CVE-2026-23035 (GCVE-0-2026-23035)

Vulnerability from cvelistv5 – Published: 2026-01-31 11:42 – Updated: 2026-05-11 21:58
VLAI
Title
net/mlx5e: Pass netdev to mlx5e_destroy_netdev instead of priv
Summary
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Pass netdev to mlx5e_destroy_netdev instead of priv mlx5e_priv is an unstable structure that can be memset(0) if profile attaching fails. Pass netdev to mlx5e_destroy_netdev() to guarantee it will work on a valid netdev. On mlx5e_remove: Check validity of priv->profile, before attempting to cleanup any resources that might be not there. This fixes a kernel oops in mlx5e_remove when switchdev mode fails due to change profile failure. $ devlink dev eswitch set pci/0000:00:03.0 mode switchdev Error: mlx5_core: Failed setting eswitch to offloads. dmesg: workqueue: Failed to create a rescuer kthread for wq "mlx5e": -EINTR mlx5_core 0012:03:00.1: mlx5e_netdev_init_profile:6214:(pid 37199): mlx5e_priv_init failed, err=-12 mlx5_core 0012:03:00.1 gpu3rdma1: mlx5e_netdev_change_profile: new profile init failed, -12 workqueue: Failed to create a rescuer kthread for wq "mlx5e": -EINTR mlx5_core 0012:03:00.1: mlx5e_netdev_init_profile:6214:(pid 37199): mlx5e_priv_init failed, err=-12 mlx5_core 0012:03:00.1 gpu3rdma1: mlx5e_netdev_change_profile: failed to rollback to orig profile, -12 $ devlink dev reload pci/0000:00:03.0 ==> oops BUG: kernel NULL pointer dereference, address: 0000000000000370 PGD 0 P4D 0 Oops: Oops: 0000 [#1] SMP NOPTI CPU: 15 UID: 0 PID: 520 Comm: devlink Not tainted 6.18.0-rc5+ #115 PREEMPT(voluntary) Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-2.fc40 04/01/2014 RIP: 0010:mlx5e_dcbnl_dscp_app+0x23/0x100 RSP: 0018:ffffc9000083f8b8 EFLAGS: 00010286 RAX: ffff8881126fc380 RBX: ffff8881015ac400 RCX: ffffffff826ffc45 RDX: 0000000000000000 RSI: 0000000000000001 RDI: ffff8881035109c0 RBP: ffff8881035109c0 R08: ffff888101e3e838 R09: ffff888100264e10 R10: ffffc9000083f898 R11: ffffc9000083f8a0 R12: ffff888101b921a0 R13: ffff888101b921a0 R14: ffff8881015ac9a0 R15: ffff8881015ac400 FS: 00007f789a3c8740(0000) GS:ffff88856aa59000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 0000000000000370 CR3: 000000010b6c0001 CR4: 0000000000370ef0 Call Trace: <TASK> mlx5e_remove+0x57/0x110 device_release_driver_internal+0x19c/0x200 bus_remove_device+0xc6/0x130 device_del+0x160/0x3d0 ? devl_param_driverinit_value_get+0x2d/0x90 mlx5_detach_device+0x89/0xe0 mlx5_unload_one_devl_locked+0x3a/0x70 mlx5_devlink_reload_down+0xc8/0x220 devlink_reload+0x7d/0x260 devlink_nl_reload_doit+0x45b/0x5a0 genl_family_rcv_msg_doit+0xe8/0x140
Severity
No CVSS data available.
Assigner
References
Impacted products
Vendor Product Version
Linux Linux Affected: c4d7eb57687f358cd498ea3624519236af8db97e , < a7625bacaa8c8c2bfcde6dd6d1397bd63ad82b02 (git)
Affected: c4d7eb57687f358cd498ea3624519236af8db97e , < 66a25f6b7c0bfd84e6d27b536f5d24116dbd52da (git)
Affected: c4d7eb57687f358cd498ea3624519236af8db97e , < 4ef8512e1427111f7ba92b4a847d181ff0aeec42 (git)
Create a notification for this product.
