Lucene search
Ubuntu.comUB:CVE-2022-47938HistoryDec 23, 2022 - 12:00 a.m.
CVE-2022-47938
2022-12-2300:00:00
ubuntu.com
ubuntu.com
44
ksmbd
linux kernel
out-of-bounds read
oops
smb2_tree_connect
file sharing
service enablement
6.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
0.002 Low
EPSS
Percentile
59.8%
An issue was discovered in ksmbd in the Linux kernel 5.15 through 5.19
before 5.19.2. fs/ksmbd/smb2misc.c has an out-of-bounds read and OOPS for
SMB2_TREE_CONNECT.
Notes
| Author | Note |
|---|---|
| sbeattie | needs ksmbd-tools installed to enable the service, which is not installed by default. |
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| ubuntu | 22.04 | noarch | linux | < 5.15.0-53.59 | UNKNOWN |
| ubuntu | 22.04 | noarch | linux-aws | < 5.15.0-1023.27 | UNKNOWN |
| ubuntu | 20.04 | noarch | linux-aws-5.15 | < 5.15.0-1023.27~20.04.1 | UNKNOWN |
| ubuntu | 22.04 | noarch | linux-azure | < 5.15.0-1023.29 | UNKNOWN |
| ubuntu | 20.04 | noarch | linux-azure-5.15 | < 5.15.0-1023.29~20.04.1 | UNKNOWN |
| ubuntu | 22.04 | noarch | linux-azure-fde | < 5.15.0-1024.30.1 | UNKNOWN |
| ubuntu | 20.04 | noarch | linux-azure-fde-5.15 | < 5.15.0-1029.36~20.04.1.1 | UNKNOWN |
| ubuntu | 22.04 | noarch | linux-gcp | < 5.15.0-1022.29 | UNKNOWN |
| ubuntu | 20.04 | noarch | linux-gcp-5.15 | < 5.15.0-1022.29~20.04.1 | UNKNOWN |
| ubuntu | 22.04 | noarch | linux-gke | < 5.15.0-1020.25 | UNKNOWN |
Related
redhatcve
redhatcve
CVE-2022-47938
2022-12-23 17:34:52
nvd
nvd
CVE-2022-47938
2022-12-23 16:15:12
zdi
zdi
Linux Kernel ksmbd Out-Of-Bounds Read Denial-of-Service Vulnerability
2022-12-22 00:00:00
cvelist
cvelist
CVE-2022-47938
2022-12-23 00:00:00
prion
prion
Design/Logic Flaw
2022-12-23 16:15:00
cbl_mariner
cbl_mariner
CVE-2022-47938 affecting package kernel for versions less than 5.15.86.1-1
2023-01-17 16:47:16
debiancve
debiancve
CVE-2022-47938
2022-12-23 16:15:12
nessus
nessus
CBL Mariner 2.0 Security Update: kernel (CVE-2022-47938)
2023-03-20 00:00:00
Ubuntu 20.04 LTS / 22.04 LTS : Linux kernel kmsbd multiple vulnerabilities
2023-01-11 00:00:00
RHEL 7 : kernel (Unpatched Vulnerability)
2024-05-11 00:00:00
cve
cve
CVE-2022-47938
2022-12-23 16:15:12
6.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
0.002 Low
EPSS
Percentile
59.8%
Related for UB:CVE-2022-47938