CVE-2023-52828 (GCVE-0-2023-52828)
Vulnerability from cvelistv5
Published
2024-05-21 15:31
Modified
2026-01-05 10:17
Severity ?
VLAI Severity ?
EPSS score ?
Summary
In the Linux kernel, the following vulnerability has been resolved:
bpf: Detect IP == ksym.end as part of BPF program
Now that bpf_throw kfunc is the first such call instruction that has
noreturn semantics within the verifier, this also kicks in dead code
elimination in unprecedented ways. For one, any instruction following
a bpf_throw call will never be marked as seen. Moreover, if a callchain
ends up throwing, any instructions after the call instruction to the
eventually throwing subprog in callers will also never be marked as
seen.
The tempting way to fix this would be to emit extra 'int3' instructions
which bump the jited_len of a program, and ensure that during runtime
when a program throws, we can discover its boundaries even if the call
instruction to bpf_throw (or to subprogs that always throw) is emitted
as the final instruction in the program.
An example of such a program would be this:
do_something():
...
r0 = 0
exit
foo():
r1 = 0
call bpf_throw
r0 = 0
exit
bar(cond):
if r1 != 0 goto pc+2
call do_something
exit
call foo
r0 = 0 // Never seen by verifier
exit //
main(ctx):
r1 = ...
call bar
r0 = 0
exit
Here, if we do end up throwing, the stacktrace would be the following:
bpf_throw
foo
bar
main
In bar, the final instruction emitted will be the call to foo, as such,
the return address will be the subsequent instruction (which the JIT
emits as int3 on x86). This will end up lying outside the jited_len of
the program, thus, when unwinding, we will fail to discover the return
address as belonging to any program and end up in a panic due to the
unreliable stack unwinding of BPF programs that we never expect.
To remedy this case, make bpf_prog_ksym_find treat IP == ksym.end as
part of the BPF program, so that is_bpf_text_address returns true when
such a case occurs, and we are able to unwind reliably when the final
instruction ends up being a call instruction.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Linux | Linux |
Version: 74451e66d516c55e309e8d89a4a1e7596e46aacd Version: 74451e66d516c55e309e8d89a4a1e7596e46aacd Version: 74451e66d516c55e309e8d89a4a1e7596e46aacd Version: 74451e66d516c55e309e8d89a4a1e7596e46aacd Version: 74451e66d516c55e309e8d89a4a1e7596e46aacd Version: 74451e66d516c55e309e8d89a4a1e7596e46aacd |
||
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-52828",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-29T17:18:00.561172Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-noinfo Not enough information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-05T15:50:04.124Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T23:11:35.966Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/6058e4829696412457729a00734969acc6fd1d18"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/cf353904a82873e952633fcac4385c2fcd3a46e1"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/aa42a7cb92647786719fe9608685da345883878f"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/327b92e8cb527ae097961ffd1610c720481947f5"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/821a7e4143af115b840ec199eb179537e18af922"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/66d9111f3517f85ef2af0337ece02683ce0faf21"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"kernel/bpf/core.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "6058e4829696412457729a00734969acc6fd1d18",
"status": "affected",
"version": "74451e66d516c55e309e8d89a4a1e7596e46aacd",
"versionType": "git"
},
{
"lessThan": "cf353904a82873e952633fcac4385c2fcd3a46e1",
"status": "affected",
"version": "74451e66d516c55e309e8d89a4a1e7596e46aacd",
"versionType": "git"
},
{
