CVE-2022-47938

Technical details are not publicly provided in the supplied documents. CVE-2022-47938 concerns ksmbd in the Linux kernel 5.15–5.19 before 5.19.2, with an out-of-bounds read during SMB2_TREE_CONNECT; monitor for updates.

CVE-2022-47943

Summary: CVE-2022-47943 affects the ksmbd component of the Linux kernel (versions 5.15–5.19 before 5.19.2). The flaw is an out-of-bounds read that can trigger an OOPS when handling SMB2_WRITE with a large length in the zero DataOffset case. Impact (as stated): potential kernel crash/denial of ser...

CVE-2022-47938

An issue was discovered in ksmbd in the Linux kernel 5.15 through 5.19 before 5.19.2. fs/ksmbd/smb2misc.c has an out-of-bounds read and OOPS for SMB2TREECONNECT...

CVE-2022-47943

An issue was discovered in ksmbd in the Linux kernel 5.15 through 5.19 before 5.19.2. There is an out-of-bounds read and OOPS for SMB2WRITE, when there is a large length in the zero DataOffset case...

CVE-2022-47939

CVE-2022-47939 affects ksmbd in Linux kernel 5.15–5.19 (before 5.19.2). The issue is a use-after-free in fs/ksmbd/smb2pdu.c that can trigger an OOPS when handling SMB2_TREE_DISCONNECT. A fix was released with Linux kernel 5.19.2 (and later). Affected distributions referenced in Connected sources ...

CVE-2022-47939

An issue was discovered in ksmbd in the Linux kernel 5.15 through 5.19 before 5.19.2. fs/ksmbd/smb2pdu.c has a use-after-free and OOPS for SMB2TREEDISCONNECT...

Ubuntu 18.04 LTS : Linux kernel (Azure) vulnerabilities (USN-5774-1)

The remote Ubuntu 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5774-1 advisory. Jann Horn discovered that the Linux kernel did not properly track memory allocations for anonymous VMA mappings in some situations, leading to potential...

Denial Of Service (DoS)

Linux kernel’s KVM is vulnerable to denial of service. The vulnerability exists due to a NULL pointer dereference which allows an unprivileged local attacker on the host to issue specific ioctl calls, causing a kernel oops condition that results in a denial of service...

kernel: KVM: NULL pointer dereference in kvm_irq_delivery_to_apic_fast()

A flaw was found in the Linux kernel’s KVM when attempting to set a SynIC IRQ. This issue makes it possible for a misbehaving VMM to write to SYNIC/STIMER MSRs, causing a NULL pointer dereference. This flaw allows an unprivileged local attacker on the host to issue specific ioctl calls, causing a...

kernel: KVM: NULL pointer dereference in kvm_dirty_ring_push in virt/kvm/dirty_ring.c

A NULL pointer dereference issue was found in KVM when releasing a vCPU with dirty ring support enabled. This flaw allows an unprivileged local attacker on the host to issue specific ioctl calls, causing a kernel oops condition that results in a denial of service...

GSD-2022-1006612 s390/dasd: fix Oops in dasd_alias_get_start_dev due to missing pavgroup

s390/dasd: fix Oops in dasdaliasgetstartdev due to missing pavgroup This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.9.330 by commit...

GSD-2022-1006608 s390/dasd: fix Oops in dasd_alias_get_start_dev due to missing pavgroup

s390/dasd: fix Oops in dasdaliasgetstartdev due to missing pavgroup This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.14.295 by commit...

GSD-2022-1006597 s390/dasd: fix Oops in dasd_alias_get_start_dev due to missing pavgroup

s390/dasd: fix Oops in dasdaliasgetstartdev due to missing pavgroup This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.4.215 by commit...

GSD-2022-1006580 s390/dasd: fix Oops in dasd_alias_get_start_dev due to missing pavgroup

s390/dasd: fix Oops in dasdaliasgetstartdev due to missing pavgroup This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.146 by commit...

GSD-2022-1006551 s390/dasd: fix Oops in dasd_alias_get_start_dev due to missing pavgroup

s390/dasd: fix Oops in dasdaliasgetstartdev due to missing pavgroup This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.71 by commit...

GSD-2022-1006465 s390/dasd: fix Oops in dasd_alias_get_start_dev due to missing pavgroup

s390/dasd: fix Oops in dasdaliasgetstartdev due to missing pavgroup This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0 by commit...

PT-2022-34860 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions 2.6.25 through 4.19.259 Description: The issue is related to a potential security vulnerability in the Linux Kernel, specifically in the s390/dasd component. It is caused by an Oops in dasd alias get start dev due to a...

PT-2022-34766 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.19.12 Description: The issue is related to a potential security vulnerability in the Linux Kernel, specifically in the s390/dasd component. It is caused by a missing pavgroup, which can lead to an Oops in das...

GSD-2022-1006266 arm64: fix oops in concurrently setting insn_emulation sysctls

arm64: fix oops in concurrently setting insnemulation sysctls This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.14.291 by commit...

GSD-2022-1005903 arm64: fix oops in concurrently setting insn_emulation sysctls

arm64: fix oops in concurrently setting insnemulation sysctls This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.137 by commit...