CVE-2021-46964 (GCVE-0-2021-46964)

Vulnerability from cvelistv5 – Published: 2024-02-27 18:47 – Updated: 2025-05-04 07:01
VLAI?
Title
scsi: qla2xxx: Reserve extra IRQ vectors
Summary
In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Reserve extra IRQ vectors Commit a6dcfe08487e ("scsi: qla2xxx: Limit interrupt vectors to number of CPUs") lowers the number of allocated MSI-X vectors to the number of CPUs. That breaks vector allocation assumptions in qla83xx_iospace_config(), qla24xx_enable_msix() and qla2x00_iospace_config(). Either of the functions computes maximum number of qpairs as: ha->max_qpairs = ha->msix_count - 1 (MB interrupt) - 1 (default response queue) - 1 (ATIO, in dual or pure target mode) max_qpairs is set to zero in case of two CPUs and initiator mode. The number is then used to allocate ha->queue_pair_map inside qla2x00_alloc_queues(). No allocation happens and ha->queue_pair_map is left NULL but the driver thinks there are queue pairs available. qla2xxx_queuecommand() tries to find a qpair in the map and crashes: if (ha->mqenable) { uint32_t tag; uint16_t hwq; struct qla_qpair *qpair = NULL; tag = blk_mq_unique_tag(cmd->request); hwq = blk_mq_unique_tag_to_hwq(tag); qpair = ha->queue_pair_map[hwq]; # <- HERE if (qpair) return qla2xxx_mqueuecommand(host, cmd, qpair); } BUG: kernel NULL pointer dereference, address: 0000000000000000 #PF: supervisor read access in kernel mode #PF: error_code(0x0000) - not-present page PGD 0 P4D 0 Oops: 0000 [#1] SMP PTI CPU: 0 PID: 72 Comm: kworker/u4:3 Tainted: G W 5.10.0-rc1+ #25 Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.0.0-prebuilt.qemu-project.org 04/01/2014 Workqueue: scsi_wq_7 fc_scsi_scan_rport [scsi_transport_fc] RIP: 0010:qla2xxx_queuecommand+0x16b/0x3f0 [qla2xxx] Call Trace: scsi_queue_rq+0x58c/0xa60 blk_mq_dispatch_rq_list+0x2b7/0x6f0 ? __sbitmap_get_word+0x2a/0x80 __blk_mq_sched_dispatch_requests+0xb8/0x170 blk_mq_sched_dispatch_requests+0x2b/0x50 __blk_mq_run_hw_queue+0x49/0xb0 __blk_mq_delay_run_hw_queue+0xfb/0x150 blk_mq_sched_insert_request+0xbe/0x110 blk_execute_rq+0x45/0x70 __scsi_execute+0x10e/0x250 scsi_probe_and_add_lun+0x228/0xda0 __scsi_scan_target+0xf4/0x620 ? __pm_runtime_resume+0x4f/0x70 scsi_scan_target+0x100/0x110 fc_scsi_scan_rport+0xa1/0xb0 [scsi_transport_fc] process_one_work+0x1ea/0x3b0 worker_thread+0x28/0x3b0 ? process_one_work+0x3b0/0x3b0 kthread+0x112/0x130 ? kthread_park+0x80/0x80 ret_from_fork+0x22/0x30 The driver should allocate enough vectors to provide every CPU it's own HW queue and still handle reserved (MB, RSP, ATIO) interrupts. The change fixes the crash on dual core VM and prevents unbalanced QP allocation where nr_hw_queues is two less than the number of CPUs.
Severity ?
No CVSS data available.
Assigner
References
Impacted products
Vendor Product Version
Linux Linux Affected: a6dcfe08487e5e83b6b4214c959a9577a9ed2d9f , < 4ecd42dec858b6632c5f024fe13e9ad6c30f2734 (git)
Affected: a6dcfe08487e5e83b6b4214c959a9577a9ed2d9f , < 0f86d66b38501e3ac66cf2d9f9f8ad6838bad0e6 (git)
Affected: a6dcfe08487e5e83b6b4214c959a9577a9ed2d9f , < f02d4086a8f36a0e1aaebf559b54cf24a177a486 (git)
Create a notification for this product.
