CVE-2023-52470 - OpenCVE

In the Linux kernel, the following vulnerability has been resolved: drm/radeon: check the alloc_workqueue return value in radeon_crtc_init() check the alloc_workqueue return value in radeon_crtc_init() to avoid null-ptr-deref.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable no

Technical Impact partial

Vendors	Products
Linux	Linux Kernel

Configuration 1 [-]

OR	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::

No data.

References

Link	Providers
https://git.kernel.org/stable/c/0b813a6a0087451cb702b6eb841f10856f49d088
https://git.kernel.org/stable/c/14bbfaa5df273b26cde6707f6e655585700e6fe1
https://git.kernel.org/stable/c/21b1645660717d6126dd4866c850fcc5c4703a41
https://git.kernel.org/stable/c/57ca7984806d79b38af528de88fd803babf27feb
https://git.kernel.org/stable/c/5d12c5d75f7c78b83a738025947651ec5c95b4d4
https://git.kernel.org/stable/c/7a2464fac80d42f6f8819fed97a553e9c2f43310
https://git.kernel.org/stable/c/c4ff55408187f2595066967047363ca84e76db85
https://git.kernel.org/stable/c/fb2d8bc9b5e55848b8a7c3c028e2ee8d49f28f97
https://lists.debian.org/debian-lts-announce/2024/06/msg00016.html
https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html
https://nvd.nist.gov/vuln/detail/CVE-2023-52470
https://www.cve.org/CVERecord?id=CVE-2023-52470

History

Wed, 11 Sep 2024 13:30:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2024-02-25T08:16:33.636Z

Updated: 2024-09-11T17:33:45.635Z

Reserved: 2024-02-20T12:30:33.297Z

Link: CVE-2023-52470

Vulnrichment

Updated: 2024-09-11T12:42:18.512Z

NVD

Status : Modified

Published: 2024-02-26T16:27:48.820

Modified: 2024-06-27T13:15:53.093

Link: CVE-2023-52470

Redhat

Severity : Low

Publid Date: 2024-02-26T00:00:00Z

Links: CVE-2023-52470 - Bugzilla

{"dataType": "CVE_RECORD", "cveMetadata": {"cveId": "CVE-2023-52470", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-02-20T12:30:33.297Z", "datePublished": "2024-02-25T08:16:33.636Z", "dateUpdated": "2024-09-11T17:33:45.635Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-05-28T19:50:01.946Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/radeon: check the alloc_workqueue return value in radeon_crtc_init()\n\ncheck the alloc_workqueue return value in radeon_crtc_init()\nto avoid null-ptr-deref."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/gpu/drm/radeon/radeon_display.c"], "versions": [{"version": "fa7f517cb26e", "lessThan": "21b164566071", "status": "affected", "versionType": "git"}, {"version": "fa7f517cb26e", "lessThan": "5d12c5d75f7c", "status": "affected", "versionType": "git"}, {"version": "fa7f517cb26e", "lessThan": "57ca7984806d", "status": "affected", "versionType": "git"}, {"version": "fa7f517cb26e", "lessThan": "14bbfaa5df27", "status": "affected", "versionType": "git"}, {"version": "fa7f517cb26e", "lessThan": "c4ff55408187", "status": "affected", "versionType": "git"}, {"version": "fa7f517cb26e", "lessThan": "0b813a6a0087", "status": "affected", "versionType": "git"}, {"version": "fa7f517cb26e", "lessThan": "fb2d8bc9b5e5", "status": "affected", "versionType": "git"}, {"version": "fa7f517cb26e", "lessThan": "7a2464fac80d", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/gpu/drm/radeon/radeon_display.c"], "versions": [{"version": "3.16", "status": "affected"}, {"version": "0", "lessThan": "3.16", "status": "unaffected", "versionType": "custom"}, {"version": "4.19.306", "lessThanOrEqual": "4.19.*", "status": "unaffected", "versionType": "custom"}, {"version": "5.4.268", "lessThanOrEqual": "5.4.*", "status": "unaffected", "versionType": "custom"}, {"version": "5.10.209", "lessThanOrEqual": "5.10.*", "status": "unaffected", "versionType": "custom"}, {"version": "5.15.148", "lessThanOrEqual": "5.15.*", "status": "unaffected", "versionType": "custom"}, {"version": "6.1.75", "lessThanOrEqual": "6.1.*", "status": "unaffected", "versionType": "custom"}, {"version": "6.6.14", "lessThanOrEqual": "6.6.*", "status": "unaffected", "versionType": "custom"}, {"version": "6.7.2", "lessThanOrEqual": "6.7.*", "status": "unaffected", "versionType": "custom"}, {"version": "6.8", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "references": [{"url": "https://git.kernel.org/stable/c/21b1645660717d6126dd4866c850fcc5c4703a41"}, {"url": "https://git.kernel.org/stable/c/5d12c5d75f7c78b83a738025947651ec5c95b4d4"}, {"url": "https://git.kernel.org/stable/c/57ca7984806d79b38af528de88fd803babf27feb"}, {"url": "https://git.kernel.org/stable/c/14bbfaa5df273b26cde6707f6e655585700e6fe1"}, {"url": "https://git.kernel.org/stable/c/c4ff55408187f2595066967047363ca84e76db85"}, {"url": "https://git.kernel.org/stable/c/0b813a6a0087451cb702b6eb841f10856f49d088"}, {"url": "https://git.kernel.org/stable/c/fb2d8bc9b5e55848b8a7c3c028e2ee8d49f28f97"}, {"url": "https://git.kernel.org/stable/c/7a2464fac80d42f6f8819fed97a553e9c2f43310"}, {"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00016.html"}, {"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html"}], "title": "drm/radeon: check the alloc_workqueue return value in radeon_crtc_init()", "x_generator": {"engine": "bippy-a5840b7849dd"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T23:03:19.642Z"}, "title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/21b1645660717d6126dd4866c850fcc5c4703a41", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/5d12c5d75f7c78b83a738025947651ec5c95b4d4", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/57ca7984806d79b38af528de88fd803babf27feb", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/14bbfaa5df273b26cde6707f6e655585700e6fe1", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/c4ff55408187f2595066967047363ca84e76db85", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/0b813a6a0087451cb702b6eb841f10856f49d088", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/fb2d8bc9b5e55848b8a7c3c028e2ee8d49f28f97", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/7a2464fac80d42f6f8819fed97a553e9c2f43310", "tags": ["x_transferred"]}, {"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00016.html", "tags": ["x_transferred"]}, {"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html", "tags": ["x_transferred"]}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-52470", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-09-10T16:02:26.709108Z"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-11T17:33:45.635Z"}}]}, "dataVersion": "5.1"}

