An issue was discovered in ksmbd in the Linux kernel 5.15 through 5.19 before 5.19.2. There is a heap-based buffer overflow in set_ntacl_dacl, related to use of SMB2_QUERY_INFO_HE after a malformed SMB2_SET_INFO_HE command.
CPE | Name | Operator | Version |
---|---|---|---|
linux_kernel | ge | 5.16 | |
linux_kernel | lt | 5.18.18 | |
linux_kernel | ge | 5.19 | |
linux_kernel | lt | 5.19.2 | |
linux_kernel | ge | 5.15 | |
linux_kernel | lt | 5.15.62 |
www.openwall.com/lists/oss-security/2022/12/23/10
cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.19.2
git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=8f0541186e9ad1b62accc9519cc2b7a7240272a7
github.com/torvalds/linux/commit/8f0541186e9ad1b62accc9519cc2b7a7240272a7
www.zerodayinitiative.com/advisories/ZDI-22-1688/