    Linux Linux Affected: 5.11
Unaffected: 0 , < 5.11 (semver)
Unaffected: 5.11.20 , ≤ 5.11.* (semver)
Unaffected: 5.12.3 , ≤ 5.12.* (semver)
Unaffected: 5.13 , ≤ * (original_commit_for_fix)
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:17:43.024Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/4ecd42dec858b6632c5f024fe13e9ad6c30f2734"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/0f86d66b38501e3ac66cf2d9f9f8ad6838bad0e6"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/f02d4086a8f36a0e1aaebf559b54cf24a177a486"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-46964",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-10T16:01:34.918435Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-11T17:33:46.679Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/scsi/qla2xxx/qla_isr.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "4ecd42dec858b6632c5f024fe13e9ad6c30f2734",
              "status": "affected",
              "version": "a6dcfe08487e5e83b6b4214c959a9577a9ed2d9f",
              "versionType": "git"
            },
            {
              "lessThan": "0f86d66b38501e3ac66cf2d9f9f8ad6838bad0e6",
              "status": "affected",
              "version": "a6dcfe08487e5e83b6b4214c959a9577a9ed2d9f",
              "versionType": "git"
            },
            {
              "lessThan": "f02d4086a8f36a0e1aaebf559b54cf24a177a486",
              "status": "affected",
              "version": "a6dcfe08487e5e83b6b4214c959a9577a9ed2d9f",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/scsi/qla2xxx/qla_isr.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.11"
            },
            {
              "lessThan": "5.11",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.11.*",
              "status": "unaffected",
              "version": "5.11.20",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.12.*",
              "status": "unaffected",
              "version": "5.12.3",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.13",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.11.20",
                  "versionStartIncluding": "5.11",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.12.3",
                  "versionStartIncluding": "5.11",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.13",
                  "versionStartIncluding": "5.11",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: qla2xxx: Reserve extra IRQ vectors\n\nCommit a6dcfe08487e (\"scsi: qla2xxx: Limit interrupt vectors to number of\nCPUs\") lowers the number of allocated MSI-X vectors to the number of CPUs.\n\nThat breaks vector allocation assumptions in qla83xx_iospace_config(),\nqla24xx_enable_msix() and qla2x00_iospace_config(). Either of the functions\ncomputes maximum number of qpairs as:\n\n  ha-\u003emax_qpairs = ha-\u003emsix_count - 1 (MB interrupt) - 1 (default\n                   response queue) - 1 (ATIO, in dual or pure target mode)\n\nmax_qpairs is set to zero in case of two CPUs and initiator mode. The\nnumber is then used to allocate ha-\u003equeue_pair_map inside\nqla2x00_alloc_queues(). No allocation happens and ha-\u003equeue_pair_map is\nleft NULL but the driver thinks there are queue pairs available.\n\nqla2xxx_queuecommand() tries to find a qpair in the map and crashes:\n\n  if (ha-\u003emqenable) {\n          uint32_t tag;\n          uint16_t hwq;\n          struct qla_qpair *qpair = NULL;\n\n          tag = blk_mq_unique_tag(cmd-\u003erequest);\n          hwq = blk_mq_unique_tag_to_hwq(tag);\n          qpair = ha-\u003equeue_pair_map[hwq]; # \u003c- HERE\n\n          if (qpair)\n                  return qla2xxx_mqueuecommand(host, cmd, qpair);\n  }\n\n  BUG: kernel NULL pointer dereference, address: 0000000000000000\n  #PF: supervisor read access in kernel mode\n  #PF: error_code(0x0000) - not-present page\n  PGD 0 P4D 0\n  Oops: 0000 [#1] SMP PTI\n  CPU: 0 PID: 72 Comm: kworker/u4:3 Tainted: G        W         5.10.0-rc1+ #25\n  Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.0.0-prebuilt.qemu-project.org 04/01/2014\n  Workqueue: scsi_wq_7 fc_scsi_scan_rport [scsi_transport_fc]\n  RIP: 