u00f3n_asm+0x1b/0x30 arch/x86/entry/entry_64.S:293 Asignado por la tarea 942: pila_guardada_kasan+0x22/0x50 mm/kasan/common.c:45 kasan_set_track+0x25/0x30 mm/kasan/common.c:52 ____kasan_kmalloc mm/kasan/common.c:374 [en l\u00ednea] __kasan_kmalloc mm/kasan/common.c:383 [en l\u00ednea] __kasan_kmalloc+0xaa/0xb0 mm/kasan/common.c:380 kasan_kmalloc include/linux/kasan.h:198 [en l\u00ednea] __do_kmalloc_node mm/slab_common.c:1007 [en l\u00ednea] __kmalloc_node+0x69/0x170 mm/slab_common.c:1014 kmalloc_node include/linux/slab.h:620 [en l\u00ednea] kzalloc_node include/linux/slab.h:732 [en l\u00ednea] blk_alloc_flush_queue+0x144/0x2f0 bloque/blk-flush.c:499 blk_mq_alloc_hctx+0x601/0x940 bloque/blk-mq.c:3788 blk_mq_alloc_and_init_hctx+0x27f/0x330 bloque/blk-mq.c:4261 blk_mq_realloc_hw_ctxs+0x488/0x5e0 bloque/blk-mq.c:4294 blk_mq_init_allocated_queue+0x188/0x860 bloque/blk-mq.c:4350 blk_mq_init_queue_data bloque/blk-mq.c:4166 [en l\u00ednea] blk_mq_init_queue+0x8d/0x100 block/blk-mq.c:4176 scsi_alloc_sdev+0x843/0xd50 drivers/scsi/scsi_scan.c:335 scsi_probe_and_add_lun+0x77c/0xde0 drivers/scsi/scsi_scan.c:1189 __scsi_scan_target+0x1fc/0x5a0 drivers/scsi/scsi_scan.c:1727 scsi_scan_channel drivers/scsi/scsi_scan.c:1815 [en l\u00ednea] scsi_scan_channel+0x14b/0x1e0 drivers/scsi/scsi_scan.c:1791 scsi_scan_host_selected+0x2fe/0x400 drivers/scsi/scsi_scan.c:1844 scsi_scan+0x3a0/0x3f0 drivers/scsi/scsi_sysfs.c:151 store_scan+0x2a/0x60 drivers/scsi/scsi_sysfs.c:191 dev_attr_store+0x5c/0x90 drivers/base/core.c:2388 sysfs_kf_write+0x11c/0x170 fs/sysfs/file.c:136 kernfs_fop_write_iter+0x3fc/0x610 fs/kernfs/file.c:338 call_write_iter include/linux/fs.h:2083 [en l\u00ednea] new_sync_write+0x1b4/0x2d0 fs/read_write.c:493 vfs_write+0x76c/0xb00 fs/read_write.c:586 ksys_write+0x127/0x250 fs/read_write.c:639 do_syscall_x64 arch/x86/entry/common.c:51 [en l\u00ednea] do_syscall_64+0x70/0x120 arch/x86/entry/common.c:81 entry_SYSCALL_64_after_hwframe+0x78/0xe2 Liberado por la tarea 244687: kasan_save_stack+0x22/0x50 mm/kasan/common.c:45 kasan_set_track+0x25/0x30 mm/kasan/common.c:52 kasan_save_free_info+0x2b/0x50 mm/kasan/generic.c:522 ____kasan_slab_free mm/kasan/common.c:236 --truncado---\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-416\"}]},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-416\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.19\",\"versionEndExcluding\":\"6.11.11\",\"matchCriteriaId\":\"A482F6D5-4DB0-4611-AF23-1D568CE9F2BF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.12\",\"versionEndExcluding\":\"6.12.2\",\"matchCriteriaId\":\"D8882B1B-2ABC-4838-AC1D-DBDBB5764776\"}]}]}],\"references\":[{\"url\":\"https://git.kernel.org/stable/c/1364a29b71c7837770f1902c49e7a6e234d72c92\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/1921fe7d2836f8be1d321cf430d17e0d4e05301b\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/3802f73bd80766d70f319658f334754164075bc3\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/61092568f2a9acb0e6e186f03f2e0649a4e86d09\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/a0e93b9fefafe97d596f9c98701ae6c3b04b3ff6\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7.8, \"attackVector\": \"LOCAL\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"HIGH\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-53170\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-02-10T17:13:13.034523Z\"}}}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-416\", \"description\": \"CWE-416 Use After Free\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-02-10T17:13:14.388Z\"}}], \"cna\": {\"title\": \"block: fix uaf for flush rq while iterating