22 matches found
EUVD-2026-26517
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix OOB read in smb2ioctlqueryinfo QUERYINFO path smb2ioctlqueryinfo has two response-copy branches: PASSTHRUFSCTL and the default QUERYINFO path. The QUERYINFO branch clamps qi.inputbufferlength to the server-report...
EUVD-2022-54955
Malicious code in bioql PyPI...
SUSE CVE-2022-49271
In the Linux kernel, the following vulnerability has been resolved: cifs: prevent bad output lengths in smb2ioctlqueryinfo When calling smb2ioctlqueryinfo with smbqueryinfo::flags=PASSTHRUFSCTL and smbqueryinfo::outputbufferlength=0, the following would return 0x10 buffer = memdupuserarg +...
CVE-2022-49271
In the Linux kernel, the following vulnerability has been resolved: cifs: prevent bad output lengths in smb2ioctlqueryinfo When calling smb2ioctlqueryinfo with smbqueryinfo::flags=PASSTHRUFSCTL and smbqueryinfo::outputbufferlength=0, the following would return 0x10 buffer = memdupuserarg +...
CVE-2022-49271
In the Linux kernel, the following vulnerability has been resolved: cifs: prevent bad output lengths in smb2ioctlqueryinfo When calling smb2ioctlqueryinfo with smbqueryinfo::flags=PASSTHRUFSCTL and smbqueryinfo::outputbufferlength=0, the following would return 0x10 buffer = memdupuserarg +...
CVE-2022-49271 cifs: prevent bad output lengths in smb2_ioctl_query_info()
In the Linux kernel, the following vulnerability has been resolved: cifs: prevent bad output lengths in smb2ioctlqueryinfo When calling smb2ioctlqueryinfo with smbqueryinfo::flags=PASSTHRUFSCTL and smbqueryinfo::outputbufferlength=0, the following would return 0x10 buffer = memdupuserarg +...
CVE-2022-49271 cifs: prevent bad output lengths in smb2_ioctl_query_info()
In the Linux kernel, the following vulnerability has been resolved: cifs: prevent bad output lengths in smb2ioctlqueryinfo When calling smb2ioctlqueryinfo with smbqueryinfo::flags=PASSTHRUFSCTL and smbqueryinfo::outputbufferlength=0, the following would return 0x10 buffer = memdupuserarg +...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an output length error in smb2ioctlqueryinfo that results in a null pointer dereference...
Oracle Linux 9 : kernel (ELSA-2022-8267)
The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-8267 advisory. - posix-cpu-timers: Cleanup CPU timers before freeing them during exec Wander Lairson Costa 2116968 CVE-2022-2585 - fix race between exititimers and...
RHEL 9 : kernel (RHSA-2022:8267)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:8267 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: off-path attacker may inject data or...
kernel: smb2_ioctl_query_info NULL pointer dereference
A denial of service DOS issue was found in the Linux kernel’s smb2ioctlqueryinfo function in the fs/cifs/smb2ops.c Common Internet File System CIFS due to an incorrect return from the memdupuser function. This flaw allows a local, privileged CAPSYSADMIN attacker to crash the system...
CVE-2022-0168
A denial of service DOS issue was found in the Linux kernel’s smb2ioctlqueryinfo function in the fs/cifs/smb2ops.c Common Internet File System CIFS due to an incorrect return from the memdupuser function. This flaw allows a local, privileged CAPSYSADMIN attacker to crash the system...
CVE-2022-0168
A denial of service DOS issue was found in the Linux kernel’s smb2ioctlqueryinfo function in the fs/cifs/smb2ops.c Common Internet File System CIFS due to an incorrect return from the memdupuser function. This flaw allows a local, privileged CAPSYSADMIN attacker to crash the system...
CVE-2022-0168
A denial of service DOS issue was found in the Linux kernel’s smb2ioctlqueryinfo function in the fs/cifs/smb2ops.c Common Internet File System CIFS due to an incorrect return from the memdupuser function. This flaw allows a local, privileged CAPSYSADMIN attacker to crash the system...
CVE-2022-0168
A denial of service DOS issue was found in the Linux kernel’s smb2ioctlqueryinfo function in the fs/cifs/smb2ops.c Common Internet File System CIFS due to an incorrect return from the memdupuser function. This flaw allows a local, privileged CAPSYSADMIN attacker to crash the system...
SUSE-SU-2022:2177-1 Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP3 kernel was updated. The following security bugs were fixed: - CVE-2022-1972: Fixed a buffer overflow in nftable that could lead to privilege escalation. bsc1200019 - CVE-2019-19377: Fixed an user-after-free that could be triggered when an attacker mounts a crafted...
SUSE: Security Advisory (SUSE-SU-2022:2078-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
GSD-2022-1001610 cifs: prevent bad output lengths in smb2_ioctl_query_info()
cifs: prevent bad output lengths in smb2ioctlqueryinfo This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.16.19 by commit...
GSD-2022-1001302 cifs: prevent bad output lengths in smb2_ioctl_query_info()
cifs: prevent bad output lengths in smb2ioctlqueryinfo This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.17.2 by commit...
The vulnerability of the smb2_ioctl_query_info() function in Linux operating systems allows a hacker to cause a service failure.
The vulnerability of the smb2ioctlqueryinfo function fs/cifs/smb2ops.c in Linux operating systems is related to pointer arithmetic errors. Exploiting this vulnerability could allow an attacker to cause a service failure...