0010:qla2xxx_queuecommand+0x16b/0x3f0 [qla2xxx]\n  Call Trace:\n   scsi_queue_rq+0x58c/0xa60\n   blk_mq_dispatch_rq_list+0x2b7/0x6f0\n   ? __sbitmap_get_word+0x2a/0x80\n   __blk_mq_sched_dispatch_requests+0xb8/0x170\n   blk_mq_sched_dispatch_requests+0x2b/0x50\n   __blk_mq_run_hw_queue+0x49/0xb0\n   __blk_mq_delay_run_hw_queue+0xfb/0x150\n   blk_mq_sched_insert_request+0xbe/0x110\n   blk_execute_rq+0x45/0x70\n   __scsi_execute+0x10e/0x250\n   scsi_probe_and_add_lun+0x228/0xda0\n   __scsi_scan_target+0xf4/0x620\n   ? __pm_runtime_resume+0x4f/0x70\n   scsi_scan_target+0x100/0x110\n   fc_scsi_scan_rport+0xa1/0xb0 [scsi_transport_fc]\n   process_one_work+0x1ea/0x3b0\n   worker_thread+0x28/0x3b0\n   ? process_one_work+0x3b0/0x3b0\n   kthread+0x112/0x130\n   ? kthread_park+0x80/0x80\n   ret_from_fork+0x22/0x30\n\nThe driver should allocate enough vectors to provide every CPU it\u0027s own HW\nqueue and still handle reserved (MB, RSP, ATIO) interrupts.\n\nThe change fixes the crash on dual core VM and prevents unbalanced QP\nallocation where nr_hw_queues is two less than the number of CPUs."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-05-04T07:01:18.276Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/4ecd42dec858b6632c5f024fe13e9ad6c30f2734"
        },
        {
          "url": "https://git.kernel.org/stable/c/0f86d66b38501e3ac66cf2d9f9f8ad6838bad0e6"
        },
        {
          "url": "https://git.kernel.org/stable/c/f02d4086a8f36a0e1aaebf559b54cf24a177a486"
        }
      ],
      "title": "scsi: qla2xxx: Reserve extra IRQ vectors",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-46964",
    "datePublished": "2024-02-27T18:47:02.404Z",
    "dateReserved": "2024-02-27T18:42:55.942Z",
    "dateUpdated": "2025-05-04T07:01:18.276Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://git.kernel.org/stable/c/4ecd42dec858b6632c5f024fe13e9ad6c30f2734\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://git.kernel.org/stable/c/0f86d66b38501e3ac66cf2d9f9f8ad6838bad0e6\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://git.kernel.org/stable/c/f02d4086a8f36a0e1aaebf559b54cf24a177a486\", \"tags\": [\"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-04T05:17:43.024Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2021-46964\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-09-10T16:01:34.918435Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-09-11T12:42:18.618Z\"}}], \"cna\": {\"title\": \"scsi: qla2xxx: Reserve extra IRQ vectors\", \"affected\": [{\"repo\": \"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git\", \"vendor\": \"Linux\", \"product\": \"Linux\", \"versions\": [{\"status\": \"affected\", \"version\": \"a6dcfe08487e5e83b6b4214c959a9577a9ed2d9f\", \"lessThan\": \"4ecd42dec858b6632c5f024fe13e9ad6c30f2734\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"a6dcfe08487e5e83b6b4214c959a9577a9ed2d9f\", \"lessThan\": \"0f86d66b38501e3ac66cf2d9f9f8ad6838bad0e6\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"a6dcfe08487e5e83b6b4214c959a9577a9ed2d9f\", \"lessThan\": \"f02d4086a8f36a0e1aaebf559b54cf24a177a486\", \"versionType\": \"git\"}], \"programFiles\": [\"drivers/scsi/qla2xxx/qla_isr.c\"], \"defaultStatus\": \"unaffected\"}, {\"repo\": \"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git\", \"vendor\": \"Linux\", \"product\": \"Linux\", \"versions\": [{\"status\": \"affected\", \"version\": \"5.11\"}, {\"status\": \"unaffected\", \"version\": \"0\", \"lessThan\": \"5.11\", \"versionType\": \"semver\"}, {\"status\": \"unaffected\", \"version\": \"5.11.20\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"5.11.*\"}, {\"status\": \"unaffected\", \"version\": \"5.12.3\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"5.12.*\"}, {\"status\": \"unaffected\", \"version\": \"5.13\", \"versionType\": \"original_commit_for_fix\", \"lessThanOrEqual\": \"*\"}], \"programFiles\": [\"drivers/scsi/qla2xxx/qla_isr.c\"], \"defaultStatus\": \"affected\"}], \"references\": [{\"url\": \"https://git.kernel.org/stable/c/4ecd42dec858b6632c5f024fe13e9ad6c30f2734\"}, {\"url\": \"https://git.kernel.org/stable/c/0f86d66b38501e3ac66cf2d9f9f8ad6838bad0e6\"}, {\"url\": \"https://git.kernel.org/stable/c/f02d4086a8f36a0e1aaebf559b54cf24a177a486\"}], \"x_generator\": {\"engine\": \"bippy-1.2.