tags\", \"affected\": [{\"repo\": \"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git\", \"vendor\": \"Linux\", \"product\": \"Linux\", \"versions\": [{\"status\": \"affected\", \"version\": \"6cfeadbff3f8905f2854735ebb88e581402c16c4\", \"lessThan\": \"1921fe7d2836f8be1d321cf430d17e0d4e05301b\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"6cfeadbff3f8905f2854735ebb88e581402c16c4\", \"lessThan\": \"1364a29b71c7837770f1902c49e7a6e234d72c92\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"6cfeadbff3f8905f2854735ebb88e581402c16c4\", \"lessThan\": \"a0e93b9fefafe97d596f9c98701ae6c3b04b3ff6\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"6cfeadbff3f8905f2854735ebb88e581402c16c4\", \"lessThan\": \"61092568f2a9acb0e6e186f03f2e0649a4e86d09\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"6cfeadbff3f8905f2854735ebb88e581402c16c4\", \"lessThan\": \"3802f73bd80766d70f319658f334754164075bc3\", \"versionType\": \"git\"}], \"programFiles\": [\"block/blk-sysfs.c\", \"block/genhd.c\"], \"defaultStatus\": \"unaffected\"}, {\"repo\": \"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git\", \"vendor\": \"Linux\", \"product\": \"Linux\", \"versions\": [{\"status\": \"affected\", \"version\": \"5.19\"}, {\"status\": \"unaffected\", \"version\": \"0\", \"lessThan\": \"5.19\", \"versionType\": \"semver\"}, {\"status\": \"unaffected\", \"version\": \"6.1.127\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"6.1.*\"}, {\"status\": \"unaffected\", \"version\": \"6.6.74\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"6.6.*\"}, {\"status\": \"unaffected\", \"version\": \"6.11.11\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"6.11.*\"}, {\"status\": \"unaffected\", \"version\": \"6.12.2\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"6.12.*\"}, {\"status\": \"unaffected\", \"version\": \"6.13\", \"versionType\": \"original_commit_for_fix\", \"lessThanOrEqual\": \"*\"}], \"programFiles\": [\"block/blk-sysfs.c\", \"block/genhd.c\"], \"defaultStatus\": \"affected\"}], \"references\": [{\"url\": \"https://git.kernel.org/stable/c/1921fe7d2836f8be1d321cf430d17e0d4e05301b\"}, {\"url\": \"https://git.kernel.org/stable/c/1364a29b71c7837770f1902c49e7a6e234d72c92\"}, {\"url\": \"https://git.kernel.org/stable/c/a0e93b9fefafe97d596f9c98701ae6c3b04b3ff6\"}, {\"url\": \"https://git.kernel.org/stable/c/61092568f2a9acb0e6e186f03f2e0649a4e86d09\"}, {\"url\": \"https://git.kernel.org/stable/c/3802f73bd80766d70f319658f334754164075bc3\"}], \"x_generator\": {\"engine\": \"bippy-1.2.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"In the Linux kernel, the following vulnerability has been resolved:\\n\\nblock: fix uaf for flush rq while iterating tags\\n\\nblk_mq_clear_flush_rq_mapping() is not called during scsi probe, by\\nchecking blk_queue_init_done(). However, QUEUE_FLAG_INIT_DONE is cleared\\nin del_gendisk by commit aec89dc5d421 (\\\"block: keep q_usage_counter in\\natomic mode after del_gendisk\\\"), hence for disk like scsi, following\\nblk_mq_destroy_queue() will not clear flush rq from tags-\u003erqs[] as well,\\ncause following uaf that is found by our syzkaller for v6.6:\\n\\n==================================================================\\nBUG: KASAN: slab-use-after-free in blk_mq_find_and_get_req+0x16e/0x1a0 block/blk-mq-tag.c:261\\nRead of size 4 at addr ffff88811c969c20 by task kworker/1:2H/224909\\n\\nCPU: 1 PID: 224909 Comm: kworker/1:2H Not tainted 6.6.0-ga836a5060850 #32\\nWorkqueue: kblockd blk_mq_timeout_work\\nCall Trace:\\n\\n__dump_stack lib/dump_stack.c:88 [inline]\\ndump_stack_lvl+0x91/0xf0 lib/dump_stack.c:106\\nprint_address_description.constprop.0+0x66/0x300 mm/kasan/report.c:364\\nprint_report+0x3e/0x70 mm/kasan/report.c:475\\nkasan_report+0xb8/0xf0 mm/kasan/report.c:588\\nblk_mq_find_and_get_req+0x16e/0x1a0 block/blk-mq-tag.c:261\\nbt_iter block/blk-mq-tag.c:288 [inline]\\n__sbitmap_for_each_set include/linux/sbitmap.h:295 [inline]\\nsbitmap_for_each_set include/linux/sbitmap.h:316 [inline]\\nbt_for_each+0x455/0x790 