Log

CVE-2022-47941 created at 22 Mar 2023 13:05:49
Severity
+ Unknown
Remote
+ Unknown
Type
+ Unknown
Description
+ memory leak in smb2_handle_negotiate() under error conditions
References
+ https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=aa7253c2393f6dcd6a1468b0792f6da76edad917
+ https://kernel.dance/#CVE-2022-47941
Notes
CVE-2022-47939 created at 22 Mar 2023 12:36:43
Severity
+ Unknown
Remote
+ Unknown
Type
+ Unknown
Description
+ use-after-free in smb2_tree_disconnect) when a danging pointer is accessed in compound requests
References
+ https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=cf6531d98190fa2cf92a6d8bbc8af0a4740a223c
+ https://kernel.dance/#CVE-2022-47939
Notes
CVE-2022-47938 created at 22 Mar 2023 12:24:57
Severity
+ Unknown
Remote
+ Unknown
Type
+ Unknown
Description
+ out of bound read in smb2_tree_connnect
References
+ https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=824d4f64c20093275f72fc8101394d75ff6a249e
+ https://kernel.dance/#CVE-2022-47938
Notes
CVE-2022-47940 created at 22 Mar 2023 12:00:40
Severity
+ Unknown
Remote
+ Unknown
Type
+ Insufficient validation
Description
+ smb2_write() and smb2_write_pipe do not avlidate the length when no padding is used
References
+ https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=158a66b245739e15858de42c0ba60fcf3de9b8e6
+ https://kernel.dance/#CVE-2022-47940
Notes
CVE-2022-3028 created at 22 Mar 2023 11:55:02
Severity
+ Unknown
Remote
+ Unknown
Type
+ Unknown
Description
+ race-condition with xfrm_probe_algs() in net/key/af_key.c
References
+ https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=ba953a9d89a00c078b85f4b190bc1dde66fe16b5
+ https://kernel.dance/#CVE-2022-3028
Notes
CVE-2022-3239 created at 22 Mar 2023 11:50:07
Severity
+ Unknown
Remote
+ Unknown
Type
+ Unknown
Description
References
+ https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=c08eadca1bdfa099e20a32f8fa4b52b2f672236d
+ https://kernel.dance/#CVE-2022-3239
Notes
CVE-2022-41218 created at 22 Mar 2023 09:01:32
Severity
+ Unknown
Remote
+ Unknown
Type
+ Unknown
Description
+ use-after-free when dvb_demux_open() is called between the two syncs of dvbdev->users and dvr_dvbdev->users in dvb_dmxdev_release()
References
+ https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=fd3d91ab1c6ab0628fe642dd570b56302c30a792
+ https://kernel.dance/#CVE-2022-41218
Notes
CVE-2022-3586 created at 22 Mar 2023 08:49:38
Severity
+ Unknown
Remote
+ Unknown
Type
+ Unknown
Description
+ potential use-after-free in sch_sfb enqueue()
References
+ https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=9efd23297cca530bb35e1848665805d3fcdd7889
+ https://kernel.dance/#CVE-2022-3586
Notes
CVE-2022-3646 created at 22 Mar 2023 08:37:50
Severity
+ Unknown
Remote
+ Unknown
Type
+ Unknown
Description
+ memory leak when nilfs_attach_log_writer() fails to create a log writer thread
References
+ https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=d0d51a97063db4704a5ef6bc978dddab1636a306
+ https://kernel.dance/#CVE-2022-3646
Notes
CVE-2023-0394 edited at 22 Mar 2023 08:33:30
References
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=cb3e9864
+ https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=cb3e9864cdbe35ff6378966660edbcbac955fe17
https://kernel.dance/#CVE-2023-0394