FKIE_CVE-2023-52730

Vulnerability from fkie_nvd - Published: 2024-05-21 16:15 - Updated: 2026-06-17 06:43
Severity
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Summary
In the Linux kernel, the following vulnerability has been resolved: mmc: sdio: fix possible resource leaks in some error paths If sdio_add_func() or sdio_init_func() fails, sdio_remove_func() can not release the resources, because the sdio function is not presented in these two cases, it won't call of_node_put() or put_device(). To fix these leaks, make sdio_func_present() only control whether device_del() needs to be called or not, then always call of_node_put() and put_device(). In error case in sdio_init_func(), the reference of 'card->dev' is not get, to avoid redundant put in sdio_free_func_cis(), move the get_device() to sdio_alloc_func() and put_device() to sdio_release_func(), it can keep the get/put function be balanced. Without this patch, while doing fault inject test, it can get the following leak reports, after this fix, the leak is gone. unreferenced object 0xffff888112514000 (size 2048): comm "kworker/3:2", pid 65, jiffies 4294741614 (age 124.774s) hex dump (first 32 bytes): 00 e0 6f 12 81 88 ff ff 60 58 8d 06 81 88 ff ff ..o.....`X...... 10 40 51 12 81 88 ff ff 10 40 51 12 81 88 ff ff .@Q......@Q..... backtrace: [<000000009e5931da>] kmalloc_trace+0x21/0x110 [<000000002f839ccb>] mmc_alloc_card+0x38/0xb0 [mmc_core] [<0000000004adcbf6>] mmc_sdio_init_card+0xde/0x170 [mmc_core] [<000000007538fea0>] mmc_attach_sdio+0xcb/0x1b0 [mmc_core] [<00000000d4fdeba7>] mmc_rescan+0x54a/0x640 [mmc_core] unreferenced object 0xffff888112511000 (size 2048): comm "kworker/3:2", pid 65, jiffies 4294741623 (age 124.766s) hex dump (first 32 bytes): 00 40 51 12 81 88 ff ff e0 58 8d 06 81 88 ff ff .@Q......X...... 10 10 51 12 81 88 ff ff 10 10 51 12 81 88 ff ff ..Q.......Q..... backtrace: [<000000009e5931da>] kmalloc_trace+0x21/0x110 [<00000000fcbe706c>] sdio_alloc_func+0x35/0x100 [mmc_core] [<00000000c68f4b50>] mmc_attach_sdio.cold.18+0xb1/0x395 [mmc_core] [<00000000d4fdeba7>] mmc_rescan+0x54a/0x640 [mmc_core]
References
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/1e06cf04239e202248c8fa356bf11449dc73cfbdPatch
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/30716d9f0fa1766e522cf24c8a456244e4fc9931Patch
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/5c7858adada31dbed042448cff6997dd6efc472aPatch
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/605d9fb9556f8f5fb4566f4df1480f280f308dedPatch
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/761db46b29b496946046d8cb33c7ea6de6bef36ePatch
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/92ff03c2563c9b57a027c744750f3b7d2f261c58Patch
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/f855d31bb38d663c3ba672345d7cce9324ba3b72Patch
af854a3a-2127-422b-91ae-364da2661108https://git.kernel.org/stable/c/1e06cf04239e202248c8fa356bf11449dc73cfbdPatch
af854a3a-2127-422b-91ae-364da2661108https://git.kernel.org/stable/c/30716d9f0fa1766e522cf24c8a456244e4fc9931Patch
af854a3a-2127-422b-91ae-364da2661108https://git.kernel.org/stable/c/5c7858adada31dbed042448cff6997dd6efc472aPatch
af854a3a-2127-422b-91ae-364da2661108https://git.kernel.org/stable/c/605d9fb9556f8f5fb4566f4df1480f280f308dedPatch
af854a3a-2127-422b-91ae-364da2661108https://git.kernel.org/stable/c/761db46b29b496946046d8cb33c7ea6de6bef36ePatch
af854a3a-2127-422b-91ae-364da2661108https://git.kernel.org/stable/c/92ff03c2563c9b57a027c744750f3b7d2f261c58Patch
af854a3a-2127-422b-91ae-364da2661108https://git.kernel.org/stable/c/f855d31bb38d663c3ba672345d7cce9324ba3b72Patch
Impacted products
Vendor Product Version
linux linux_kernel *
linux linux_kernel *
linux linux_kernel *
linux linux_kernel *
linux linux_kernel *
linux linux_kernel *
linux linux_kernel 6.2
linux linux_kernel 6.2
linux linux_kernel 6.2
linux linux_kernel 6.2
linux linux_kernel 6.2
linux linux_kernel 6.2
linux linux_kernel 6.2
