CVE-2022-47942 — Out-of-bounds Write in Kernel

CWE-787 — Out-of-bounds Write CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer6 documents6 sources

Severity

8.8HIGHNVD

EPSS

1.0%

top 22.82%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Linux Kernel Debian Linux Msrc Cbl2 Kernel 5.15.86.1-1 ON CBL Mariner 2.0

Timeline

PublishedDec 23

Description

An issue was discovered in ksmbd in the Linux kernel 5.15 through 5.19 before 5.19.2. There is a heap-based buffer overflow in set_ntacl_dacl, related to use of SMB2_QUERY_INFO_HE after a malformed SMB2_SET_INFO_HE command.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages4 packages

▶NVDlinux/linux_kernel5.15 — 5.15.62+2

▶Debianlinux/linux_kernel< 5.19.6-1+2

▶debiandebian/linux< linux 5.19.6-1 (bookworm)

▶msrcmsrc/cbl2_kernel_5.15.86.1-1_on_cbl_mariner_2.0

Patches

Patch: git.kernel.org ↗Patch: github.com ↗Patch: git.kernel.org ↗

🔴Vulnerability Details

GHSA

GHSA-g2h7-7gvv-x89v: An issue was discovered in ksmbd in the Linux kernel before 5↗2022-12-23

▶

OSV

CVE-2022-47942: An issue was discovered in ksmbd in the Linux kernel 5↗2022-12-23

▶

📋Vendor Advisories

Red Hat

kernel: improper validation user-supplied data could lead in heap buffer overflow which can result in RCE↗2022-12-22

▶

Microsoft

An issue was discovered in ksmbd in the Linux kernel 5.15 through 5.19 before 5.19.2. There is a heap-based buffer overflow in set_ntacl_dacl related to use of SMB2_QUERY_INFO_HE after a malformed SMB↗2022-12-13

▶

Debian

CVE-2022-47942: linux - An issue was discovered in ksmbd in the Linux kernel 5.15 through 5.19 before 5....↗2022

▶