cve-2024-53178
Vulnerability from cvelistv5
Published
2024-12-27 13:49
Modified
2025-01-20 06:20
Severity ?
Summary
In the Linux kernel, the following vulnerability has been resolved: smb: Don't leak cfid when reconnect races with open_cached_dir open_cached_dir() may either race with the tcon reconnection even before compound_send_recv() or directly trigger a reconnection via SMB2_open_init() or SMB_query_info_init(). The reconnection process invokes invalidate_all_cached_dirs() via cifs_mark_open_files_invalid(), which removes all cfids from the cfids->entries list but doesn't drop a ref if has_lease isn't true. This results in the currently-being-constructed cfid not being on the list, but still having a refcount of 2. It leaks if returned from open_cached_dir(). Fix this by setting cfid->has_lease when the ref is actually taken; the cfid will not be used by other threads until it has a valid time. Addresses these kmemleaks: unreferenced object 0xffff8881090c4000 (size 1024): comm "bash", pid 1860, jiffies 4295126592 hex dump (first 32 bytes): 00 01 00 00 00 00 ad de 22 01 00 00 00 00 ad de ........"....... 00 ca 45 22 81 88 ff ff f8 dc 4f 04 81 88 ff ff ..E"......O..... backtrace (crc 6f58c20f): [<ffffffff8b895a1e>] __kmalloc_cache_noprof+0x2be/0x350 [<ffffffff8bda06e3>] open_cached_dir+0x993/0x1fb0 [<ffffffff8bdaa750>] cifs_readdir+0x15a0/0x1d50 [<ffffffff8b9a853f>] iterate_dir+0x28f/0x4b0 [<ffffffff8b9a9aed>] __x64_sys_getdents64+0xfd/0x200 [<ffffffff8cf6da05>] do_syscall_64+0x95/0x1a0 [<ffffffff8d00012f>] entry_SYSCALL_64_after_hwframe+0x76/0x7e unreferenced object 0xffff8881044fdcf8 (size 8): comm "bash", pid 1860, jiffies 4295126592 hex dump (first 8 bytes): 00 cc cc cc cc cc cc cc ........ backtrace (crc 10c106a9): [<ffffffff8b89a3d3>] __kmalloc_node_track_caller_noprof+0x363/0x480 [<ffffffff8b7d7256>] kstrdup+0x36/0x60 [<ffffffff8bda0700>] open_cached_dir+0x9b0/0x1fb0 [<ffffffff8bdaa750>] cifs_readdir+0x15a0/0x1d50 [<ffffffff8b9a853f>] iterate_dir+0x28f/0x4b0 [<ffffffff8b9a9aed>] __x64_sys_getdents64+0xfd/0x200 [<ffffffff8cf6da05>] do_syscall_64+0x95/0x1a0 [<ffffffff8d00012f>] entry_SYSCALL_64_after_hwframe+0x76/0x7e And addresses these BUG splats when unmounting the SMB filesystem: BUG: Dentry ffff888140590ba0{i=1000000000080,n=/} still in use (2) [unmount of cifs cifs] WARNING: CPU: 3 PID: 3433 at fs/dcache.c:1536 umount_check+0xd0/0x100 Modules linked in: CPU: 3 UID: 0 PID: 3433 Comm: bash Not tainted 6.12.0-rc4-g850925a8133c-dirty #49 Hardware name: VMware, Inc. VMware Virtual Platform/440BX Desktop Reference Platform, BIOS 6.00 11/12/2020 RIP: 0010:umount_check+0xd0/0x100 Code: 8d 7c 24 40 e8 31 5a f4 ff 49 8b 54 24 40 41 56 49 89 e9 45 89 e8 48 89 d9 41 57 48 89 de 48 c7 c7 80 e7 db ac e8 f0 72 9a ff <0f> 0b 58 31 c0 5a 5b 5d 41 5c 41 5d 41 5e 41 5f e9 2b e5 5d 01 41 RSP: 0018:ffff88811cc27978 EFLAGS: 00010286 RAX: 0000000000000000 RBX: ffff888140590ba0 RCX: ffffffffaaf20bae RDX: dffffc0000000000 RSI: 0000000000000008 RDI: ffff8881f6fb6f40 RBP: ffff8881462ec000 R08: 0000000000000001 R09: ffffed1023984ee3 R10: ffff88811cc2771f R11: 00000000016cfcc0 R12: ffff888134383e08 R13: 0000000000000002 R14: ffff8881462ec668 R15: ffffffffaceab4c0 FS: 00007f23bfa98740(0000) GS:ffff8881f6f80000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 