"lessThan": "aa42a7cb92647786719fe9608685da345883878f",
"status": "affected",
"version": "74451e66d516c55e309e8d89a4a1e7596e46aacd",
"versionType": "git"
},
{
"lessThan": "327b92e8cb527ae097961ffd1610c720481947f5",
"status": "affected",
"version": "74451e66d516c55e309e8d89a4a1e7596e46aacd",
"versionType": "git"
},
{
"lessThan": "821a7e4143af115b840ec199eb179537e18af922",
"status": "affected",
"version": "74451e66d516c55e309e8d89a4a1e7596e46aacd",
"versionType": "git"
},
{
"lessThan": "66d9111f3517f85ef2af0337ece02683ce0faf21",
"status": "affected",
"version": "74451e66d516c55e309e8d89a4a1e7596e46aacd",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"kernel/bpf/core.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "4.11"
},
{
"lessThan": "4.11",
"status": "unaffected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.202",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.140",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.64",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.5.*",
"status": "unaffected",
"version": "6.5.13",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.3",
"versionType": "semver"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.7",
"versionType": "original_commit_for_fix"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.10.202",
"versionStartIncluding": "4.11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.15.140",
"versionStartIncluding": "4.11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.1.64",
"versionStartIncluding": "4.11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.5.13",
"versionStartIncluding": "4.11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.6.3",
"versionStartIncluding": "4.11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.7",
"versionStartIncluding": "4.11",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Detect IP == ksym.end as part of BPF program\n\nNow that bpf_throw kfunc is the first such call instruction that has\nnoreturn semantics within the verifier, this also kicks in dead code\nelimination in unprecedented ways. For one, any instruction following\na bpf_throw call will never be marked as seen. Moreover, if a callchain\nends up throwing, any instructions after the call instruction to the\neventually throwing subprog in callers will also never be marked as\nseen.\n\nThe tempting way to fix this would be to emit extra \u0027int3\u0027 instructions\nwhich bump the jited_len of a program, and ensure that during runtime\nwhen a program throws, we can discover its boundaries even if the call\ninstruction to bpf_throw (or to subprogs that always throw) is emitted\nas the final instruction in the program.\n\nAn example of such a program would be this:\n\ndo_something():\n\t...\n\tr0 = 0\n\texit\n\nfoo():\n\tr1 = 0\n\tcall bpf_throw\n\tr0 = 0\n\texit\n\nbar(cond):\n\tif r1 != 0 goto pc+2\n\tcall do_something\n\texit\n\tcall foo\n\tr0 = 0 // Never seen by verifier\n\texit\t//\n\nmain(ctx):\n\tr1 = ...\n\tcall bar\n\tr0 = 0\n\texit\n\nHere, if we do end up throwing, the stacktrace would be the following:\n\nbpf_throw\nfoo\nbar\nmain\n\nIn bar, the final instruction emitted will be the call to foo, as such,\nthe return address will be the subsequent instruction (which the JIT\nemits as int3 on x86). This will end up lying outside the jited_len of\nthe program, thus, when unwinding, we will fail to discover the return\naddress as belonging to any program and end up in a panic due to the\nunreliable stack unwinding of BPF programs that we never expect.\n\nTo remedy this case, make bpf_prog_ksym_find treat IP == ksym.end as\npart of the BPF program, so that is_bpf_text_address returns true when\nsuch a case occurs, and we are able to unwind reliably when the final\ninstruction ends up being a call instruction."
