CVE-2025-21742 (GCVE-0-2025-21742)

Vulnerability from cvelistv5 – Published: 2025-02-27 02:12 – Updated: 2026-05-11 21:05
VLAI
Title
usbnet: ipheth: use static NDP16 location in URB
Summary
In the Linux kernel, the following vulnerability has been resolved: usbnet: ipheth: use static NDP16 location in URB Original code allowed for the start of NDP16 to be anywhere within the URB based on the `wNdpIndex` value in NTH16. Only the start position of NDP16 was checked, so it was possible for even the fixed-length part of NDP16 to extend past the end of URB, leading to an out-of-bounds read. On iOS devices, the NDP16 header always directly follows NTH16. Rely on and check for this specific format. This, along with NCM-specific minimal URB length check that already exists, will ensure that the fixed-length part of NDP16 plus a set amount of DPEs fit within the URB. Note that this commit alone does not fully address the OoB read. The limit on the amount of DPEs needs to be enforced separately.
Severity
7.1 (High)
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
SSVC
Exploitation: none Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
Assigner
References
Impacted products
Vendor Product Version
Linux Linux Affected: a2d274c62e44b1995c170595db3865c6fe701226 , < 8fb062178e1ce180e2cfdc9abc83a1b9fea381ca (git)
Affected: a2d274c62e44b1995c170595db3865c6fe701226 , < cf1ac7f7cf601ac31d1580559c002b5e37b733b7 (git)
Affected: a2d274c62e44b1995c170595db3865c6fe701226 , < 2b619445dcb6dab97d8ed033fb57225aca1288c4 (git)
Affected: a2d274c62e44b1995c170595db3865c6fe701226 , < 86586dcb75cb8fd062a518aca8ee667938b91efb (git)
Create a notification for this product.
Linux Linux Affected: 6.5
Unaffected: 0 , < 6.5 (semver)
Unaffected: 6.6.78 , ≤ 6.6.* (semver)
Unaffected: 6.12.14 , ≤ 6.12.* (semver)
Unaffected: 6.13.3 , ≤ 6.13.* (semver)
Unaffected: 6.14 , ≤ * (original_commit_for_fix)
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "LOCAL",
              "availabilityImpact": "HIGH",
              "baseScore": 7.1,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "NONE",
              "privilegesRequired": "LOW",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2025-21742",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-10-01T19:31:07.424616Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-125",
                "description": "CWE-125 Out-of-bounds Read",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-10-01T19:36:41.519Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/net/usb/ipheth.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "8fb062178e1ce180e2cfdc9abc83a1b9fea381ca",
              "status": "affected",
              "version": "a2d274c62e44b1995c170595db3865c6fe701226",
              "versionType": "git"
            },
            {
              "lessThan": "cf1ac7f7cf601ac31d1580559c002b5e37b733b7",
              "status": "affected",
              "version": "a2d274c62e44b1995c170595db3865c6fe701226",
              "versionType": "git"
            },
            {
              "lessThan": "2b619445dcb6dab97d8ed033fb57225aca1288c4",
              "status": "affected",
              "version": "a2d274c62e44b1995c170595db3865c6fe701226",
              "versionType": "git"
            },
            {
              "lessThan": "86586dcb75cb8fd062a518aca8ee667938b91efb",
              "status": "affected",
              "version": "a2d274c62e44b1995c170595db3865c6fe701226",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/net/usb/ipheth.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "6.5"
            },
            {
              "lessThan": "6.5",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.78",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.12.*",
              "status": "unaffected",
              "version": "6.12.14",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.13.*",
              "status": "unaffected",
              "version": "6.13.3",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.14",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.6.78",
                  "versionStartIncluding": "6.5",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.12.14",
                  "versionStartIncluding": "6.5",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.13.3",
                  "versionStartIncluding": "6.5",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.14",