{"dataType": "CVE_RECORD", "cveMetadata": {"cveId": "CVE-2023-52470", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-02-20T12:30:33.297Z", "datePublished": "2024-02-25T08:16:33.636Z", "dateUpdated": "2024-08-02T23:03:19.642Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-05-28T19:50:01.946Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/radeon: check the alloc_workqueue return value in radeon_crtc_init()\n\ncheck the alloc_workqueue return value in radeon_crtc_init()\nto avoid null-ptr-deref."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/gpu/drm/radeon/radeon_display.c"], "versions": [{"version": "fa7f517cb26e", "lessThan": "21b164566071", "status": "affected", "versionType": "git"}, {"version": "fa7f517cb26e", "lessThan": "5d12c5d75f7c", "status": "affected", "versionType": "git"}, {"version": "fa7f517cb26e", "lessThan": "57ca7984806d", "status": "affected", "versionType": "git"}, {"version": "fa7f517cb26e", "lessThan": "14bbfaa5df27", "status": "affected", "versionType": "git"}, {"version": "fa7f517cb26e", "lessThan": "c4ff55408187", "status": "affected", "versionType": "git"}, {"version": "fa7f517cb26e", "lessThan": "0b813a6a0087", "status": "affected", "versionType": "git"}, {"version": "fa7f517cb26e", "lessThan": "fb2d8bc9b5e5", "status": "affected", "versionType": "git"}, {"version": "fa7f517cb26e", "lessThan": "7a2464fac80d", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/gpu/drm/radeon/radeon_display.c"], "versions": [{"version": "3.16", "status": "affected"}, {"version": "0", "lessThan": "3.16", "status": "unaffected", "versionType": "custom"}, {"version": "4.19.306", "lessThanOrEqual": "4.19.*", "status": "unaffected", "versionType": "custom"}, {"version": "5.4.268", "lessThanOrEqual": "5.4.*", "status": "unaffected", "versionType": "custom"}, {"version": "5.10.209", "lessThanOrEqual": "5.10.*", "status": "unaffected", "versionType": "custom"}, {"version": "5.15.148", "lessThanOrEqual": "5.15.*", "status": "unaffected", "versionType": "custom"}, {"version": "6.1.75", "lessThanOrEqual": "6.1.*", "status": "unaffected", "versionType": "custom"}, {"version": "6.6.14", "lessThanOrEqual": "6.6.*", "status": "unaffected", "versionType": "custom"}, {"version": "6.7.2", "lessThanOrEqual": "6.7.*", "status": "unaffected", "versionType": "custom"}, {"version": "6.8", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "references": [{"url": "https://git.kernel.org/stable/c/21b1645660717d6126dd4866c850fcc5c4703a41"}, {"url": "https://git.kernel.org/stable/c/5d12c5d75f7c78b83a738025947651ec5c95b4d4"}, {"url": "https://git.kernel.org/stable/c/57ca7984806d79b38af528de88fd803babf27feb"}, {"url": "https://git.kernel.org/stable/c/14bbfaa5df273b26cde6707f6e655585700e6fe1"}, {"url": "https://git.kernel.org/stable/c/c4ff55408187f2595066967047363ca84e76db85"}, {"url": "https://git.kernel.org/stable/c/0b813a6a0087451cb702b6eb841f10856f49d088"}, {"url": "https://git.kernel.org/stable/c/fb2d8bc9b5e55848b8a7c3c028e2ee8d49f28f97"}, {"url": "https://git.kernel.org/stable/c/7a2464fac80d42f6f8819fed97a553e9c2f43310"}, {"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00016.html"}, {"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html"}], "title": "drm/radeon: check the alloc_workqueue return value in radeon_crtc_init()", "x_generator": {"engine": "bippy-a5840b7849dd"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-52470", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-09-10T16:02:26.709108Z"}}}], "providerMetadata": {"shortName": "CISA-ADP", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "dateUpdated": "2024-09-11T12:42:18.512Z"}, "title": "CISA ADP