{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-46303", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2026-05-13T15:03:33.111Z", "datePublished": "2026-06-08T15:46:30.642Z", "dateUpdated": "2026-06-14T18:07:47.782Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2026-06-14T18:07:47.782Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nisofs: validate Rock Ridge CE continuation extent against volume size\n\nrock_continue() reads rs->cont_extent verbatim from the Rock Ridge CE\nrecord and passes it to sb_bread() without checking that the block\nnumber is within the mounted ISO 9660 volume. commit e595447e177b\n(\"[PATCH] rock.c: handle corrupted directories\") added cont_offset\nand cont_size rejection for the CE continuation but did not validate\nthe extent block number itself. commit f54e18f1b831 (\"isofs: Fix\ninfinite looping over CE entries\") later capped the CE chain length\nat RR_MAX_CE_ENTRIES = 32 but again left the block number unchecked.\n\nWith a crafted ISO mounted via udisks2 (desktop optical auto-mount)\nor via CAP_SYS_ADMIN mount, rs->cont_extent can therefore point at\nan out-of-range block or at blocks belonging to an adjacent\nfilesystem on the same block device. sb_bread() on an out-of-range\nblock returns NULL cleanly via the block layer EIO path, so there\nis no memory-safety violation. For in-range reads of adjacent-\nfilesystem data, the CE buffer is parsed as Rock Ridge records and\nonly the text of SL sub-records reaches userspace through\nreadlink(), which makes the info-leak channel narrow and difficult\nto exploit; still, rejecting the malformed CE outright matches the\nrejection shape already present in the same function for\ncont_offset and cont_size.\n\nAdd an ISOFS_SB(sb)->s_nzones bounds check to rock_continue() next\nto the existing offset/size rejection, printing the same\ncorrupted-directory-entry notice."}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N", "baseScore": 8.2, "baseSeverity": "HIGH"}}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["fs/isofs/rock.c"], "versions": [{"version": "f54e18f1b831c92f6512d2eedb224cd63d607d3d", "lessThan": "8356fb821016797f5677cbeee5ddc0d32a95b4be", "status": "affected", "versionType": "git"}, {"version": "f54e18f1b831c92f6512d2eedb224cd63d607d3d", "lessThan": "d582e12378bc1637f337622feef762f53c43fd57", "status": "affected", "versionType": "git"}, {"version": "f54e18f1b831c92f6512d2eedb224cd63d607d3d", "lessThan": "bf1bc673c587f5ef7e9c09b94aea7c5a7847d4d9", "status": "affected", "versionType": "git"}, {"version": "f54e18f1b831c92f6512d2eedb224cd63d607d3d", "lessThan": "c9b37c8b73f6368e4750e5ccb0632c380b43c6e5", "status": "affected", "versionType": "git"}, {"version": "f54e18f1b831c92f6512d2eedb224cd63d607d3d", "lessThan": "22b36fa081f38ab397c7697f9d539211b51a0cfc", "status": "affected", "versionType": "git"}, {"version": "f54e18f1b831c92f6512d2eedb224cd63d607d3d", "lessThan": "e69da8eeab74b4f4505024c38a17bce060fe7df8", "status": "affected", "versionType": "git"}, {"version": "f54e18f1b831c92f6512d2eedb224cd63d607d3d", "lessThan": "ef048470c90bc8c1b8318bb2ce329da9ef64b9fe", "status": "affected", "versionType": "git"}, {"version": "f54e18f1b831c92f6512d2eedb224cd63d607d3d", "lessThan": "a36d990f591320e9dd379ab30063ebfe91d47e1f", "status": "affected", "versionType": "git"}, {"version": "08313e26e06d4aa9ce1cbba1a8e359e9cab9ad56", "status": "affected", "versionType": "git"}, {"version": "212c4d33ca83e2144064fe9c2911607fbed5386f", "status": "affected", "versionType": "git"}, {"version": "96e44adce250199ec9b2b928be66365779ff1b59", "status": "affected", "versionType": "git"}, {"version": "1fe5620fcd6c2f0a4a927ee10c8e53196da392f3", "status": "affected", "versionType": "git"}, {"version": "fbce0d7dc8965c9fb8d411862040239d4a768c71", "status": "affected", "versionType": "git"}, {"version": "8190393a88f2b0321263a54f2a9eb5a2aa43be7e", "status": "affected", "versionType": "git"}, {"version": "486aa789eadcf44ed87f972b209299c516454693", "status": "affected", "versionType": "git"}, {"version": "b6d20edb6e7cedb4eedb9e0193d20dd488ebae84", "status": "affected", "versionType": "git"}, {"version": "2.6.32.66", "lessThan": "2.6.33", "status": "affected", "versionType": "semver"}, {"version": "3.2.67", "lessThan": "3.3", "status": "affected", "versionType": "semver"}, {"version": "3.4.107", "lessThan": "3.5", "status": "affected", "versionType": "semver"}, {"version": "3.10.64", "lessThan": "3.11", "status": "affected", "versionType": "semver"}, {"version": "3.12.36", "lessThan": "3.13", "status": "affected", "versionType": "semver"}, {"version": "3.14.28", "lessThan": "3.15", "status": "affected", "versionType": "semver"}, {"version": "3.17.8", "lessThan": "3.18", "status": "affected", "versionType": "semver"}, {"version": "3.18.2", "lessThan": "3.19", "status": "affected", "versionType": "semver"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["fs/isofs/rock.c"], "versions": [{"version": "3.19", "status": "affected"}, {"version": "0", "lessThan": "3.19", "status": "unaffected", "versionType": "semver"}, {"version": "5.10.258", "lessThanOrEqual": "5.10.