0000556de4a6f808 CR3: 0000000123c80000 CR4: 0000000000350ef0 Call Trace: <TASK> d_walk+0x6a/0x530 shrink_dcache_for_umount+0x6a/0x200 generic_shutdown_super+0x52/0x2a0 kill_anon_super+0x22/0x40 cifs_kill_sb+0x159/0x1e0 deactivate_locked_super+0x66/0xe0 cleanup_mnt+0x140/0x210 task_work_run+0xfb/0x170 syscall_exit_to_user_mode+0x29f/0x2b0 do_syscall_64+0xa1/0x1a0 entry_SYSCALL_64_after_hwframe+0x76/0x7e RIP: 0033:0x7f23bfb93ae7 Code: ff ff ff ff c3 66 0f 1f 44 00 00 48 8b 0d 11 93 0d 00 f7 d8 64 89 01 b8 ff ff ff ff eb bf 0f 1f 44 00 00 b8 50 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d e9 92 0d 00 f7 d8 64 89 ---truncated---
References
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/1d76332d783db12684b67592f1fb2057b88af4c3
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/31fabf70d58388d5475e48ca8a6b7d2847b36678
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/73a57b25b4df23f22814fc06b7e8f9cf570be026
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/7afb86733685c64c604d32faf00fa4a1f22c2ab1
Impacted products
Vendor Product Version
Linux Linux Version: ebe98f1447bbccf8228335c62d86af02a0ed23f7
Version: ebe98f1447bbccf8228335c62d86af02a0ed23f7
Version: ebe98f1447bbccf8228335c62d86af02a0ed23f7
Version: ebe98f1447bbccf8228335c62d86af02a0ed23f7
 Create a notification for this product.
   Linux Linux Version: 6.1
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
  "containers": {
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "fs/smb/client/cached_dir.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "31fabf70d58388d5475e48ca8a6b7d2847b36678",
              "status": "affected",
              "version": "ebe98f1447bbccf8228335c62d86af02a0ed23f7",
              "versionType": "git"
            },
            {
              "lessThan": "1d76332d783db12684b67592f1fb2057b88af4c3",
              "status": "affected",
              "version": "ebe98f1447bbccf8228335c62d86af02a0ed23f7",
              "versionType": "git"
            },
            {
              "lessThan": "73a57b25b4df23f22814fc06b7e8f9cf570be026",
              "status": "affected",
              "version": "ebe98f1447bbccf8228335c62d86af02a0ed23f7",
              "versionType": "git"
            },
            {
              "lessThan": "7afb86733685c64c604d32faf00fa4a1f22c2ab1",
              "status": "affected",
              "version": "ebe98f1447bbccf8228335c62d86af02a0ed23f7",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "fs/smb/client/cached_dir.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "6.1"
            },
            {
              "lessThan": "6.1",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.64",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.11.*",
              "status": "unaffected",
              "version": "6.11.11",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.12.*",
              "status": "unaffected",
