ALT-PU-2022-2149-1
Package kernel-image-un-def updated to version 5.18.8-alt1 for branch sisyphus in task 302801.
Closed vulnerabilities
Published: 2022-12-23
BDU:2022-07480
Уязвимость функции smb2_write (fs/ksmbd/smb2pdu.c) модуля ksmbd ядра операционной системы Linux, позволяющая нарушителю раскрыть защищаемую информацию или вызвать отказ в обслуживании
Severity: HIGH (8.1)
Vector: AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
References:
Published: 2022-12-23
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2022-47940
An issue was discovered in ksmbd in the Linux kernel 5.15 through 5.18 before 5.18.18. fs/ksmbd/smb2pdu.c lacks length validation in the non-padding case in smb2_write.
Severity: HIGH (8.1)
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
References:
- http://www.openwall.com/lists/oss-security/2022/12/23/10
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.18.18
- https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=158a66b245739e15858de42c0ba60fcf3de9b8e6
- https://github.com/torvalds/linux/commit/158a66b245739e15858de42c0ba60fcf3de9b8e6
- http://www.openwall.com/lists/oss-security/2022/12/23/10
- https://github.com/torvalds/linux/commit/158a66b245739e15858de42c0ba60fcf3de9b8e6
- https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=158a66b245739e15858de42c0ba60fcf3de9b8e6
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.18.18