linux linux_kernel 6.2
To clipboard 

{
  "affected": [
    {
      "affectedData": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/mmc/core/sdio_bus.c",
            "drivers/mmc/core/sdio_cis.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "92ff03c2563c9b57a027c744750f3b7d2f261c58",
              "status": "affected",
              "version": "3d10a1ba0d37c8f5fd5afcdda00613fbb8a90bf5",
              "versionType": "git"
            },
            {
              "lessThan": "5c7858adada31dbed042448cff6997dd6efc472a",
              "status": "affected",
              "version": "3d10a1ba0d37c8f5fd5afcdda00613fbb8a90bf5",
              "versionType": "git"
            },
            {
              "lessThan": "761db46b29b496946046d8cb33c7ea6de6bef36e",
              "status": "affected",
              "version": "3d10a1ba0d37c8f5fd5afcdda00613fbb8a90bf5",
              "versionType": "git"
            },
            {
              "lessThan": "30716d9f0fa1766e522cf24c8a456244e4fc9931",
              "status": "affected",
              "version": "3d10a1ba0d37c8f5fd5afcdda00613fbb8a90bf5",
              "versionType": "git"
            },
            {
              "lessThan": "1e06cf04239e202248c8fa356bf11449dc73cfbd",
              "status": "affected",
              "version": "3d10a1ba0d37c8f5fd5afcdda00613fbb8a90bf5",
              "versionType": "git"
            },
            {
              "lessThan": "f855d31bb38d663c3ba672345d7cce9324ba3b72",
              "status": "affected",
              "version": "3d10a1ba0d37c8f5fd5afcdda00613fbb8a90bf5",
              "versionType": "git"
            },
            {
              "lessThan": "605d9fb9556f8f5fb4566f4df1480f280f308ded",
              "status": "affected",
              "version": "3d10a1ba0d37c8f5fd5afcdda00613fbb8a90bf5",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/mmc/core/sdio_bus.c",
            "drivers/mmc/core/sdio_cis.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "2.6.33"
            },
            {
              "lessThan": "2.6.33",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.14.*",
              "status": "unaffected",
              "version": "4.14.306",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.19.*",
              "status": "unaffected",
              "version": "4.19.273",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.232",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.169",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.95",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.13",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.2",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
    }
  ],
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DB481E70-4E92-4A19-88FC-7A6923121461",
              "versionEndExcluding": "4.14.306",
              "versionStartIncluding": "2.6.33",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC86F278-A337-4A8A-A7BB-758898345802",
              "versionEndExcluding": "4.19.273",
              "versionStartIncluding": "4.15",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9C6E0696-3702-4B0C-A102-2753BDC8C3D3",
              "versionEndExcluding": "5.4.232",
              "versionStartIncluding": "4.20",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D8E6784B-A00F-47F0-882B-7209E1F374B7",
              "versionEndExcluding": "5.10.169",
              "versionStartIncluding": "5.5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8508F80E-8588-4976-A2BA-7A2D85018C4E",
              "versionEndExcluding": "5.15.95",
              "versionStartIncluding": "5.11",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CE354BE6-0C0F-47EB-AD8A-1433F041AC20",
              "versionEndExcluding": "6.1.13",
              "versionStartIncluding": "5.16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:6.2:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "FF501633-2F44-4913-A8EE-B021929F49F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:6.2:rc2:*:*:*:*:*:*",