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.15.209", "lessThanOrEqual": "5.15.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.1.175", "lessThanOrEqual": "6.1.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.6.140", "lessThanOrEqual": "6.6.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.12.88", "lessThanOrEqual": "6.12.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.18.30", "lessThanOrEqual": "6.18.*", "status": "unaffected", "versionType": "semver"}, {"version": "7.0.7", "lessThanOrEqual": "7.0.*", "status": "unaffected", "versionType": "semver"}, {"version": "7.1", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "3.19", "versionEndExcluding": "5.10.258"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "3.19", "versionEndExcluding": "5.15.209"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "3.19", "versionEndExcluding": "6.1.175"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "3.19", "versionEndExcluding": "6.6.140"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "3.19", "versionEndExcluding": "6.12.88"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "3.19", "versionEndExcluding": "6.18.30"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "3.19", "versionEndExcluding": "7.0.7"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "3.19", "versionEndExcluding": "7.1"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "2.6.32.66"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "3.2.67"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "3.4.107"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "3.10.64"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "3.12.36"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "3.14.28"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "3.17.8"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "3.18.2"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/8356fb821016797f5677cbeee5ddc0d32a95b4be"}, {"url": "https://git.kernel.org/stable/c/d582e12378bc1637f337622feef762f53c43fd57"}, {"url": "https://git.kernel.org/stable/c/bf1bc673c587f5ef7e9c09b94aea7c5a7847d4d9"}, {"url": "https://git.kernel.org/stable/c/c9b37c8b73f6368e4750e5ccb0632c380b43c6e5"}, {"url": "https://git.kernel.org/stable/c/22b36fa081f38ab397c7697f9d539211b51a0cfc"}, {"url": "https://git.kernel.org/stable/c/e69da8eeab74b4f4505024c38a17bce060fe7df8"}, {"url": "https://git.kernel.org/stable/c/ef048470c90bc8c1b8318bb2ce329da9ef64b9fe"}, {"url": "https://git.kernel.org/stable/c/a36d990f591320e9dd379ab30063ebfe91d47e1f"}], "title": "isofs: validate Rock Ridge CE continuation extent against volume size", "x_generator": {"engine": "bippy-1.2.0"}}}}

{}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nisofs: validate Rock Ridge CE continuation extent against volume size\n\nrock_continue() reads rs->cont_extent verbatim from the Rock Ridge CE\nrecord and passes it to sb_bread() without checking that the block\nnumber is within the mounted ISO 9660 volume. commit e595447e177b\n(\"[PATCH] rock.c: handle corrupted directories\") added cont_offset\nand cont_size rejection for the CE continuation but did not validate\nthe extent block number itself. commit f54e18f1b831 (\"isofs: Fix\ninfinite looping over CE entries\") later capped the CE chain length\nat RR_MAX_CE_ENTRIES = 32 but again left the block number unchecked.\n\nWith a crafted ISO mounted via udisks2 (desktop optical auto-mount)\nor via CAP_SYS_ADMIN mount, rs->cont_extent can therefore point at\nan out-of-range block or at blocks belonging to an adjacent\nfilesystem on the same block device. sb_bread() on an out-of-range\nblock returns NULL cleanly via the block layer EIO path, so there\nis no memory-safety violation. For in-range reads of adjacent-\nfilesystem data, the CE buffer is parsed as Rock Ridge records and\nonly the text of SL sub-records reaches userspace through\nreadlink(), which makes the info-leak channel narrow and difficult\nto exploit; still, rejecting the malformed CE outright matches the\nrejection shape already present in the same function for\ncont_offset and cont_size.