CVE-2025-21804 (GCVE-0-2025-21804)

Vulnerability from cvelistv5 – Published: 2025-02-27 20:00 – Updated: 2026-05-11 21:06
VLAI
Title
PCI: rcar-ep: Fix incorrect variable used when calling devm_request_mem_region()
Summary
In the Linux kernel, the following vulnerability has been resolved: PCI: rcar-ep: Fix incorrect variable used when calling devm_request_mem_region() The rcar_pcie_parse_outbound_ranges() uses the devm_request_mem_region() macro to request a needed resource. A string variable that lives on the stack is then used to store a dynamically computed resource name, which is then passed on as one of the macro arguments. This can lead to undefined behavior. Depending on the current contents of the memory, the manifestations of errors may vary. One possible output may be as follows: $ cat /proc/iomem 30000000-37ffffff : 38000000-3fffffff : Sometimes, garbage may appear after the colon. In very rare cases, if no NULL-terminator is found in memory, the system might crash because the string iterator will overrun which can lead to access of unmapped memory above the stack. Thus, fix this by replacing outbound_name with the name of the previously requested resource. With the changes applied, the output will be as follows: $ cat /proc/iomem 30000000-37ffffff : memory2 38000000-3fffffff : memory3 [kwilczynski: commit log]
Severity
5.5 (Medium)
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Assigner
References
Impacted products
Vendor Product Version
Linux Linux Affected: 2a6d0d63d99956a66f6605832f11755d74a41951 , < 7a47e14c5fb0b6dba7073be7b0119fb8fe864e01 (git)
Affected: 2a6d0d63d99956a66f6605832f11755d74a41951 , < 6987e021b64cbb49981d140bb72d9d1466f191c4 (git)
Affected: 2a6d0d63d99956a66f6605832f11755d74a41951 , < 24576899c49509c0d533bcf569139f691d8f7af7 (git)
Affected: 2a6d0d63d99956a66f6605832f11755d74a41951 , < 2c54b9fca1755e80a343ccfde0652dc5ea4744b2 (git)
Affected: 2a6d0d63d99956a66f6605832f11755d74a41951 , < 9ff46b0bfeb6e0724a4ace015aa7a0b887cdb7c1 (git)
Affected: 2a6d0d63d99956a66f6605832f11755d74a41951 , < 44708208c2a4b828a57a2abe7799c9d3962e7eaa (git)
Affected: 2a6d0d63d99956a66f6605832f11755d74a41951 , < 2d2da5a4c1b4509f6f7e5a8db015cd420144beb4 (git)
Create a notification for this product.
Linux Linux Affected: 5.8
Unaffected: 0 , < 5.8 (semver)
Unaffected: 5.10.235 , ≤ 5.10.* (semver)
Unaffected: 5.15.179 , ≤ 5.15.* (semver)
Unaffected: 6.1.129 , ≤ 6.1.* (semver)
Unaffected: 6.6.76 , ≤ 6.6.* (semver)
Unaffected: 6.12.13 , ≤ 6.12.* (semver)
Unaffected: 6.13.2 , ≤ 6.13.* (semver)
Unaffected: 6.14 , ≤ * (original_commit_for_fix)
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2025-11-03T20:59:44.459Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "https://lists.debian.org/debian-lts-announce/2025/05/msg00030.html"
          },
          {
            "url": "https://lists.debian.org/debian-lts-announce/2025/03/msg00028.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/pci/controller/pcie-rcar-ep.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "7a47e14c5fb0b6dba7073be7b0119fb8fe864e01",
              "status": "affected",
              "version": "2a6d0d63d99956a66f6605832f11755d74a41951",
              "versionType": "git"
            },
            {
              "lessThan": "6987e021b64cbb49981d140bb72d9d1466f191c4",
              "status": "affected",
              "version": "2a6d0d63d99956a66f6605832f11755d74a41951",
              "versionType": "git"
            },
            {
              "lessThan": "24576899c49509c0d533bcf569139f691d8f7af7",
              "status": "affected",
              "version": "2a6d0d63d99956a66f6605832f11755d74a41951",
              "versionType": "git"
            },
            {
              "lessThan": "2c54b9fca1755e80a343ccfde0652dc5ea4744b2",
              "status": "affected",
              "version": "2a6d0d63d99956a66f6605832f11755d74a41951",
              "versionType": "git"
            },
            {
              "lessThan": "9ff46b0bfeb6e0724a4ace015aa7a0b887cdb7c1",