Linux Linux Affected: 5.12
Unaffected: 0 , < 5.12 (semver)
Unaffected: 6.12.67 , ≤ 6.12.* (semver)
Unaffected: 6.18.7 , ≤ 6.18.* (semver)
Unaffected: 6.19 , ≤ * (original_commit_for_fix)
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/net/ethernet/mellanox/mlx5/core/en.h",
            "drivers/net/ethernet/mellanox/mlx5/core/en_main.c",
            "drivers/net/ethernet/mellanox/mlx5/core/en_rep.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "a7625bacaa8c8c2bfcde6dd6d1397bd63ad82b02",
              "status": "affected",
              "version": "c4d7eb57687f358cd498ea3624519236af8db97e",
              "versionType": "git"
            },
            {
              "lessThan": "66a25f6b7c0bfd84e6d27b536f5d24116dbd52da",
              "status": "affected",
              "version": "c4d7eb57687f358cd498ea3624519236af8db97e",
              "versionType": "git"
            },
            {
              "lessThan": "4ef8512e1427111f7ba92b4a847d181ff0aeec42",
              "status": "affected",
              "version": "c4d7eb57687f358cd498ea3624519236af8db97e",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/net/ethernet/mellanox/mlx5/core/en.h",
            "drivers/net/ethernet/mellanox/mlx5/core/en_main.c",
            "drivers/net/ethernet/mellanox/mlx5/core/en_rep.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.12"
            },
            {
              "lessThan": "5.12",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.12.*",
              "status": "unaffected",
              "version": "6.12.67",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.18.*",
              "status": "unaffected",
              "version": "6.18.7",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.19",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.12.67",
                  "versionStartIncluding": "5.12",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.18.7",
                  "versionStartIncluding": "5.12",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.19",
                  "versionStartIncluding": "5.12",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5e: Pass netdev to mlx5e_destroy_netdev instead of priv\n\nmlx5e_priv is an unstable structure that can be memset(0) if profile\nattaching fails.\n\nPass netdev to mlx5e_destroy_netdev() to guarantee it will work on a\nvalid netdev.\n\nOn mlx5e_remove: Check validity of priv-\u003eprofile, before attempting\nto cleanup any resources that might be not there.\n\nThis fixes a kernel oops in mlx5e_remove when switchdev mode fails due\nto change profile failure.\n\n$ devlink dev eswitch set pci/0000:00:03.0 mode switchdev\nError: mlx5_core: Failed setting eswitch to offloads.\ndmesg:\nworkqueue: Failed to create a rescuer kthread for wq \"mlx5e\": -EINTR\nmlx5_core 0012:03:00.1: mlx5e_netdev_init_profile:6214:(pid 37199): mlx5e_priv_init failed, err=-12\nmlx5_core 0012:03:00.1 gpu3rdma1: mlx5e_netdev_change_profile: new profile init failed, -12\nworkqueue: Failed to create a rescuer kthread for wq \"mlx5e\": -EINTR\nmlx5_core 0012:03:00.1: mlx5e_netdev_init_profile:6214:(pid 37199): mlx5e_priv_init failed, err=-12\nmlx5_core 0012:03:00.1 gpu3rdma1: mlx5e_netdev_change_profile: failed to rollback to orig profile, -12\n\n$ devlink dev reload pci/0000:00:03.0 ==\u003e oops\n\nBUG: kernel NULL pointer