\n\nAdd an ISOFS_SB(sb)->s_nzones bounds check to rock_continue() next\nto the existing offset/size rejection, printing the same\ncorrupted-directory-entry notice."}], "id": "CVE-2026-46303", "lastModified": "2026-06-14T06:16:23.533", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 8.2, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 4.2, "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "type": "Secondary"}]}, "published": "2026-06-08T17:16:48.853", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/22b36fa081f38ab397c7697f9d539211b51a0cfc"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/8356fb821016797f5677cbeee5ddc0d32a95b4be"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/a36d990f591320e9dd379ab30063ebfe91d47e1f"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/bf1bc673c587f5ef7e9c09b94aea7c5a7847d4d9"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/c9b37c8b73f6368e4750e5ccb0632c380b43c6e5"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/d582e12378bc1637f337622feef762f53c43fd57"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/e69da8eeab74b4f4505024c38a17bce060fe7df8"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/ef048470c90bc8c1b8318bb2ce329da9ef64b9fe"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Received"}

{"bugzilla": {"description": "kernel: isofs: validate Rock Ridge CE continuation extent against volume size", "id": "2486471", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2486471"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.5", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "status": "draft"}, "cwe": "CWE-125", "details": ["In the Linux kernel, the following vulnerability has been resolved:\nisofs: validate Rock Ridge CE continuation extent against volume size\nrock_continue() reads rs->cont_extent verbatim from the Rock Ridge CE\nrecord and passes it to sb_bread() without checking that the block\nnumber is within the mounted ISO 9660 volume. commit e595447e177b\n(\"[PATCH] rock.c: handle corrupted directories\") added cont_offset\nand cont_size rejection for the CE continuation but did not validate\nthe extent block number itself. commit f54e18f1b831 (\"isofs: Fix\ninfinite looping over CE entries\") later capped the CE chain length\nat RR_MAX_CE_ENTRIES = 32 but again left the block number unchecked.\nWith a crafted ISO mounted via udisks2 (desktop optical auto-mount)\nor via CAP_SYS_ADMIN mount, rs->cont_extent can therefore point at\nan out-of-range block or at blocks belonging to an adjacent\nfilesystem on the same block device. sb_bread() on an out-of-range\nblock returns NULL cleanly via the block layer EIO path, so there\nis no memory-safety violation. For in-range reads of adjacent-\nfilesystem data, the CE buffer is parsed as Rock Ridge records and\nonly the text of SL sub-records reaches userspace through\nreadlink(), which makes the info-leak channel narrow and difficult\nto exploit; still, rejecting the malformed CE outright matches the\nrejection shape already present in the same function for\ncont_offset and cont_size.\nAdd an ISOFS_SB(sb)->s_nzones bounds check to rock_continue() next\nto the existing offset/size rejection, printing the same\ncorrupted-directory-entry notice.", "A flaw was found in the Linux kernel's isofs filesystem. This vulnerability allows a local attacker, by mounting a specially crafted ISO image, to read data beyond the boundaries of the intended ISO 9660 volume. This out-of-bounds read could lead to information disclosure, potentially exposing sensitive data from adjacent filesystems on the same block device."], "mitigation": {"lang": "en:us", "value": "To reduce exposure, restrict the ability of untrusted users to mount ISO images. If the `isofs` kernel module is not essential for system operation, it can be prevented from loading.\nTo blacklist the `isofs` module:\n1. Create or edit `/etc/modprobe.d/blacklist-isofs.conf` and add:\n```\nblacklist isofs\ninstall isofs /bin/true\n```\n2. Regenerate the initramfs to apply the change:\n```bash\ndracut -f -v\n```\n3. A system reboot is required for this change to take full effect. This action may affect functionality requiring ISO 9660 filesystem mounts."