              "matchCriteriaId": "2BDA597B-CAC1-4DF0-86F0-42E142C654E9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:6.2:rc3:*:*:*:*:*:*",
              "matchCriteriaId": "725C78C9-12CE-406F-ABE8-0813A01D66E8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:6.2:rc4:*:*:*:*:*:*",
              "matchCriteriaId": "A127C155-689C-4F67-B146-44A57F4BFD85",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:6.2:rc5:*:*:*:*:*:*",
              "matchCriteriaId": "D34127CC-68F5-4703-A5F6-5006F803E4AE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:6.2:rc6:*:*:*:*:*:*",
              "matchCriteriaId": "4AB8D555-648E-4F2F-98BD-3E7F45BD12A8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:6.2:rc7:*:*:*:*:*:*",
              "matchCriteriaId": "C64BDD9D-C663-4E75-AE06-356EDC392B82",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:6.2:rc8:*:*:*:*:*:*",
              "matchCriteriaId": "26544390-88E4-41CA-98BF-7BB1E9D4E243",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmmc: sdio: fix possible resource leaks in some error paths\n\nIf sdio_add_func() or sdio_init_func() fails, sdio_remove_func() can\nnot release the resources, because the sdio function is not presented\nin these two cases, it won\u0027t call of_node_put() or put_device().\n\nTo fix these leaks, make sdio_func_present() only control whether\ndevice_del() needs to be called or not, then always call of_node_put()\nand put_device().\n\nIn error case in sdio_init_func(), the reference of \u0027card-\u003edev\u0027 is\nnot get, to avoid redundant put in sdio_free_func_cis(), move the\nget_device() to sdio_alloc_func() and put_device() to sdio_release_func(),\nit can keep the get/put function be balanced.\n\nWithout this patch, while doing fault inject test, it can get the\nfollowing leak reports, after this fix, the leak is gone.\n\nunreferenced object 0xffff888112514000 (size 2048):\n  comm \"kworker/3:2\", pid 65, jiffies 4294741614 (age 124.774s)\n  hex dump (first 32 bytes):\n    00 e0 6f 12 81 88 ff ff 60 58 8d 06 81 88 ff ff  ..o.....`X......\n    10 40 51 12 81 88 ff ff 10 40 51 12 81 88 ff ff  .@Q......@Q.....\n  backtrace:\n    [\u003c000000009e5931da\u003e] kmalloc_trace+0x21/0x110\n    [\u003c000000002f839ccb\u003e] mmc_alloc_card+0x38/0xb0 [mmc_core]\n    [\u003c0000000004adcbf6\u003e] mmc_sdio_init_card+0xde/0x170 [mmc_core]\n    [\u003c000000007538fea0\u003e] mmc_attach_sdio+0xcb/0x1b0 [mmc_core]\n    [\u003c00000000d4fdeba7\u003e] mmc_rescan+0x54a/0x640 [mmc_core]\n\nunreferenced object 0xffff888112511000 (size 2048):\n  comm \"kworker/3:2\", pid 65, jiffies 4294741623 (age 124.766s)\n  hex dump (first 32 bytes):\n    00 40 51 12 81 88 ff ff e0 58 8d 06 81 88 ff ff  .@Q......X......\n    10 10 51 12 81 88 ff ff 10 10 51 12 81 88 ff ff  ..Q.......Q.....\n  backtrace:\n    [\u003c000000009e5931da\u003e] kmalloc_trace+0x21/0x110\n    [\u003c00000000fcbe706c\u003e] sdio_alloc_func+0x35/0x100 [mmc_core]\n    [\u003c00000000c68f4b50\u003e] mmc_attach_sdio.cold.18+0xb1/0x395 [mmc_core]\n    [\u003c00000000d4fdeba7\u003e] mmc_rescan+0x54a/0x640 [mmc_core]"
    },
    {
      "lang": "es",
      "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: mmc: sdio: soluciona posibles fugas de recursos en algunas rutas de error. Si sdio_add_func() o sdio_init_func() falla, sdio_remove_func() no puede liberar los recursos, porque no se presenta la funci\u00f3n sdio en estos dos casos, no llamar\u00e1 a of_node_put() o put_device(). Para solucionar estas fugas, haga que sdio_func_present() solo controle si es necesario llamar a device_del() o no, luego llame siempre a of_node_put() y put_device(). En caso de error en sdio_init_func(), la referencia de \u0027card-\u0026gt;dev\u0027 no se obtiene, para evitar la colocaci\u00f3n redundante en sdio_free_func_cis(), mueva get_device() a sdio_alloc_func() y put_device() a sdio_release_func(), puede mantenga equilibrada la funci\u00f3n get/put. Sin este parche, mientras realiza la prueba de inyecci\u00f3n de fallas, puede obtener los siguientes informes de fugas; despu\u00e9s de esta soluci\u00f3n, la fuga desaparece. objeto sin referencia 0xffff888112514000 (tama\u00f1o 2048): comunicaci\u00f3n \"kworker/3:2\", pid 65, jiffies 4294741614 (edad 124,774 s) volcado hexadecimal (primeros 32 bytes): 00 e0 6f 12 81 88 ff ff 60 58 8d 06 81 8 y siguientes ff ..o.....