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"In the Linux kernel, the following vulnerability has been resolved:\\n\\nscsi: qla2xxx: Reserve extra IRQ vectors\\n\\nCommit a6dcfe08487e (\\\"scsi: qla2xxx: Limit interrupt vectors to number of\\nCPUs\\\") lowers the number of allocated MSI-X vectors to the number of CPUs.\\n\\nThat breaks vector allocation assumptions in qla83xx_iospace_config(),\\nqla24xx_enable_msix() and qla2x00_iospace_config(). Either of the functions\\ncomputes maximum number of qpairs as:\\n\\n  ha-\u003emax_qpairs = ha-\u003emsix_count - 1 (MB interrupt) - 1 (default\\n                   response queue) - 1 (ATIO, in dual or pure target mode)\\n\\nmax_qpairs is set to zero in case of two CPUs and initiator mode. The\\nnumber is then used to allocate ha-\u003equeue_pair_map inside\\nqla2x00_alloc_queues(). No allocation happens and ha-\u003equeue_pair_map is\\nleft NULL but the driver thinks there are queue pairs available.\\n\\nqla2xxx_queuecommand() tries to find a qpair in the map and crashes:\\n\\n  if (ha-\u003emqenable) {\\n          uint32_t tag;\\n          uint16_t hwq;\\n          struct qla_qpair *qpair = NULL;\\n\\n          tag = blk_mq_unique_tag(cmd-\u003erequest);\\n          hwq = blk_mq_unique_tag_to_hwq(tag);\\n          qpair = ha-\u003equeue_pair_map[hwq]; # \u003c- HERE\\n\\n          if (qpair)\\n                  return qla2xxx_mqueuecommand(host, cmd, qpair);\\n  }\\n\\n  BUG: kernel NULL pointer dereference, address: 0000000000000000\\n  #PF: supervisor read access in kernel mode\\n  #PF: error_code(0x0000) - not-present page\\n  PGD 0 P4D 0\\n  Oops: 0000 [#1] SMP PTI\\n  CPU: 0 PID: 72 Comm: kworker/u4:3 Tainted: G        W         5.10.0-rc1+ #25\\n  Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.0.0-prebuilt.qemu-project.org 04/01/2014\\n  Workqueue: scsi_wq_7 fc_scsi_scan_rport [scsi_transport_fc]\\n  RIP: 0010:qla2xxx_queuecommand+0x16b/0x3f0 [qla2xxx]\\n  Call Trace:\\n   scsi_queue_rq+0x58c/0xa60\\n   blk_mq_dispatch_rq_list+0x2b7/0x6f0\\n   ? __sbitmap_get_word+0x2a/0x80\\n   __blk_mq_sched_dispatch_requests+0xb8/0x170\\n   blk_mq_sched_dispatch_requests+0x2b/0x50\\n   __blk_mq_run_hw_queue+0x49/0xb0\\n   __blk_mq_delay_run_hw_queue+0xfb/0x150\\n   blk_mq_sched_insert_request+0xbe/0x110\\n   blk_execute_rq+0x45/0x70\\n   __scsi_execute+0x10e/0x250\\n   scsi_probe_and_add_lun+0x228/0xda0\\n   __scsi_scan_target+0xf4/0x620\\n   ? __pm_runtime_resume+0x4f/0x70\\n   scsi_scan_target+0x100/0x110\\n   fc_scsi_scan_rport+0xa1/0xb0 [scsi_transport_fc]\\n   process_one_work+0x1ea/0x3b0\\n   worker_thread+0x28/0x3b0\\n   ? process_one_work+0x3b0/0x3b0\\n   kthread+0x112/0x130\\n   ? kthread_park+0x80/0x80\\n   ret_from_fork+0x22/0x30\\n\\nThe driver should allocate enough vectors to provide every CPU it\u0027s own HW\\nqueue and still handle reserved (MB, RSP, ATIO) interrupts.\\n\\nThe change fixes the crash on dual core VM and prevents unbalanced QP\\nallocation where nr_hw_queues is two less than the number of CPUs.\"}], \"cpeApplicability\": [{\"nodes\": [{\"negate\": false, \"cpeMatch\": [{\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"5.11.20\", \"versionStartIncluding\": \"5.11\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"5.12.3\", \"versionStartIncluding\": \"5.11\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"5.13\", \"versionStartIncluding\": \"5.11\"}], \"operator\": \"OR\"}]}], \"providerMetadata\": {\"orgId\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"shortName\": \"Linux\", \"dateUpdated\": \"2025-05-04T07:01:18.276Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2021-46964\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-05-04T07:01:18.276Z\", \"dateReserved\": \"2024-02-27T18:42:55.942Z\", \"assignerOrgId\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"datePublished\": \"2024-02-27T18:47:02.404Z\", \"assignerShortName\": \"Linux\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.