              "status": "affected",
              "version": "2a6d0d63d99956a66f6605832f11755d74a41951",
              "versionType": "git"
            },
            {
              "lessThan": "44708208c2a4b828a57a2abe7799c9d3962e7eaa",
              "status": "affected",
              "version": "2a6d0d63d99956a66f6605832f11755d74a41951",
              "versionType": "git"
            },
            {
              "lessThan": "2d2da5a4c1b4509f6f7e5a8db015cd420144beb4",
              "status": "affected",
              "version": "2a6d0d63d99956a66f6605832f11755d74a41951",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/pci/controller/pcie-rcar-ep.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.8"
            },
            {
              "lessThan": "5.8",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.235",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.179",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.129",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.76",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.12.*",
              "status": "unaffected",
              "version": "6.12.13",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.13.*",
              "status": "unaffected",
              "version": "6.13.2",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.14",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.10.235",
                  "versionStartIncluding": "5.8",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.15.179",
                  "versionStartIncluding": "5.8",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.1.129",
                  "versionStartIncluding": "5.8",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.6.76",
                  "versionStartIncluding": "5.8",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.12.13",
                  "versionStartIncluding": "5.8",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.13.2",
                  "versionStartIncluding": "5.8",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.14",
                  "versionStartIncluding": "5.8",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nPCI: rcar-ep: Fix incorrect variable used when calling devm_request_mem_region()\n\nThe rcar_pcie_parse_outbound_ranges() uses the devm_request_mem_region()\nmacro to request a needed resource. A string variable that lives on the\nstack is then used to store a dynamically computed resource name, which\nis then passed on as one of the macro arguments. This can lead to\nundefined behavior.\n\nDepending on the current contents of the memory, the manifestations of\nerrors may vary. One possible output may be as follows:\n\n  $ cat /proc/iomem\n  30000000-37ffffff :\n  38000000-3fffffff :\n\nSometimes, garbage may appear after the colon.\n\nIn very rare cases, if no NULL-terminator is found in memory, the system\nmight crash because the string iterator will overrun which can lead to\naccess of unmapped memory above the stack.\n\nThus, fix this by replacing outbound_name with the name of the previously\nrequested resource. With the changes applied, the output will be as\nfollows:\n\n  $ cat /proc/iomem\n  30000000-37ffffff : memory2\n  38000000-3fffffff : memory3\n\n[kwilczynski: commit log]"
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-05-11T21:06:51.376Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/7a47e14c5fb0b6dba7073be7b0119fb8fe864e01"
        },
        {
          "url": "https://git.kernel.org/stable/c/6987e021b64cbb49981d140bb72d9d1466f191c4"
        },
        {
          "url": "https://git.kernel.org/stable/c/24576899c49509c0d533bcf569139f691d8f7af7"
        },
        {
          "url": "https://git.kernel.org/stable/c/2c54b9fca1755e80a343ccfde0652dc5ea4744b2"
        },
        {
          "url": "https://git.kernel.org/stable/c/9ff46b0bfeb6e0724a4ace015aa7a0b887cdb7c1"
        },
        {
          "url": "https://git.kernel.org/stable/c/44708208c2a4b828a57a2abe7799c9d3962e7eaa"