Vulnrichment"}]}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "4CCC29CC-47BF-4450-B416-B4D8D169DF0F", "versionEndExcluding": "4.19.306", "versionStartIncluding": "3.16.0", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "35ADF607-EDCA-45AB-8FB6-9F2D40D47C0C", "versionEndExcluding": "5.4.268", "versionStartIncluding": "4.20.0", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "5D2E4F24-2FBB-4434-8598-2B1499E566B5", "versionEndExcluding": "5.10.209", "versionStartIncluding": "5.5.0", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "E25E1389-4B0F-407A-9C94-5908FF3EE88B", "versionEndExcluding": "5.15.148", "versionStartIncluding": "5.11.0", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "2C4951FA-80C0-4B4C-9836-6E5035DEB0F9", "versionEndExcluding": "6.1.75", "versionStartIncluding": "5.16.0", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "BDBBEB0E-D13A-4567-8984-51C5375350B9", "versionEndExcluding": "6.6.14", "versionStartIncluding": "6.2.0", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "0EA3778C-730B-464C-8023-18CA6AC0B807", "versionEndExcluding": "6.7.2", "versionStartIncluding": "6.7.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/radeon: check the alloc_workqueue return value in radeon_crtc_init()\n\ncheck the alloc_workqueue return value in radeon_crtc_init()\nto avoid null-ptr-deref."}, {"lang": "es", "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm/radeon: verifique el valor de retorno de alloc_workqueue en radeon_crtc_init() verifique el valor de retorno de alloc_workqueue en radeon_crtc_init() para evitar null-ptr-deref."}], "id": "CVE-2023-52470", "lastModified": "2024-06-27T13:15:53.093", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2024-02-26T16:27:48.820", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/0b813a6a0087451cb702b6eb841f10856f49d088"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/14bbfaa5df273b26cde6707f6e655585700e6fe1"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/21b1645660717d6126dd4866c850fcc5c4703a41"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/57ca7984806d79b38af528de88fd803babf27feb"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/5d12c5d75f7c78b83a738025947651ec5c95b4d4"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/7a2464fac80d42f6f8819fed97a553e9c2f43310"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/c4ff55408187f2595066967047363ca84e76db85"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/fb2d8bc9b5e55848b8a7c3c028e2ee8d49f28f97"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00016.html"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-476"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "kernel: null-ptr-deref in alloc_workqueue", "id": "2266358", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2266358"}, "csaw": false, "cvss3": {"cvss3_base_score": "4.4", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", "status": "draft"}, "cwe": "CWE-476", "details": ["In the Linux kernel, the following vulnerability has been resolved:\ndrm/radeon: check the alloc_workqueue return value in radeon_crtc_init()\ncheck the alloc_workqueue return value in radeon_crtc_init()\nto avoid null-ptr-deref.", "A NULL pointer dereference flaw was found in alloc_workqueue in the Linux Kernel. Check the alloc_workqueue return value in radeon_crtc_init() to avoid null-ptr-deref."], "name": "CVE-2023-52470", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Under investigation", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Under investigation", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Under investigation", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2024-02-26T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2023-52470\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-52470\nhttps://git.kernel.org/stable/c/0b813a6a0087451cb702b6eb841f10856f49d088\nhttps://git.kernel.org/stable/c/14bbfaa5df273b26cde6707f6e655585700e6fe1\nhttps://git.kernel.org/stable/c/21b1645660717d6126dd4866c850fcc5c4703a41\nhttps://git.kernel.org/stable/c/57ca7984806d79b38af528de88fd803babf27feb\nhttps://git.kernel.org/stable/c/5d12c5d75f7c78b83a738025947651ec5c95b4d4\nhttps://git.kernel.org/stable/c/7a2464fac80d42f6f8819fed97a553e9c2f43310\nhttps://git.kernel.org/stable/c/c4ff55408187f2595066967047363ca84e76db85\nhttps://git.kernel.org/stable/c/fb2d8bc9b5e55848b8a7c3c028e2ee8d49f28f97"], "threat_severity": "Low"}