CVE-2022-47942

CVSS V2 None CVSS V3 None
Description
An issue was discovered in ksmbd in the Linux kernel 5.15 through 5.19 before 5.19.2. There is a heap-based buffer overflow in set_ntacl_dacl, related to use of SMB2_QUERY_INFO_HE after a malformed SMB2_SET_INFO_HE command.
Overview
  • CVE ID
  • CVE-2022-47942
  • Assigner
  • cve@mitre.org
  • Vulnerability Status
  • Undergoing Analysis
  • Published Version
  • 2022-12-23T16:15:12
  • Last Modified Date
  • 2023-01-23T18:54:51
CPE Configuration (Product)
CPE Vulnerable Operator Version Start Version End
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* 1 OR 5.15 5.19.2
History
Created Old Value New Value Data Type Notes
2022-12-23 16:18:46 Added to TrackCVE
2022-12-23 17:15:46 2022-12-23T16:52:12 CVE Modified Date updated
2022-12-23 17:15:46 Received Awaiting Analysis Vulnerability Status updated
2022-12-23 20:15:30 2022-12-23T19:15:12 CVE Modified Date updated
2022-12-23 20:15:33 References updated
2022-12-25 23:15:27 2022-12-25T23:15:10 CVE Modified Date updated
2022-12-25 23:15:28 An issue was discovered in ksmbd in the Linux kernel before 5.19.2. There is a heap-based buffer overflow in set_ntacl_dacl, related to use of SMB2_QUERY_INFO_HE after a malformed SMB2_SET_INFO_HE command. An issue was discovered in ksmbd in the Linux kernel 5.15 through 5.19 before 5.19.2. There is a heap-based buffer overflow in set_ntacl_dacl, related to use of SMB2_QUERY_INFO_HE after a malformed SMB2_SET_INFO_HE command. Description updated
2022-12-27 17:15:18 Awaiting Analysis Undergoing Analysis Vulnerability Status updated
2022-12-30 16:17:24 2022-12-30T15:48:56 CVE Modified Date updated
2022-12-30 16:17:25 Undergoing Analysis Analyzed Vulnerability Status updated
2022-12-30 16:17:26 Weakness Enumeration new
2022-12-30 16:17:28 CPE Information updated
2023-01-14 05:14:19 2023-01-14T04:15:11 CVE Modified Date updated
2023-01-14 05:14:19 Analyzed Modified Vulnerability Status updated
2023-01-14 05:14:21 References updated
2023-01-18 15:15:00 Modified Undergoing Analysis Vulnerability Status updated
2023-01-23 19:13:50 2023-01-23T18:54:51 CVE Modified Date updated
2023-01-23 19:13:50 Undergoing Analysis Analyzed Vulnerability Status updated
2023-04-11 07:13:21 Analyzed Undergoing Analysis Vulnerability Status updated