dereference, address: 0000000000000370\nPGD 0 P4D 0\nOops: Oops: 0000 [#1] SMP NOPTI\nCPU: 15 UID: 0 PID: 520 Comm: devlink Not tainted 6.18.0-rc5+ #115 PREEMPT(voluntary)\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-2.fc40 04/01/2014\nRIP: 0010:mlx5e_dcbnl_dscp_app+0x23/0x100\nRSP: 0018:ffffc9000083f8b8 EFLAGS: 00010286\nRAX: ffff8881126fc380 RBX: ffff8881015ac400 RCX: ffffffff826ffc45\nRDX: 0000000000000000 RSI: 0000000000000001 RDI: ffff8881035109c0\nRBP: ffff8881035109c0 R08: ffff888101e3e838 R09: ffff888100264e10\nR10: ffffc9000083f898 R11: ffffc9000083f8a0 R12: ffff888101b921a0\nR13: ffff888101b921a0 R14: ffff8881015ac9a0 R15: ffff8881015ac400\nFS:  00007f789a3c8740(0000) GS:ffff88856aa59000(0000) knlGS:0000000000000000\nCS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000000000000370 CR3: 000000010b6c0001 CR4: 0000000000370ef0\nCall Trace:\n \u003cTASK\u003e\n mlx5e_remove+0x57/0x110\n device_release_driver_internal+0x19c/0x200\n bus_remove_device+0xc6/0x130\n device_del+0x160/0x3d0\n ? devl_param_driverinit_value_get+0x2d/0x90\n mlx5_detach_device+0x89/0xe0\n mlx5_unload_one_devl_locked+0x3a/0x70\n mlx5_devlink_reload_down+0xc8/0x220\n devlink_reload+0x7d/0x260\n devlink_nl_reload_doit+0x45b/0x5a0\n genl_family_rcv_msg_doit+0xe8/0x140"
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-05-11T21:58:44.558Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/a7625bacaa8c8c2bfcde6dd6d1397bd63ad82b02"
        },
        {
          "url": "https://git.kernel.org/stable/c/66a25f6b7c0bfd84e6d27b536f5d24116dbd52da"
        },
        {
          "url": "https://git.kernel.org/stable/c/4ef8512e1427111f7ba92b4a847d181ff0aeec42"
        }
      ],
      "title": "net/mlx5e: Pass netdev to mlx5e_destroy_netdev instead of priv",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2026-23035",
    "datePublished": "2026-01-31T11:42:29.960Z",
    "dateReserved": "2026-01-13T15:37:45.943Z",
    "dateUpdated": "2026-05-11T21:58:44.558Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2026-23035",
      "date": "2026-06-29",
      "epss": "0.00209",
      "percentile": "0.11032"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2026-23035\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2026-01-31T12:16:06.807\",\"lastModified\":\"2026-06-17T10:20:45.043\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\nnet/mlx5e: Pass netdev to mlx5e_destroy_netdev instead of priv\\n\\nmlx5e_priv is an unstable structure that can be memset(0) if profile\\nattaching fails.\\n\\nPass netdev to mlx5e_destroy_netdev() to guarantee it will work on a\\nvalid netdev.\\n\\nOn mlx5e_remove: Check validity of priv-\u003eprofile, before attempting\\nto cleanup any resources that might be not there.\\n\\nThis fixes a kernel oops in mlx5e_remove when switchdev mode fails due\\nto change profile failure.\\n\\n$ devlink dev eswitch set pci/0000:00:03.0 mode switchdev\\nError: mlx5_core: Failed setting eswitch to offloads.