CVE-2022-47938
Published: 23 December 2022
Summary
CVE-2022-47938 is a medium-severity Out-of-bounds Read (CWE-125) vulnerability in Linux Linux Kernel. Its CVSS base score is 6.5 (Medium).
Operationally, ranked in the top 6.6% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.
Deeper analysis
The vulnerability is an out-of-bounds read (CWE-125) in the ksmbd kernel SMB server component, present in Linux kernels 5.15 through 5.19 prior to 5.19.2. It occurs in fs/ksmbd/smb2misc.c during processing of an SMB2_TREE_CONNECT request and results in an OOPS condition. The flaw carries a CVSS 3.1 score of 6.5, reflecting network attack vector, low complexity, and low required privileges.
An authenticated remote attacker can send a specially crafted SMB2_TREE_CONNECT packet to trigger the out-of-bounds read. Successful exploitation causes a kernel panic that denies service (high availability impact) while leaving confidentiality and integrity unaffected.
Advisories and patches indicate that the issue is resolved by applying the fix included in the 5.19.2 kernel release, available via the official ChangeLog and the referenced commit that corrects handling in smb2misc.c. Organizations are advised to update affected kernels promptly; additional context appears in the Zero Day Initiative advisory ZDI-22-1689 and the oss-security mailing list posting.
The EPSS score has remained flat at 0.1048 with no material increase after disclosure.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2022-50671
Vulnerability details
An issue was discovered in ksmbd in the Linux kernel 5.15 through 5.19 before 5.19.2. fs/ksmbd/smb2misc.c has an out-of-bounds read and OOPS for SMB2_TREE_CONNECT.
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.