              "version": "6.12.2",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.13",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: Don\u0027t leak cfid when reconnect races with open_cached_dir\n\nopen_cached_dir() may either race with the tcon reconnection even before\ncompound_send_recv() or directly trigger a reconnection via\nSMB2_open_init() or SMB_query_info_init().\n\nThe reconnection process invokes invalidate_all_cached_dirs() via\ncifs_mark_open_files_invalid(), which removes all cfids from the\ncfids-\u003eentries list but doesn\u0027t drop a ref if has_lease isn\u0027t true. This\nresults in the currently-being-constructed cfid not being on the list,\nbut still having a refcount of 2. It leaks if returned from\nopen_cached_dir().\n\nFix this by setting cfid-\u003ehas_lease when the ref is actually taken; the\ncfid will not be used by other threads until it has a valid time.\n\nAddresses these kmemleaks:\n\nunreferenced object 0xffff8881090c4000 (size 1024):\n  comm \"bash\", pid 1860, jiffies 4295126592\n  hex dump (first 32 bytes):\n    00 01 00 00 00 00 ad de 22 01 00 00 00 00 ad de  ........\".......\n    00 ca 45 22 81 88 ff ff f8 dc 4f 04 81 88 ff ff  ..E\"......O.....\n  backtrace (crc 6f58c20f):\n    [\u003cffffffff8b895a1e\u003e] __kmalloc_cache_noprof+0x2be/0x350\n    [\u003cffffffff8bda06e3\u003e] open_cached_dir+0x993/0x1fb0\n    [\u003cffffffff8bdaa750\u003e] cifs_readdir+0x15a0/0x1d50\n    [\u003cffffffff8b9a853f\u003e] iterate_dir+0x28f/0x4b0\n    [\u003cffffffff8b9a9aed\u003e] __x64_sys_getdents64+0xfd/0x200\n    [\u003cffffffff8cf6da05\u003e] do_syscall_64+0x95/0x1a0\n    [\u003cffffffff8d00012f\u003e] entry_SYSCALL_64_after_hwframe+0x76/0x7e\nunreferenced object 0xffff8881044fdcf8 (size 8):\n  comm \"bash\", pid 1860, jiffies 4295126592\n  hex dump (first 8 bytes):\n    00 cc cc cc cc cc cc cc                          ........\n  backtrace (crc 10c106a9):\n    [\u003cffffffff8b89a3d3\u003e] __kmalloc_node_track_caller_noprof+0x363/0x480\n    [\u003cffffffff8b7d7256\u003e] kstrdup+0x36/0x60\n    [\u003cffffffff8bda0700\u003e] open_cached_dir+0x9b0/0x1fb0\n    [\u003cffffffff8bdaa750\u003e] cifs_readdir+0x15a0/0x1d50\n    [\u003cffffffff8b9a853f\u003e] iterate_dir+0x28f/0x4b0\n    [\u003cffffffff8b9a9aed\u003e] __x64_sys_getdents64+0xfd/0x200\n    [\u003cffffffff8cf6da05\u003e] do_syscall_64+0x95/0x1a0\n    [\u003cffffffff8d00012f\u003e] entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nAnd addresses these BUG splats when unmounting the SMB filesystem:\n\nBUG: Dentry ffff888140590ba0{i=1000000000080,n=/}  still in use (2) [unmount of cifs cifs]\nWARNING: CPU: 3 PID: 3433 at fs/dcache.c:1536 umount_check+0xd0/0x100\nModules linked in:\nCPU: 3 UID: 0 PID: 3433 Comm: bash Not tainted 6.12.0-rc4-g850925a8133c-dirty #49\nHardware name: VMware, Inc. VMware Virtual Platform/440BX Desktop Reference Platform, BIOS 6.00 11/12/2020\nRIP: 0010:umount_check+0xd0/0x100\nCode: 8d 7c 24 40 e8 31 5a f4 ff 49 8b 54 24 40 41 56 49 89 e9 45 89 e8 48 89 d9 41 57 48 89 de 48 c7 c7 80 e7 db ac e8 f0 72 9a ff \u003c0f\u003e 0b 58 31 c0 5a 5b 5d 41 5c 41 5d 41 5e 41 5f e9 2b e5 5d 01 41\nRSP: 0018:ffff88811cc27978 EFLAGS: 00010286\nRAX: 0000000000000000 RBX: ffff888140590ba0 RCX: ffffffffaaf20bae\nRDX: dffffc0000000000 RSI: 0000000000000008 RDI: ffff8881f6fb6f40\nRBP: ffff8881462ec000 R08: 0000000000000001 R09: ffffed1023984ee3\nR10: ffff88811cc2771f R11: 00000000016cfcc0 R12: ffff888134383e08\nR13: 0000000000000002 R14: ffff8881462ec668 R15: ffffffffaceab4c0\nFS:  00007f23bfa98740(0000) GS:ffff8881f6f80000(0000) knlGS:0000000000000000\nCS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000556de4a6f808 CR3: 