kernel is vulnerable to Denial of Service (DoS) attacks. The vulnerability exists in the smb2_ioctl_query_info
function of fs/cifs/smb2ops.c
, in Common Internet File System (CIFS) due to an incorrect return from the memdup_user
function. This flaw allows a local, privileged attacker to crash the system.
access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.7_release_notes/index
access.redhat.com/errata/RHSA-2022:7444
access.redhat.com/errata/RHSA-2022:7683
access.redhat.com/errata/RHSA-2022:7933
access.redhat.com/errata/RHSA-2022:8267
access.redhat.com/security/cve/CVE-2022-0168
access.redhat.com/security/updates/classification/#moderate
access.redhat.com/solutions/6971358
bugzilla.redhat.com/show_bug.cgi?id=2037386
git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=d6f5e358452479fa8a773b5c6ccc9e4ec5a20880