`X...... 10 40 51 12 81 88 ff ff 10 40 51 12 81 88 ff ff .@Q......@Q..... retroceso : [\u0026lt;000000009e5931da\u0026gt;] kmalloc_trace+0x21/0x110 [\u0026lt;000000002f839ccb\u0026gt;] mmc_alloc_card+0x38/0xb0 [mmc_core] [\u0026lt;0000000004adcbf6\u0026gt;] mmc_sdio_init_card+0xde/0x170 [mmc_core] [\u0026lt;000000007538fea0\u0026gt;] mmc_attach_sdio+0xcb/0x1b0 [mmc_core] [\u0026lt;00000000d4fdeba7\u0026gt;] mmc_rescan+0x54a/0x640 [mmc_core] objeto sin referencia 0xffff888112511000 (tama\u00f1o 2048): comm \"kworker/3:2\", pid 65, santiam\u00e9n 4294741623 (edad 124,766 s) volcado hexadecimal (primero 32 bytes): 00 40 51 12 81 88 ff ff e0 58 8d 06 81 88 ff ff .@Q......X...... 10 10 51 12 81 88 ff ff 10 10 51 12 81 88 ff ff ..Q. ......P..... rastreo inverso: [\u0026lt;000000009e5931da\u0026gt;] kmalloc_trace+0x21/0x110 [\u0026lt;00000000fcbe706c\u0026gt;] sdio_alloc_func+0x35/0x100 [mmc_core] [\u0026lt;00000000c68f4b50\u0026gt;] mmc_attach_sdio.cold. 18+0xb1/ 0x395 [mmc_core] [\u0026lt;00000000d4fdeba7\u0026gt;] mmc_rescan+0x54a/0x640 [mmc_core]"
    }
  ],
  "id": "CVE-2023-52730",
  "lastModified": "2026-06-17T06:43:27.000",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 5.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ],
    "ssvcV203": [
      {
        "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
        "ssvcData": {
          "id": "CVE-2023-52730",
          "options": [
            {
              "exploitation": "none"
            },
            {
              "automatable": "no"
            },
            {
              "technicalImpact": "partial"
            }
          ],
          "role": "CISA Coordinator",
          "timestamp": "2024-09-10T15:37:41.339440Z",
          "version": "2.0.3"
        }
      }
    ]
  },
  "published": "2024-05-21T16:15:13.157",
  "references": [
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/1e06cf04239e202248c8fa356bf11449dc73cfbd"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/30716d9f0fa1766e522cf24c8a456244e4fc9931"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/5c7858adada31dbed042448cff6997dd6efc472a"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/605d9fb9556f8f5fb4566f4df1480f280f308ded"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/761db46b29b496946046d8cb33c7ea6de6bef36e"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/92ff03c2563c9b57a027c744750f3b7d2f261c58"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/f855d31bb38d663c3ba672345d7cce9324ba3b72"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/1e06cf04239e202248c8fa356bf11449dc73cfbd"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/30716d9f0fa1766e522cf24c8a456244e4fc9931"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/5c7858adada31dbed042448cff6997dd6efc472a"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/605d9fb9556f8f5fb4566f4df1480f280f308ded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/761db46b29b496946046d8cb33c7ea6de6bef36e"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/92ff03c2563c9b57a027c744750f3b7d2f261c58"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/f855d31bb38d663c3ba672345d7cce9324ba3b72"
    }
  ],
  "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-401"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.





Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author Source Type Date Other

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.


Detection rules are retrieved from Rulezet.