0000000123c80000 CR4: 0000000000350ef0\nCall Trace:\n \u003cTASK\u003e\n d_walk+0x6a/0x530\n shrink_dcache_for_umount+0x6a/0x200\n generic_shutdown_super+0x52/0x2a0\n kill_anon_super+0x22/0x40\n cifs_kill_sb+0x159/0x1e0\n deactivate_locked_super+0x66/0xe0\n cleanup_mnt+0x140/0x210\n task_work_run+0xfb/0x170\n syscall_exit_to_user_mode+0x29f/0x2b0\n do_syscall_64+0xa1/0x1a0\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\nRIP: 0033:0x7f23bfb93ae7\nCode: ff ff ff ff c3 66 0f 1f 44 00 00 48 8b 0d 11 93 0d 00 f7 d8 64 89 01 b8 ff ff ff ff eb bf 0f 1f 44 00 00 b8 50 00 00 00 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 8b 0d e9 92 0d 00 f7 d8 64 89 \n---truncated---"
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-01-20T06:20:41.172Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/31fabf70d58388d5475e48ca8a6b7d2847b36678"
        },
        {
          "url": "https://git.kernel.org/stable/c/1d76332d783db12684b67592f1fb2057b88af4c3"
        },
        {
          "url": "https://git.kernel.org/stable/c/73a57b25b4df23f22814fc06b7e8f9cf570be026"
        },
        {
          "url": "https://git.kernel.org/stable/c/7afb86733685c64c604d32faf00fa4a1f22c2ab1"
        }
      ],
      "title": "smb: Don\u0027t leak cfid when reconnect races with open_cached_dir",
      "x_generator": {
        "engine": "bippy-5f407fcff5a0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2024-53178",
    "datePublished": "2024-12-27T13:49:22.085Z",
    "dateReserved": "2024-11-19T17:17:25.008Z",
    "dateUpdated": "2025-01-20T06:20:41.172Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2024-53178\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2024-12-27T14:15:25.183\",\"lastModified\":\"2024-12-27T14:15:25.183\",\"vulnStatus\":\"Received\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\nsmb: Don\u0027t leak cfid when reconnect races with open_cached_dir\\n\\nopen_cached_dir() may either race with the tcon reconnection even before\\ncompound_send_recv() or directly trigger a reconnection via\\nSMB2_open_init() or SMB_query_info_init().\\n\\nThe reconnection process invokes invalidate_all_cached_dirs() via\\ncifs_mark_open_files_invalid(), which removes all cfids from the\\ncfids-\u003eentries list but doesn\u0027t drop a ref if has_lease isn\u0027t true. This\\nresults in the currently-being-constructed cfid not being on the list,\\nbut still having a refcount of 2. It leaks if returned from\\nopen_cached_dir().\\n\\nFix this by setting cfid-\u003ehas_lease when the ref is actually taken; the\\ncfid will not be used by other threads until it has a valid time.\\n\\nAddresses these kmemleaks:\\n\\nunreferenced object 0xffff8881090c4000 (size 1024):\\n  comm \\\"bash\\\", pid 1860, jiffies 4295126592\\n  hex dump (first 32 bytes):\\n    00 01 00 00 00 00 ad de 22 01 00 00 00 00 ad de  ........\\\".......\\n    00 ca 45 22 81 88 ff ff f8 dc 4f 04 81 88 ff ff  ..E\\\"......O.....\\n  backtrace (crc 6f58c20f):\\n    [\u003cffffffff8b895a1e\u003e] __kmalloc_cache_noprof+0x2be/0x350\\n    [\u003cffffffff8bda06e3\u003e] open_cached_dir+0x993/0x1fb0\\n    [\u003cffffffff8bdaa750\u003e] cifs_readdir+0x15a0/0x1d50\\n    [\u003cffffffff8b9a853f\u003e] iterate_dir+0x28f/0x4b0\\n    [\u003cffffffff8b9a9aed\u003e] __x64_sys_getdents64+0xfd/0x200\\n    [\u003cffffffff8cf6da05\u003e] do_syscall_64+0x95/0x1a0\\n    [\u003cffffffff8d00012f\u003e] entry_SYSCALL_64_after_hwframe+0x76/0x7e\\nunreferenced object 0xffff8881044fdcf8 (size 8):\\n  comm \\\"bash\\\", pid 1860, jiffies 4295126592\\n  hex dump (first 8 bytes):\\n    00 cc cc cc cc cc cc cc                          ........