}, "name": "CVE-2026-46303", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2026-06-08T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2026-46303\nhttps://nvd.nist.gov/vuln/detail/CVE-2026-46303\nhttps://lore.kernel.org/linux-cve-announce/2026060859-CVE-2026-46303-d951@gregkh/T"], "statement": "This Moderate flaw in the Linux kernel's isofs filesystem allows a local attacker to disclose information. Exploitation requires local access and the ability to mount a specially crafted ISO image, which could occur via `CAP_SYS_ADMIN` or through desktop auto-mount features like `udisks2`. This could expose sensitive data from adjacent filesystems on the same block device.", "threat_severity": "Moderate"}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "[f54e18f1b831c92f6512d2eedb224cd63d607d3d,8356fb821016797f5677cbeee5ddc0d32a95b4be)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "[f54e18f1b831c92f6512d2eedb224cd63d607d3d,d582e12378bc1637f3377cbeee5ddc0d32a95b4be)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "[f54e18f1b831c92f6512d2eedb224cd63d607d3d,bf1bc673c587f5ef7e9c09b94aea7c5a7847d9)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "[f54e18f1b831c92f6512d2eedb224cd63d607d3d,c9b37c8b73f6368e4750e5ccb0632c380b43c6e5)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "[f54e18f1b831c92f6512d2eedb224cd63d607d3d,22b36fa081f38ab397c7697f9d539211b51a0cfc)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "[f54e18f1b831c92f6512d2eedb224cd63d607d3d,e69da8eeab74b4f4505024c38a17bce060fe7df8)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "[f54e18f1b831c92f6512d2eedb224cd63d607d3d,ef048470c90bc8c1b8318bb2ce329da9ef64b9fe)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "[f54e18f1b831c92f6512d2eedb224cd63d607d3d,a36d990f591320e9dd379ab30063ebfe91d47e1f)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "08313e26e06d4aa9ce1cbba1a8e359e9cab9ad56"}}, {"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "212c4d33ca83e2144064fe9c2911607fbed5386f"}}, {"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "96e44adce250199ec9b2b928be66365779ff1b59"}}, {"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "1fe5620fcd6c2f0a4a927ee10c8e53196da392f3"}}, {"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "fbce0d7dc8965c9fb8d411862040239d4a768c71"}}, {"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "8190393a88f2b0321263a54f2a9eb5a2aa43be7e"}}, {"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "486aa789eadcf44ed87f972b209299c516454693"}}, {"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "b6d20edb6e7cedb4eedb9e0193d20dd488ebae84"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[2.6.32.66,2.6.33)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[3.2.67,3.3.0)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[3.4.107,3.5.0)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[3.10.64,3.11.0)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[3.12.36,3.13.0)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[3.14.28,3.15.0)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[3.17.8,3.18.0)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[3.18.2,3.19.0)"}}], "enrichment": {"confidence": 99.0, "confidence_source": "inferred", "scores": [{"score": 99.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "original": {"product": "Linux", "source": "cna", "vendor": "Linux"}, "product": "linux_kernel", "vendor": "linux"}, {"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "3.19"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "semver", "value": "[0,3.19.0)"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "semver", "value": "[5.10.258,5.11.0)"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "semver", "value": "[5.15.209,5.16.0)"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "semver", "value": "[6.1.175,6.2.0)"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "semver", "value": "[6.6.140,6.7.0)"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "semver", "value": "[6.12.88,6.13.0)"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "semver", "value": "[6.18.30,6.19.0)"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "semver", "value": "[7.0.7,7.1.0)"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "semver", "value": "[7.1-rc2,*]"}}], "enrichment": {"confidence": 99.0, "confidence_source": "inferred", "scores": [{"score": 99.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "original": {"product": "Linux", "source": "cna", "vendor": "Linux"}, "product": "linux_kernel", "vendor": "linux"}], "created": "2026-06-08T19:15:30.974835+00:00", "updated": "2026-06-24T11:45:02.865640+00:00", "vendors": ["linux", "linux$PRODUCT$linux_kernel"]}