\\ndmesg:\\nworkqueue: Failed to create a rescuer kthread for wq \\\"mlx5e\\\": -EINTR\\nmlx5_core 0012:03:00.1: mlx5e_netdev_init_profile:6214:(pid 37199): mlx5e_priv_init failed, err=-12\\nmlx5_core 0012:03:00.1 gpu3rdma1: mlx5e_netdev_change_profile: new profile init failed, -12\\nworkqueue: Failed to create a rescuer kthread for wq \\\"mlx5e\\\": -EINTR\\nmlx5_core 0012:03:00.1: mlx5e_netdev_init_profile:6214:(pid 37199): mlx5e_priv_init failed, err=-12\\nmlx5_core 0012:03:00.1 gpu3rdma1: mlx5e_netdev_change_profile: failed to rollback to orig profile, -12\\n\\n$ devlink dev reload pci/0000:00:03.0 ==\u003e oops\\n\\nBUG: kernel NULL pointer dereference, address: 0000000000000370\\nPGD 0 P4D 0\\nOops: Oops: 0000 [#1] SMP NOPTI\\nCPU: 15 UID: 0 PID: 520 Comm: devlink Not tainted 6.18.0-rc5+ #115 PREEMPT(voluntary)\\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-2.fc40 04/01/2014\\nRIP: 0010:mlx5e_dcbnl_dscp_app+0x23/0x100\\nRSP: 0018:ffffc9000083f8b8 EFLAGS: 00010286\\nRAX: ffff8881126fc380 RBX: ffff8881015ac400 RCX: ffffffff826ffc45\\nRDX: 0000000000000000 RSI: 0000000000000001 RDI: ffff8881035109c0\\nRBP: ffff8881035109c0 R08: ffff888101e3e838 R09: ffff888100264e10\\nR10: ffffc9000083f898 R11: ffffc9000083f8a0 R12: ffff888101b921a0\\nR13: ffff888101b921a0 R14: ffff8881015ac9a0 R15: ffff8881015ac400\\nFS:  00007f789a3c8740(0000) GS:ffff88856aa59000(0000) knlGS:0000000000000000\\nCS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033\\nCR2: 0000000000000370 CR3: 000000010b6c0001 CR4: 0000000000370ef0\\nCall Trace:\\n \u003cTASK\u003e\\n mlx5e_remove+0x57/0x110\\n device_release_driver_internal+0x19c/0x200\\n bus_remove_device+0xc6/0x130\\n device_del+0x160/0x3d0\\n ? devl_param_driverinit_value_get+0x2d/0x90\\n mlx5_detach_device+0x89/0xe0\\n mlx5_unload_one_devl_locked+0x3a/0x70\\n mlx5_devlink_reload_down+0xc8/0x220\\n devlink_reload+0x7d/0x260\\n devlink_nl_reload_doit+0x45b/0x5a0\\n genl_family_rcv_msg_doit+0xe8/0x140\"},{\"lang\":\"es\",\"value\":\"En el kernel de Linux, la siguiente vulnerabilidad ha sido resuelta:\\n\\nnet/mlx5e: Pasar netdev a mlx5e_destroy_netdev en lugar de priv\\n\\nmlx5e_priv es una estructura inestable que puede ser memset(0) si la asociaci\u00f3n de perfil falla.\\n\\nPasar netdev a mlx5e_destroy_netdev() para garantizar que funcionar\u00e1 en un netdev v\u00e1lido.\\n\\nEn mlx5e_remove: Verificar la validez de priv-\u0026gt;profile, antes de intentar limpiar cualquier recurso que podr\u00eda no estar all\u00ed.\\n\\nEsto corrige un kernel oops en mlx5e_remove cuando el modo switchdev falla debido a un fallo en el cambio de perfil.\\n\\n$ devlink dev eswitch set pci/0000:00:03.0 mode switchdev\\nError: mlx5_core: Fall\u00f3 al establecer eswitch en offloads.\\ndmesg:\\nworkqueue: Fall\u00f3 al crear un kthread de rescate para wq \u0027mlx5e\u0027: -EINTR\\nmlx5_core 0012:03:00.1: mlx5e_netdev_init_profile:6214:(pid 37199): mlx5e_priv_init fall\u00f3, err=-12\\nmlx5_core 0012:03:00.1 gpu3rdma1: mlx5e_netdev_change_profile: la inicializaci\u00f3n del nuevo perfil fall\u00f3, -12\\nworkqueue: Fall\u00f3 al crear un kthread de rescate para wq \u0027mlx5e\u0027: -EINTR\\nmlx5_core 0012:03:00.1: mlx5e_netdev_init_profile:6214:(pid 37199): mlx5e_priv_init fall\u00f3, err=-12\\nmlx5_core 0012:03:00.1 gpu3rdma1: mlx5e_netdev_change_profile: fall\u00f3 al revertir al perfil original, -12\\n\\n$ devlink dev reload pci/0000:00:03.0 ==\u0026gt; oops\\n\\nBUG: desreferencia de puntero NULL del kernel, direcci\u00f3n: 0000000000000370\\nPGD 0 P4D 0\\nOops: Oops: 0000 [#1] SMP NOPTI\\nCPU: 15 UID: 0 PID: 520 Comm: devlink Not tainted 6.18.0-rc5+ #115 PREEMPT(voluntary)\\nNombre del hardware: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-2.fc40 