\\n  backtrace (crc 10c106a9):\\n    [\u003cffffffff8b89a3d3\u003e] __kmalloc_node_track_caller_noprof+0x363/0x480\\n    [\u003cffffffff8b7d7256\u003e] kstrdup+0x36/0x60\\n    [\u003cffffffff8bda0700\u003e] open_cached_dir+0x9b0/0x1fb0\\n    [\u003cffffffff8bdaa750\u003e] cifs_readdir+0x15a0/0x1d50\\n    [\u003cffffffff8b9a853f\u003e] iterate_dir+0x28f/0x4b0\\n    [\u003cffffffff8b9a9aed\u003e] __x64_sys_getdents64+0xfd/0x200\\n    [\u003cffffffff8cf6da05\u003e] do_syscall_64+0x95/0x1a0\\n    [\u003cffffffff8d00012f\u003e] entry_SYSCALL_64_after_hwframe+0x76/0x7e\\n\\nAnd addresses these BUG splats when unmounting the SMB filesystem:\\n\\nBUG: Dentry ffff888140590ba0{i=1000000000080,n=/}  still in use (2) [unmount of cifs cifs]\\nWARNING: CPU: 3 PID: 3433 at fs/dcache.c:1536 umount_check+0xd0/0x100\\nModules linked in:\\nCPU: 3 UID: 0 PID: 3433 Comm: bash Not tainted 6.12.0-rc4-g850925a8133c-dirty #49\\nHardware name: VMware, Inc. VMware Virtual Platform/440BX Desktop Reference Platform, BIOS 6.00 11/12/2020\\nRIP: 0010:umount_check+0xd0/0x100\\nCode: 8d 7c 24 40 e8 31 5a f4 ff 49 8b 54 24 40 41 56 49 89 e9 45 89 e8 48 89 d9 41 57 48 89 de 48 c7 c7 80 e7 db ac e8 f0 72 9a ff \u003c0f\u003e 0b 58 31 c0 5a 5b 5d 41 5c 41 5d 41 5e 41 5f e9 2b e5 5d 01 41\\nRSP: 0018:ffff88811cc27978 EFLAGS: 00010286\\nRAX: 0000000000000000 RBX: ffff888140590ba0 RCX: ffffffffaaf20bae\\nRDX: dffffc0000000000 RSI: 0000000000000008 RDI: ffff8881f6fb6f40\\nRBP: ffff8881462ec000 R08: 0000000000000001 R09: ffffed1023984ee3\\nR10: ffff88811cc2771f R11: 00000000016cfcc0 R12: ffff888134383e08\\nR13: 0000000000000002 R14: ffff8881462ec668 R15: ffffffffaceab4c0\\nFS:  00007f23bfa98740(0000) GS:ffff8881f6f80000(0000) knlGS:0000000000000000\\nCS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033\\nCR2: 0000556de4a6f808 CR3: 0000000123c80000 CR4: 0000000000350ef0\\nCall Trace:\\n \u003cTASK\u003e\\n d_walk+0x6a/0x530\\n shrink_dcache_for_umount+0x6a/0x200\\n generic_shutdown_super+0x52/0x2a0\\n kill_anon_super+0x22/0x40\\n cifs_kill_sb+0x159/0x1e0\\n deactivate_locked_super+0x66/0xe0\\n cleanup_mnt+0x140/0x210\\n task_work_run+0xfb/0x170\\n syscall_exit_to_user_mode+0x29f/0x2b0\\n do_syscall_64+0xa1/0x1a0\\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\\nRIP: 0033:0x7f23bfb93ae7\\nCode: ff ff ff ff c3 66 0f 1f 44 00 00 48 8b 0d 11 93 0d 00 f7 d8 64 89 01 b8 ff ff ff ff eb bf 0f 1f 44 00 00 b8 50 00 00 00 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 8b 0d e9 92 0d 00 f7 d8 64 89 \\n---truncated---\"}],\"metrics\":{},\"references\":[{\"url\":\"https://git.kernel.org/stable/c/1d76332d783db12684b67592f1fb2057b88af4c3\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/31fabf70d58388d5475e48ca8a6b7d2847b36678\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/73a57b25b4df23f22814fc06b7e8f9cf570be026\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/7afb86733685c64c604d32faf00fa4a1f22c2ab1\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.