                  "versionStartIncluding": "6.5",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nusbnet: ipheth: use static NDP16 location in URB\n\nOriginal code allowed for the start of NDP16 to be anywhere within the\nURB based on the `wNdpIndex` value in NTH16. Only the start position of\nNDP16 was checked, so it was possible for even the fixed-length part\nof NDP16 to extend past the end of URB, leading to an out-of-bounds\nread.\n\nOn iOS devices, the NDP16 header always directly follows NTH16. Rely on\nand check for this specific format.\n\nThis, along with NCM-specific minimal URB length check that already\nexists, will ensure that the fixed-length part of NDP16 plus a set\namount of DPEs fit within the URB.\n\nNote that this commit alone does not fully address the OoB read.\nThe limit on the amount of DPEs needs to be enforced separately."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-05-11T21:05:32.954Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/8fb062178e1ce180e2cfdc9abc83a1b9fea381ca"
        },
        {
          "url": "https://git.kernel.org/stable/c/cf1ac7f7cf601ac31d1580559c002b5e37b733b7"
        },
        {
          "url": "https://git.kernel.org/stable/c/2b619445dcb6dab97d8ed033fb57225aca1288c4"
        },
        {
          "url": "https://git.kernel.org/stable/c/86586dcb75cb8fd062a518aca8ee667938b91efb"
        }
      ],
      "title": "usbnet: ipheth: use static NDP16 location in URB",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2025-21742",
    "datePublished": "2025-02-27T02:12:16.207Z",
    "dateReserved": "2024-12-29T08:45:45.757Z",
    "dateUpdated": "2026-05-11T21:05:32.954Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2025-21742",
      "date": "2026-06-13",
      "epss": "0.0001",
      "percentile": "0.01239"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2025-21742\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2025-02-27T03:15:14.830\",\"lastModified\":\"2025-10-01T20:18:23.010\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\nusbnet: ipheth: use static NDP16 location in URB\\n\\nOriginal code allowed for the start of NDP16 to be anywhere within the\\nURB based on the `wNdpIndex` value in NTH16. Only the start position of\\nNDP16 was checked, so it was possible for even the fixed-length part\\nof NDP16 to extend past the end of URB, leading to an out-of-bounds\\nread.\\n\\nOn iOS devices, the NDP16 header always directly follows NTH16. Rely on\\nand check for this specific format.\\n\\nThis, along with NCM-specific minimal URB length check that already\\nexists, will ensure that the fixed-length part of NDP16 plus a set\\namount of DPEs fit within the URB.\\n\\nNote that this commit alone does not fully address the OoB read.\\nThe limit on the amount of DPEs needs to be enforced separately.\"},{\"lang\":\"es\",\"value\":\"En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: usbnet: ipheth: usar ubicaci\u00f3n est\u00e1tica de NDP16 en URB El c\u00f3digo original permit\u00eda que el inicio de NDP16 estuviera en cualquier lugar dentro de URB seg\u00fan el valor `wNdpIndex` en NTH16. Solo se comprob\u00f3 la posici\u00f3n de inicio de NDP16, por lo que era posible que incluso la parte de longitud fija de NDP16 se extendiera m\u00e1s all\u00e1 del final de URB, lo que generaba una lectura fuera de los l\u00edmites. En los dispositivos iOS, el encabezado NDP16 siempre sigue directamente a NTH16. Conf\u00ede en este formato espec\u00edfico y compru\u00e9belo. Esto, junto con la comprobaci\u00f3n de longitud m\u00ednima de URB espec\u00edfica de NCM que ya existe, garantizar\u00e1 que la parte de longitud fija de NDP16 m\u00e1s una cantidad establecida de DPE quepan dentro de URB. Tenga en cuenta que esta confirmaci\u00f3n por s\u00ed sola no aborda por completo la lectura OoB. El l\u00edmite en la cantidad de DPE debe aplicarse por separado.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H\",\"baseScore\":7.1,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.2},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H\",\"baseScore\":7.1,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.2}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-125\"}]},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-125\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.5\",\"versionEndExcluding\":\"6.6.78\",\"matchCriteriaId\":\"620D4308-FEF2-4D7F-84A9-21E66BDB5A28\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.7\",\"versionEndExcluding\":\"6.12.14\",\"matchCriteriaId\":\"033BB7EE-C9A2-45EA-BAC9-87BB9D951BCD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.13\",\"versionEndExcluding\":\"6.13.3\",\"matchCriteriaId\":\"0E92CEE3-1FC3-4AFC-A513-DEDBA7414F00\"}]}]}],\"references\":[{\"url\":\"https://git.kernel.org/stable/c/2b619445dcb6dab97d8ed033fb57225aca1288c4\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/86586dcb75cb8fd062a518aca8ee667938b91efb\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/8fb062178e1ce180e2cfdc9abc83a1b9fea381ca\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/cf1ac7f7cf601ac31d1580559c002b5e37b733b7\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7.1, \"attackVector\": \"LOCAL\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"HIGH\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-21742\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-10-01T19:31:07.424616Z\"}}}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-125\", \"description\": \"CWE-125 