        },
        {
          "url": "https://git.kernel.org/stable/c/2d2da5a4c1b4509f6f7e5a8db015cd420144beb4"
        }
      ],
      "title": "PCI: rcar-ep: Fix incorrect variable used when calling devm_request_mem_region()",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2025-21804",
    "datePublished": "2025-02-27T20:00:57.639Z",
    "dateReserved": "2024-12-29T08:45:45.771Z",
    "dateUpdated": "2026-05-11T21:06:51.376Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2025-21804",
      "date": "2026-06-29",
      "epss": "0.00184",
      "percentile": "0.08177"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2025-21804\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2025-02-27T20:16:03.030\",\"lastModified\":\"2026-06-17T08:44:19.200\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\nPCI: rcar-ep: Fix incorrect variable used when calling devm_request_mem_region()\\n\\nThe rcar_pcie_parse_outbound_ranges() uses the devm_request_mem_region()\\nmacro to request a needed resource. A string variable that lives on the\\nstack is then used to store a dynamically computed resource name, which\\nis then passed on as one of the macro arguments. This can lead to\\nundefined behavior.\\n\\nDepending on the current contents of the memory, the manifestations of\\nerrors may vary. One possible output may be as follows:\\n\\n  $ cat /proc/iomem\\n  30000000-37ffffff :\\n  38000000-3fffffff :\\n\\nSometimes, garbage may appear after the colon.\\n\\nIn very rare cases, if no NULL-terminator is found in memory, the system\\nmight crash because the string iterator will overrun which can lead to\\naccess of unmapped memory above the stack.\\n\\nThus, fix this by replacing outbound_name with the name of the previously\\nrequested resource. With the changes applied, the output will be as\\nfollows:\\n\\n  $ cat /proc/iomem\\n  30000000-37ffffff : memory2\\n  38000000-3fffffff : memory3\\n\\n[kwilczynski: commit log]\"},{\"lang\":\"es\",\"value\":\"En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: PCI: rcar-ep: Se corrige la variable incorrecta utilizada al llamar a devm_request_mem_region(). rcar_pcie_parse_outbound_ranges() utiliza la macro devm_request_mem_region() para solicitar un recurso necesario. Luego, se utiliza una variable de cadena que se encuentra en la pila para almacenar un nombre de recurso calculado din\u00e1micamente, que luego se pasa como uno de los argumentos de la macro. Esto puede provocar un comportamiento indefinido. Seg\u00fan el contenido actual de la memoria, las manifestaciones de los errores pueden variar. Una posible salida puede ser la siguiente: $ cat /proc/iomem 30000000-37ffffff : 38000000-3fffffff : A veces, puede aparecer basura despu\u00e9s de los dos puntos. En casos muy raros, si no se encuentra un terminador NULL en la memoria, el sistema puede bloquearse porque el iterador de cadena se desbordar\u00e1, lo que puede provocar el acceso a la memoria no asignada por encima de la pila. Por lo tanto, solucione este problema reemplazando outbound_name con el nombre del recurso solicitado anteriormente. Con los cambios aplicados, el resultado ser\u00e1 el siguiente: $ cat /proc/iomem 30000000-37ffffff : memory2 38000000-3fffffff : memory3 [kwilczynski: commit log]\"}],\"affected\":[{\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"affectedData\":[{\"vendor\":\"Linux\",\"product\":\"Linux\",\"defaultStatus\":\"unaffected\",\"programFiles\":[\"drivers/pci/controller/pcie-rcar-ep.c\"],\"repo\":\"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git\",\"versions\":[{\"version\":\"2a6d0d63d99956a66f6605832f11755d74a41951\",\"lessThan\":\"7a47e14c5fb0b6dba7073be7b0119fb8fe864e01\",\"versionType\":\"git\",\"status\":\"affected\"},{\"version\":\"2a6d0d63d99956a66f6605832f11755d74a41951\",\"lessThan\":\"6987e021b64cbb49981d140bb72d9d1466f191c4\",\"versionType\":\"git\",\"status\":\"affected\"},{\"version\":\"2a6d0d63d99956a66f6605832f11755d74a41951\",\"lessThan\":\"24576899c49