block/blk-mq-tag.c:325\\nblk_mq_queue_tag_busy_iter+0x320/0x740 block/blk-mq-tag.c:534\\nblk_mq_timeout_work+0x1a3/0x7b0 block/blk-mq.c:1673\\nprocess_one_work+0x7c4/0x1450 kernel/workqueue.c:2631\\nprocess_scheduled_works kernel/workqueue.c:2704 [inline]\\nworker_thread+0x804/0xe40 kernel/workqueue.c:2785\\nkthread+0x346/0x450 kernel/kthread.c:388\\nret_from_fork+0x4d/0x80 arch/x86/kernel/process.c:147\\nret_from_fork_asm+0x1b/0x30 arch/x86/entry/entry_64.S:293\\n\\nAllocated by task 942:\\nkasan_save_stack+0x22/0x50 mm/kasan/common.c:45\\nkasan_set_track+0x25/0x30 mm/kasan/common.c:52\\n____kasan_kmalloc mm/kasan/common.c:374 [inline]\\n__kasan_kmalloc mm/kasan/common.c:383 [inline]\\n__kasan_kmalloc+0xaa/0xb0 mm/kasan/common.c:380\\nkasan_kmalloc include/linux/kasan.h:198 [inline]\\n__do_kmalloc_node mm/slab_common.c:1007 [inline]\\n__kmalloc_node+0x69/0x170 mm/slab_common.c:1014\\nkmalloc_node include/linux/slab.h:620 [inline]\\nkzalloc_node include/linux/slab.h:732 [inline]\\nblk_alloc_flush_queue+0x144/0x2f0 block/blk-flush.c:499\\nblk_mq_alloc_hctx+0x601/0x940 block/blk-mq.c:3788\\nblk_mq_alloc_and_init_hctx+0x27f/0x330 block/blk-mq.c:4261\\nblk_mq_realloc_hw_ctxs+0x488/0x5e0 block/blk-mq.c:4294\\nblk_mq_init_allocated_queue+0x188/0x860 block/blk-mq.c:4350\\nblk_mq_init_queue_data block/blk-mq.c:4166 [inline]\\nblk_mq_init_queue+0x8d/0x100 block/blk-mq.c:4176\\nscsi_alloc_sdev+0x843/0xd50 drivers/scsi/scsi_scan.c:335\\nscsi_probe_and_add_lun+0x77c/0xde0 drivers/scsi/scsi_scan.c:1189\\n__scsi_scan_target+0x1fc/0x5a0 drivers/scsi/scsi_scan.c:1727\\nscsi_scan_channel drivers/scsi/scsi_scan.c:1815 [inline]\\nscsi_scan_channel+0x14b/0x1e0 drivers/scsi/scsi_scan.c:1791\\nscsi_scan_host_selected+0x2fe/0x400 drivers/scsi/scsi_scan.c:1844\\nscsi_scan+0x3a0/0x3f0 drivers/scsi/scsi_sysfs.c:151\\nstore_scan+0x2a/0x60 drivers/scsi/scsi_sysfs.c:191\\ndev_attr_store+0x5c/0x90 drivers/base/core.c:2388\\nsysfs_kf_write+0x11c/0x170 fs/sysfs/file.c:136\\nkernfs_fop_write_iter+0x3fc/0x610 fs/kernfs/file.c:338\\ncall_write_iter include/linux/fs.h:2083 [inline]\\nnew_sync_write+0x1b4/0x2d0 fs/read_write.c:493\\nvfs_write+0x76c/0xb00 fs/read_write.c:586\\nksys_write+0x127/0x250 fs/read_write.c:639\\ndo_syscall_x64 arch/x86/entry/common.c:51 [inline]\\ndo_syscall_64+0x70/0x120 arch/x86/entry/common.c:81\\nentry_SYSCALL_64_after_hwframe+0x78/0xe2\\n\\nFreed by task 244687:\\nkasan_save_stack+0x22/0x50 mm/kasan/common.c:45\\nkasan_set_track+0x25/0x30 mm/kasan/common.c:52\\nkasan_save_free_info+0x2b/0x50 mm/kasan/generic.c:522\\n____kasan_slab_free mm/kasan/common.c:236 [inline]\\n__kasan_slab_free+0x12a/0x1b0 mm/kasan/common.c:244\\nkasan_slab_free include/linux/kasan.h:164 [in\\n---truncated---\"}], \"cpeApplicability\": [{\"nodes\": [{\"negate\": false, \"cpeMatch\": [{\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"6.1.127\", \"versionStartIncluding\": \"5.19\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"6.6.74\", \"versionStartIncluding\": \"5.19\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"6.11.11\", \"versionStartIncluding\": \"5.19\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"6.12.2\", \"versionStartIncluding\": \"5.19\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"6.13\", \"versionStartIncluding\": \"5.19\"}], \"operator\": \"OR\"}]}], \"providerMetadata\": {\"orgId\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"shortName\": \"Linux\", \"dateUpdated\": \"2025-05-04T09:54:49.212Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2024-53170\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-05-04T09:54:49.212Z\", \"dateReserved\": \"2024-11-19T17:17:25.006Z\", \"assignerOrgId\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"datePublished\": \"2024-12-27T13:49:15.712Z\", \"assignerShortName\": \"Linux\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.