Back to bug 2155947
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Michael Kaplan | 2022-12-23 02:02:25 UTC | Depends On | 2155953 | |
| Sandipan Roy | 2022-12-23 09:45:54 UTC | CC | saroy | |
| Sandipan Roy | 2022-12-23 09:50:02 UTC | Fixed In Version | kernel 5.15-rc1 | |
| Sandipan Roy | 2022-12-23 09:54:56 UTC | Fixed In Version | kernel 5.15-rc1 | kernel 6.0-rc1 |
| Sandipan Roy | 2022-12-23 10:09:04 UTC | Comment | 4 | updated |
| Sandipan Roy | 2022-12-23 10:11:20 UTC | Depends On | 2155995, 2155994, 2155996, 2155997 | |
| Sandipan Roy | 2022-12-23 10:24:42 UTC | Doc Text | A denial-of-service problem was observed while handling SMB2_TREE_CONNECT commands in CIFS Filesystem in the Linux Kernel. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this vulnerability to create a denial-of-service condition on the system. | |
| Mauro Matteo Cascella | 2022-12-23 11:11:06 UTC | CC | bdettelb | |
| Sandipan Roy | 2022-12-23 17:10:31 UTC | Alias | CVE-2022-47938 | |
| Summary | kernel: Improper input validation in handling of SMB2_TREE_CONNECT command can result in Out-Of-Bounds read which could result in DoS | CVE-2022-47938 kernel: Improper input validation in handling of SMB2_TREE_CONNECT command can result in Out-Of-Bounds read which could result in DoS | ||
| Sandipan Roy | 2022-12-23 17:13:40 UTC | Alias | ZDI-22-1689 | |
| Paige Jung | 2022-12-23 17:40:09 UTC | Doc Text | A denial-of-service problem was observed while handling SMB2_TREE_CONNECT commands in CIFS Filesystem in the Linux Kernel. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this vulnerability to create a denial-of-service condition on the system. | A denial-of-service flaw was found in the Linux Kernel while handling SMB2_TREE_CONNECT commands in CIFS Filesystem. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this vulnerability to create a denial-of-service condition in the system. |
| Patrick Chiang | 2022-12-30 05:18:10 UTC | CC | cchiang | |
| Red Hat Bugzilla | 2022-12-31 23:35:20 UTC | CC | fhrbata | |
| Red Hat Bugzilla | 2023-04-01 08:40:44 UTC | CC | dhoward | |
| Mauro Matteo Cascella | 2023-04-28 16:39:09 UTC | Alias | ZDI-CAN-17818 | |
| Mauro Matteo Cascella | 2023-04-28 19:24:25 UTC | Summary | CVE-2022-47938 kernel: Improper input validation in handling of SMB2_TREE_CONNECT command can result in Out-Of-Bounds read which could result in DoS | CVE-2022-47938 kernel: improper input validation in handling of SMB2_TREE_CONNECT command can result in out-of-bounds read which could result in DoS |
| Red Hat Bugzilla | 2023-07-07 08:28:17 UTC | Assignee | security-response-team | nobody |
Back to bug 2155947