}
],
"providerMetadata": {
"dateUpdated": "2026-01-05T10:17:40.904Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/6058e4829696412457729a00734969acc6fd1d18"
},
{
"url": "https://git.kernel.org/stable/c/cf353904a82873e952633fcac4385c2fcd3a46e1"
},
{
"url": "https://git.kernel.org/stable/c/aa42a7cb92647786719fe9608685da345883878f"
},
{
"url": "https://git.kernel.org/stable/c/327b92e8cb527ae097961ffd1610c720481947f5"
},
{
"url": "https://git.kernel.org/stable/c/821a7e4143af115b840ec199eb179537e18af922"
},
{
"url": "https://git.kernel.org/stable/c/66d9111f3517f85ef2af0337ece02683ce0faf21"
}
],
"title": "bpf: Detect IP == ksym.end as part of BPF program",
"x_generator": {
"engine": "bippy-1.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2023-52828",
"datePublished": "2024-05-21T15:31:31.501Z",
"dateReserved": "2024-05-21T15:19:24.251Z",
"dateUpdated": "2026-01-05T10:17:40.904Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://git.kernel.org/stable/c/6058e4829696412457729a00734969acc6fd1d18\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://git.kernel.org/stable/c/cf353904a82873e952633fcac4385c2fcd3a46e1\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://git.kernel.org/stable/c/aa42a7cb92647786719fe9608685da345883878f\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://git.kernel.org/stable/c/327b92e8cb527ae097961ffd1610c720481947f5\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://git.kernel.org/stable/c/821a7e4143af115b840ec199eb179537e18af922\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://git.kernel.org/stable/c/66d9111f3517f85ef2af0337ece02683ce0faf21\", \"tags\": [\"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-02T23:11:35.966Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 6.6, \"attackVector\": \"LOCAL\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L\", \"integrityImpact\": \"LOW\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"LOW\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"HIGH\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2023-52828\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-05-29T17:18:00.561172Z\"}}}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"description\": \"CWE-noinfo Not enough information\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-05-29T17:18:06.504Z\"}}], \"cna\": {\"title\": \"bpf: Detect IP == ksym.end as part of BPF program\", \"affected\": [{\"repo\": \"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git\", \"vendor\": \"Linux\", \"product\": \"Linux\", \"versions\": [{\"status\": \"affected\", \"version\": \"74451e66d516c55e309e8d89a4a1e7596e46aacd\", \"lessThan\": \"6058e4829696412457729a00734969acc6fd1d18\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"74451e66d516c55e309e8d89a4a1e7596e46aacd\", \"lessThan\": \"cf353904a82873e952633fcac4385c2fcd3a46e1\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"74451e66d516c55e309e8d89a4a1e7596e46aacd\", \"lessThan\": \"aa42a7cb92647786719fe9608685da345883878f\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"74451e66d516c55e309e8d89a4a1e7596e46aacd\", \"lessThan\": \"327b92e8cb527ae097961ffd1610c720481947f5\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"74451e66d516c55e309e8d89a4a1e7596e46aacd\", \"lessThan\": \"821a7e4143af115b840ec199eb179537e18af922\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"74451e66d516c55e309e8d89a4a1e7596e46aacd\", \"lessThan\": \"66d9111f3517f85ef2af0337ece02683ce0faf21\", \"versionType\": \"git\"}], \"programFiles\": [\"kernel/bpf/core.c\"], \"defaultStatus\": \"unaffected\"}, {\"repo\": \"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git\", \"vendor\": \"Linux\", \"product\": \"Linux\", \"versions\": [{\"status\": \"affected\", \"version\": \"4.11\"}, {\"status\": \"unaffected\", \"version\": \"0\", \"lessThan\": \"4.11\", \"versionType\": \"semver\"}, {\"status\": \"unaffected\", \"version\": \"5.10.202\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"5.10.*\"}, {\"status\": \"unaffected\", \"version\": \"5.15.140\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"5.15.*\"}, {\"status\": \"unaffected\", \"version\": \"6.1.64\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"6.1.*\"}, {\"status\": \"unaffected\", \"version\": \"6.5.13\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"6.5.