CVE-2022-0168 : LINUX KERNEL COMMON INTERNET FILE SYSTEM FS/CIFS/SMB2OPS.C SMB2_IOCTL_QUERY_INFO NULL POINTER DEREFERENCE

Description

A denial of service (DOS) issue was found in the Linux kernel’s smb2_ioctl_query_info function in the fs/cifs/smb2ops.c Common Internet File System (CIFS) due to an incorrect return from the memdup_user function. This flaw allows a local, privileged (CAP_SYS_ADMIN) attacker to crash the system.

References

https://access.redhat.com/security/cve/CVE-2022-0168

https://bugzilla.redhat.com/show_bug.cgi?id=2037386

https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=d6f5e358452479fa8a773b5c6ccc9e4ec5a20880

For More Information

MITRE

Common Vulnerabilityies and Exposures

Contact us to get started

CVE-2022-42302 : VERITAS NETBACKUP UP TO 10.0 NBFSMCLIENT SERVICE SQL INJECTION

CVE-2022-42302 : VERITAS NETBACKUP UP TO 10.0 NBFSMCLIENT SERVICE SQL INJECTION

Description An issue was discovered in Veritas NetBackup through 10.0 and related Veritas products. The NetBackup Primary server is vulnerable

CVE-2022-39266 : ISOLATED-VM UP TO 4.3.6 API PROTECTION MECHANISM

CVE-2022-39266 : ISOLATED-VM UP TO 4.3.6 API PROTECTION MECHANISM

Description isolated-vm is a library for nodejs which gives the user access to v8’s Isolate interface. In versions 4.3.6 and

CVE-2022-34424 : DELL OS10 10.5.1.X/10.5.2.X/10.5.3.X OUT-OF-BOUNDS WRITE

CVE-2022-34424 : DELL OS10 10.5.1.X/10.5.2.X/10.5.3.X OUT-OF-BOUNDS WRITE

Description Networking OS10, versions 10.5.1.x, 10.5.2.x, and 10.5.3.x contain a vulnerability that could allow an attacker to cause a system