509c0d533bcf569139f691d8f7af7\",\"versionType\":\"git\",\"status\":\"affected\"},{\"version\":\"2a6d0d63d99956a66f6605832f11755d74a41951\",\"lessThan\":\"2c54b9fca1755e80a343ccfde0652dc5ea4744b2\",\"versionType\":\"git\",\"status\":\"affected\"},{\"version\":\"2a6d0d63d99956a66f6605832f11755d74a41951\",\"lessThan\":\"9ff46b0bfeb6e0724a4ace015aa7a0b887cdb7c1\",\"versionType\":\"git\",\"status\":\"affected\"},{\"version\":\"2a6d0d63d99956a66f6605832f11755d74a41951\",\"lessThan\":\"44708208c2a4b828a57a2abe7799c9d3962e7eaa\",\"versionType\":\"git\",\"status\":\"affected\"},{\"version\":\"2a6d0d63d99956a66f6605832f11755d74a41951\",\"lessThan\":\"2d2da5a4c1b4509f6f7e5a8db015cd420144beb4\",\"versionType\":\"git\",\"status\":\"affected\"}]},{\"vendor\":\"Linux\",\"product\":\"Linux\",\"defaultStatus\":\"affected\",\"programFiles\":[\"drivers/pci/controller/pcie-rcar-ep.c\"],\"repo\":\"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git\",\"versions\":[{\"version\":\"5.8\",\"status\":\"affected\"},{\"version\":\"0\",\"lessThan\":\"5.8\",\"versionType\":\"semver\",\"status\":\"unaffected\"},{\"version\":\"5.10.235\",\"lessThanOrEqual\":\"5.10.*\",\"versionType\":\"semver\",\"status\":\"unaffected\"},{\"version\":\"5.15.179\",\"lessThanOrEqual\":\"5.15.*\",\"versionType\":\"semver\",\"status\":\"unaffected\"},{\"version\":\"6.1.129\",\"lessThanOrEqual\":\"6.1.*\",\"versionType\":\"semver\",\"status\":\"unaffected\"},{\"version\":\"6.6.76\",\"lessThanOrEqual\":\"6.6.*\",\"versionType\":\"semver\",\"status\":\"unaffected\"},{\"version\":\"6.12.13\",\"lessThanOrEqual\":\"6.12.*\",\"versionType\":\"semver\",\"status\":\"unaffected\"},{\"version\":\"6.13.2\",\"lessThanOrEqual\":\"6.13.*\",\"versionType\":\"semver\",\"status\":\"unaffected\"},{\"version\":\"6.14\",\"lessThanOrEqual\":\"*\",\"versionType\":\"original_commit_for_fix\",\"status\":\"unaffected\"}]}]}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":5.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-476\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.8\",\"versionEndExcluding\":\"5.10.235\",\"matchCriteriaId\":\"17FFC38A-2679-443B-8BDB-D553D86D60EE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.11\",\"versionEndExcluding\":\"5.15.179\",\"matchCriteriaId\":\"C708062C-4E1B-465F-AE6D-C09C46400875\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.16\",\"versionEndExcluding\":\"6.1.129\",\"matchCriteriaId\":\"2DA5009C-C9B9-4A1D-9B96-78427E8F232C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.2\",\"versionEndExcluding\":\"6.6.76\",\"matchCriteriaId\":\"A6D70701-9CB6-4222-A957-00A419878993\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.7\",\"versionEndExcluding\":\"6.12.13\",\"matchCriteriaId\":\"2897389C-A8C3-4D69-90F2-E701B3D66373\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.13\",\"versionEndExcluding\":\"6.13.2\",\"matchCriteriaId\":\"6D4116B1-1BFD-4F23-BA84-169CC05FC5A3\"}]}]}],\"references\":[{\"url\":\"https://git.kernel.org/stable/c/24576899c49509c0d533bcf569139f691d8f7af7\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/2c54b9fca1755e80a343ccfde0652dc5ea4744b2\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/2d2da5a4c1b4509f6f7e5a8db015cd420144beb4\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/44708208c2a4b828a57a2abe7799c9d3962e7eaa\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/6987e021b64cbb49981d140bb72d9d1466f191c4\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/7a47e14c5fb0b6dba7073be7b0119fb8fe864e01\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/9ff46b0bfeb6e0724a4ace015aa7a0b887cdb7c1\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2025/03/msg00028.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.debian.org/debian-lts-announce/2025/05/msg00030.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.





Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author Source Type Date Other

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.


Detection rules are retrieved from Rulezet.