*\"}, {\"status\": \"unaffected\", \"version\": \"6.6.3\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"6.6.*\"}, {\"status\": \"unaffected\", \"version\": \"6.7\", \"versionType\": \"original_commit_for_fix\", \"lessThanOrEqual\": \"*\"}], \"programFiles\": [\"kernel/bpf/core.c\"], \"defaultStatus\": \"affected\"}], \"references\": [{\"url\": \"https://git.kernel.org/stable/c/6058e4829696412457729a00734969acc6fd1d18\"}, {\"url\": \"https://git.kernel.org/stable/c/cf353904a82873e952633fcac4385c2fcd3a46e1\"}, {\"url\": \"https://git.kernel.org/stable/c/aa42a7cb92647786719fe9608685da345883878f\"}, {\"url\": \"https://git.kernel.org/stable/c/327b92e8cb527ae097961ffd1610c720481947f5\"}, {\"url\": \"https://git.kernel.org/stable/c/821a7e4143af115b840ec199eb179537e18af922\"}, {\"url\": \"https://git.kernel.org/stable/c/66d9111f3517f85ef2af0337ece02683ce0faf21\"}], \"x_generator\": {\"engine\": \"bippy-1.2.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"In the Linux kernel, the following vulnerability has been resolved:\\n\\nbpf: Detect IP == ksym.end as part of BPF program\\n\\nNow that bpf_throw kfunc is the first such call instruction that has\\nnoreturn semantics within the verifier, this also kicks in dead code\\nelimination in unprecedented ways. For one, any instruction following\\na bpf_throw call will never be marked as seen. Moreover, if a callchain\\nends up throwing, any instructions after the call instruction to the\\neventually throwing subprog in callers will also never be marked as\\nseen.\\n\\nThe tempting way to fix this would be to emit extra \u0027int3\u0027 instructions\\nwhich bump the jited_len of a program, and ensure that during runtime\\nwhen a program throws, we can discover its boundaries even if the call\\ninstruction to bpf_throw (or to subprogs that always throw) is emitted\\nas the final instruction in the program.\\n\\nAn example of such a program would be this:\\n\\ndo_something():\\n\\t...\\n\\tr0 = 0\\n\\texit\\n\\nfoo():\\n\\tr1 = 0\\n\\tcall bpf_throw\\n\\tr0 = 0\\n\\texit\\n\\nbar(cond):\\n\\tif r1 != 0 goto pc+2\\n\\tcall do_something\\n\\texit\\n\\tcall foo\\n\\tr0 = 0 // Never seen by verifier\\n\\texit\\t//\\n\\nmain(ctx):\\n\\tr1 = ...\\n\\tcall bar\\n\\tr0 = 0\\n\\texit\\n\\nHere, if we do end up throwing, the stacktrace would be the following:\\n\\nbpf_throw\\nfoo\\nbar\\nmain\\n\\nIn bar, the final instruction emitted will be the call to foo, as such,\\nthe return address will be the subsequent instruction (which the JIT\\nemits as int3 on x86). This will end up lying outside the jited_len of\\nthe program, thus, when unwinding, we will fail to discover the return\\naddress as belonging to any program and end up in a panic due to the\\nunreliable stack unwinding of BPF programs that we never expect.\\n\\nTo remedy this case, make bpf_prog_ksym_find treat IP == ksym.end as\\npart of the BPF program, so that is_bpf_text_address returns true when\\nsuch a case occurs, and we are able to unwind reliably when the final\\ninstruction ends up being a call instruction.\"}], \"cpeApplicability\": [{\"nodes\": [{\"negate\": false, \"cpeMatch\": [{\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"5.10.202\", \"versionStartIncluding\": \"4.11\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"5.15.140\", \"versionStartIncluding\": \"4.11\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"6.1.64\", \"versionStartIncluding\": \"4.11\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"6.5.13\", \"versionStartIncluding\": \"4.11\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"6.6.3\", \"versionStartIncluding\": \"4.11\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"6.7\", \"versionStartIncluding\": \"4.11\"}], \"operator\": \"OR\"}]}], \"providerMetadata\": {\"orgId\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"shortName\": \"Linux\", \"dateUpdated\": \"2026-01-05T10:17:40.904Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2023-52828\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-01-05T10:17:40.904Z\", \"dateReserved\": \"2024-05-21T15:19:24.251Z\", \"assignerOrgId\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"datePublished\": \"2024-05-21T15:31:31.501Z\", \"assignerShortName\": \"Linux\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…