04/01/2014\\nRIP: 0010:mlx5e_dcbnl_dscp_app+0x23/0x100\\nRSP: 0018:ffffc9000083f8b8 EFLAGS: 00010286\\nRAX: ffff8881126fc380 RBX: ffff8881015ac400 RCX: ffffffff826ffc45\\nRDX: 0000000000000000 RSI: 0000000000000001 RDI: ffff8881035109c0\\nRBP: ffff8881035109c0 R08: ffff888101e3e838 R09: ffff888100264e10\\nR10: ffffc9000083f898 R11: ffffc9000083f8a0 R12: ffff888101b921a0\\nR13: ffff888101b921a0 R14: ffff8881015ac9a0 R15: ffff8881015ac400\\nFS:  00007f789a3c8740(0000) GS:ffff88856aa59000(0000) knlGS:0000000000000000\\nCS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033\\nCR2: 0000000000000370 CR3: 000000010b6c0001 CR4: 0000000000370ef0\\nTraza de Llamada:\\n \\n mlx5e_remove+0x57/0x110\\n device_release_driver_internal+0x19c/0x200\\n bus_remove_device+0xc6/0x130\\n device_del+0x160/0x3d0\\n ? devl_param_driverinit_value_get+0x2d/0x90\\n mlx5_detach_device+0x89/0xe0\\n mlx5_unload_one_devl_locked+0x3a/0x70\\n mlx5_devlink_reload_down+0xc8/0x220\\n devlink_reload+0x7d/0x260\\n devlink_nl_reload_doit+0x45b/0x5a0\\n genl_family_rcv_msg_doit+0xe8/0x140\"}],\"affected\":[{\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"affectedData\":[{\"vendor\":\"Linux\",\"product\":\"Linux\",\"defaultStatus\":\"unaffected\",\"programFiles\":[\"drivers/net/ethernet/mellanox/mlx5/core/en.h\",\"drivers/net/ethernet/mellanox/mlx5/core/en_main.c\",\"drivers/net/ethernet/mellanox/mlx5/core/en_rep.c\"],\"repo\":\"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git\",\"versions\":[{\"version\":\"c4d7eb57687f358cd498ea3624519236af8db97e\",\"lessThan\":\"a7625bacaa8c8c2bfcde6dd6d1397bd63ad82b02\",\"versionType\":\"git\",\"status\":\"affected\"},{\"version\":\"c4d7eb57687f358cd498ea3624519236af8db97e\",\"lessThan\":\"66a25f6b7c0bfd84e6d27b536f5d24116dbd52da\",\"versionType\":\"git\",\"status\":\"affected\"},{\"version\":\"c4d7eb57687f358cd498ea3624519236af8db97e\",\"lessThan\":\"4ef8512e1427111f7ba92b4a847d181ff0aeec42\",\"versionType\":\"git\",\"status\":\"affected\"}]},{\"vendor\":\"Linux\",\"product\":\"Linux\",\"defaultStatus\":\"affected\",\"programFiles\":[\"drivers/net/ethernet/mellanox/mlx5/core/en.h\",\"drivers/net/ethernet/mellanox/mlx5/core/en_main.c\",\"drivers/net/ethernet/mellanox/mlx5/core/en_rep.c\"],\"repo\":\"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git\",\"versions\":[{\"version\":\"5.12\",\"status\":\"affected\"},{\"version\":\"0\",\"lessThan\":\"5.12\",\"versionType\":\"semver\",\"status\":\"unaffected\"},{\"version\":\"6.12.67\",\"lessThanOrEqual\":\"6.12.*\",\"versionType\":\"semver\",\"status\":\"unaffected\"},{\"version\":\"6.18.7\",\"lessThanOrEqual\":\"6.18.*\",\"versionType\":\"semver\",\"status\":\"unaffected\"},{\"version\":\"6.19\",\"lessThanOrEqual\":\"*\",\"versionType\":\"original_commit_for_fix\",\"status\":\"unaffected\"}]}]}],\"metrics\":{},\"references\":[{\"url\":\"https://git.kernel.org/stable/c/4ef8512e1427111f7ba92b4a847d181ff0aeec42\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/66a25f6b7c0bfd84e6d27b536f5d24116dbd52da\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/a7625bacaa8c8c2bfcde6dd6d1397bd63ad82b02\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.





Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author Source Type Date Other

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.


Detection rules are retrieved from Rulezet.