Lucene search
Ubuntu.comUB:CVE-2022-47943HistoryDec 23, 2022 - 12:00 a.m.
CVE-2022-47943
2022-12-2300:00:00
ubuntu.com
ubuntu.com
55
linux kernel
out-of-bounds read
oops
smb2_write
ksmbd
vulnerability
enabled service
8.1 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
0.002 Low
EPSS
Percentile
59.2%
An issue was discovered in ksmbd in the Linux kernel 5.15 through 5.19
before 5.19.2. There is an out-of-bounds read and OOPS for SMB2_WRITE, when
there is a large length in the zero DataOffset case.
Notes
| Author | Note |
|---|---|
| sbeattie | to be vulnerable, need ksmbd-tools installed to enable the ksmbd service, which is not installed by default. |
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| ubuntu | 22.04 | noarch | linux | < 5.15.0-53.59 | UNKNOWN |
| ubuntu | 22.04 | noarch | linux-aws | < 5.15.0-1023.27 | UNKNOWN |
| ubuntu | 20.04 | noarch | linux-aws-5.15 | < 5.15.0-1023.27~20.04.1 | UNKNOWN |
| ubuntu | 22.04 | noarch | linux-azure | < 5.15.0-1023.29 | UNKNOWN |
| ubuntu | 20.04 | noarch | linux-azure-5.15 | < 5.15.0-1023.29~20.04.1 | UNKNOWN |
| ubuntu | 22.04 | noarch | linux-azure-fde | < 5.15.0-1024.30.1 | UNKNOWN |
| ubuntu | 20.04 | noarch | linux-azure-fde-5.15 | < 5.15.0-1029.36~20.04.1.1 | UNKNOWN |
| ubuntu | 22.04 | noarch | linux-gcp | < 5.15.0-1022.29 | UNKNOWN |
| ubuntu | 20.04 | noarch | linux-gcp-5.15 | < 5.15.0-1022.29~20.04.1 | UNKNOWN |
| ubuntu | 22.04 | noarch | linux-gke | < 5.15.0-1020.25 | UNKNOWN |
Related
cbl_mariner
cbl_mariner
CVE-2022-47943 affecting package kernel for versions less than 5.15.86.1-1
2023-01-17 16:47:16
prion
prion
Out-of-bounds
2022-12-23 17:15:00
redhatcve
redhatcve
CVE-2022-47943
2022-12-26 14:34:48
zdi
zdi
Linux Kernel ksmbd Out-Of-Bounds Read Information Disclosure Vulnerability
2023-01-23 00:00:00
cvelist
cvelist
CVE-2022-47943
2022-12-23 00:00:00
nvd
nvd
CVE-2022-47943
2022-12-23 17:15:08
debiancve
debiancve
CVE-2022-47943
2022-12-23 17:15:08
cve
cve
CVE-2022-47943
2022-12-23 17:15:08
nessus
nessus
CBL Mariner 2.0 Security Update: kernel (CVE-2022-47943)
2023-03-20 00:00:00
8.1 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
0.002 Low
EPSS
Percentile
59.2%
Related for UB:CVE-2022-47943