Out-of-bounds Read\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-10-01T16:55:38.153Z\"}}], \"cna\": {\"title\": \"usbnet: ipheth: use static NDP16 location in URB\", \"affected\": [{\"repo\": \"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git\", \"vendor\": \"Linux\", \"product\": \"Linux\", \"versions\": [{\"status\": \"affected\", \"version\": \"a2d274c62e44b1995c170595db3865c6fe701226\", \"lessThan\": \"8fb062178e1ce180e2cfdc9abc83a1b9fea381ca\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"a2d274c62e44b1995c170595db3865c6fe701226\", \"lessThan\": \"cf1ac7f7cf601ac31d1580559c002b5e37b733b7\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"a2d274c62e44b1995c170595db3865c6fe701226\", \"lessThan\": \"2b619445dcb6dab97d8ed033fb57225aca1288c4\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"a2d274c62e44b1995c170595db3865c6fe701226\", \"lessThan\": \"86586dcb75cb8fd062a518aca8ee667938b91efb\", \"versionType\": \"git\"}], \"programFiles\": [\"drivers/net/usb/ipheth.c\"], \"defaultStatus\": \"unaffected\"}, {\"repo\": \"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git\", \"vendor\": \"Linux\", \"product\": \"Linux\", \"versions\": [{\"status\": \"affected\", \"version\": \"6.5\"}, {\"status\": \"unaffected\", \"version\": \"0\", \"lessThan\": \"6.5\", \"versionType\": \"semver\"}, {\"status\": \"unaffected\", \"version\": \"6.6.78\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"6.6.*\"}, {\"status\": \"unaffected\", \"version\": \"6.12.14\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"6.12.*\"}, {\"status\": \"unaffected\", \"version\": \"6.13.3\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"6.13.*\"}, {\"status\": \"unaffected\", \"version\": \"6.14\", \"versionType\": \"original_commit_for_fix\", \"lessThanOrEqual\": \"*\"}], \"programFiles\": [\"drivers/net/usb/ipheth.c\"], \"defaultStatus\": \"affected\"}], \"references\": [{\"url\": \"https://git.kernel.org/stable/c/8fb062178e1ce180e2cfdc9abc83a1b9fea381ca\"}, {\"url\": \"https://git.kernel.org/stable/c/cf1ac7f7cf601ac31d1580559c002b5e37b733b7\"}, {\"url\": \"https://git.kernel.org/stable/c/2b619445dcb6dab97d8ed033fb57225aca1288c4\"}, {\"url\": \"https://git.kernel.org/stable/c/86586dcb75cb8fd062a518aca8ee667938b91efb\"}], \"x_generator\": {\"engine\": \"bippy-1.2.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"In the Linux kernel, the following vulnerability has been resolved:\\n\\nusbnet: ipheth: use static NDP16 location in URB\\n\\nOriginal code allowed for the start of NDP16 to be anywhere within the\\nURB based on the `wNdpIndex` value in NTH16. Only the start position of\\nNDP16 was checked, so it was possible for even the fixed-length part\\nof NDP16 to extend past the end of URB, leading to an out-of-bounds\\nread.\\n\\nOn iOS devices, the NDP16 header always directly follows NTH16. Rely on\\nand check for this specific format.\\n\\nThis, along with NCM-specific minimal URB length check that already\\nexists, will ensure that the fixed-length part of NDP16 plus a set\\namount of DPEs fit within the URB.\\n\\nNote that this commit alone does not fully address the OoB read.\\nThe limit on the amount of DPEs needs to be enforced separately.\"}], \"cpeApplicability\": [{\"nodes\": [{\"negate\": false, \"cpeMatch\": [{\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"6.6.78\", \"versionStartIncluding\": \"6.5\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"6.12.14\", \"versionStartIncluding\": \"6.5\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"6.13.3\", \"versionStartIncluding\": \"6.5\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"6.14\", \"versionStartIncluding\": \"6.5\"}], \"operator\": \"OR\"}]}], \"providerMetadata\": {\"orgId\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"shortName\": \"Linux\", \"dateUpdated\": \"2026-05-11T21:05:32.954Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2025-21742\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-05-11T21:05:32.954Z\", \"dateReserved\": \"2024-12-29T08:45:45.757Z\", \"assignerOrgId\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"datePublished\": \"2025-02-27T02:12:16.207Z\", \"assignerShortName\": \"Linux\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.





Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author Source Type Date Other

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.


Detection rules are retrieved from Rulezet.