Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2022-47938

Опубликовано: 22 дек. 2022
Источник: redhat
CVSS3: 6.5
EPSS Низкий

Описание

An issue was discovered in ksmbd in the Linux kernel 5.15 through 5.19 before 5.19.2. fs/ksmbd/smb2misc.c has an out-of-bounds read and OOPS for SMB2_TREE_CONNECT.

A denial-of-service flaw was found in the Linux Kernel while handling SMB2_TREE_CONNECT commands in CIFS Filesystem. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this vulnerability to create a denial-of-service condition in the system.

Отчет

See https://access.redhat.com/solutions/6991749 for more information.

Меры по смягчению последствий

Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 6kernelNot affected
Red Hat Enterprise Linux 7kernelOut of support scope
Red Hat Enterprise Linux 7kernel-rtOut of support scope
Red Hat Enterprise Linux 8kernelNot affected
Red Hat Enterprise Linux 8kernel-rtNot affected
Red Hat Enterprise Linux 9kernelNot affected
Red Hat Enterprise Linux 9kernel-rtNot affected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
Дефект:
CWE-125
https://bugzilla.redhat.com/show_bug.cgi?id=2155947kernel: improper input validation in handling of SMB2_TREE_CONNECT command can result in out-of-bounds read which could result in DoS

EPSS

Процентиль: 85%
0.02527
Низкий

6.5 Medium

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2022-47938

CVSS3: 6.5
ubuntu
около 3 лет назад

An issue was discovered in ksmbd in the Linux kernel 5.15 through 5.19 before 5.19.2. fs/ksmbd/smb2misc.c has an out-of-bounds read and OOPS for SMB2_TREE_CONNECT.

nvd логотип

CVE-2022-47938

CVSS3: 6.5
nvd
около 3 лет назад

An issue was discovered in ksmbd in the Linux kernel 5.15 through 5.19 before 5.19.2. fs/ksmbd/smb2misc.c has an out-of-bounds read and OOPS for SMB2_TREE_CONNECT.

msrc логотип

CVE-2022-47938

CVSS3: 6.5
msrc
около 3 лет назад

An issue was discovered in ksmbd in the Linux kernel 5.15 through 5.19 before 5.19.2. fs/ksmbd/smb2misc.c has an out-of-bounds read and OOPS for SMB2_TREE_CONNECT.

debian логотип

CVE-2022-47938

CVSS3: 6.5
debian
около 3 лет назад

An issue was discovered in ksmbd in the Linux kernel 5.15 through 5.19 ...

github логотип

GHSA-jcw4-9ccq-g3rh

CVSS3: 6.5
github
около 3 лет назад

An issue was discovered in ksmbd in the Linux kernel before 5.19.2. fs/ksmbd/smb2misc.c has an out-of-bounds read and OOPS for SMB2_TREE_CONNNECT.

EPSS

Процентиль: 85%
0.02527
Низкий

6.5 Medium

CVSS3