CVE-2022-0168

Description

A denial of service (DOS) issue was found in the Linux kernel’s smb2_ioctl_query_info function in the fs/cifs/smb2ops.c Common Internet File System (CIFS) due to an incorrect return from the memdup_user function. This flaw allows a local, privileged (CAP_SYS_ADMIN) attacker to crash the system.

Predictions

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

No vendor mitigations ingested yet for this CVE. The mitigation-content worker queues fetches as references arrive — check back in a few minutes, or see the references list below.

References

• https://access.redhat.com/errata/RHSA-2022:7933
• https://bugzilla.redhat.com/1980646
• https://bugzilla.redhat.com/2037386
• https://bugzilla.redhat.com/2051444
• https://bugzilla.redhat.com/2052312
• https://bugzilla.redhat.com/2053632
• https://bugzilla.redhat.com/2058395
• https://bugzilla.redhat.com/2059928
• https://bugzilla.redhat.com/2066614
• https://bugzilla.redhat.com/2066706
• https://bugzilla.redhat.com/2066819
• https://bugzilla.redhat.com/2070205
• https://bugzilla.redhat.com/2071022
• https://bugzilla.redhat.com/2073064
• https://bugzilla.redhat.com/2074208
• https://bugzilla.redhat.com/2084125
• https://bugzilla.redhat.com/2084183
• https://bugzilla.redhat.com/2084479
• https://bugzilla.redhat.com/2088021
• https://bugzilla.redhat.com/2089815
• https://bugzilla.redhat.com/2090226
• https://bugzilla.redhat.com/2090237
• https://bugzilla.redhat.com/2090240
• https://bugzilla.redhat.com/2090241
• https://bugzilla.redhat.com/2103148

💬 Discuss CVE-2022-0168 on VIR Community →

Community-verified mitigations for this CVE will appear above when contributors publish them.