Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Fri, 23 Dec 2022 17:21:29 +0100
From: Marcus Meissner <>
Subject: Re: Details on this supposed Linux Kernel ksmbd RCE


Mitre has assigned following CVEs, also torvalds mainline commits:

ZDI-22-1687 - CVE-2022-47941
ZDI-22-1688 - CVE-2022-47942
ZDI-22-1689 - CVE-2022-47938
ZDI-22-1690 - CVE-2022-47939
ZDI-22-1691 - CVE-2022-47940

Mitre assigned also from the stable patch, but was not in ZDI set - CVE-2022-47943

	(I did not request that in my batch, Mitre seemed to have
	picked this from the stable patch.)

I mistakenly declared 5.13-5.19 affectedness to Mitre in a hurry,
but it is more 5.15 - 5.18.x / 5.19.x

Ciao, Marcus

On Thu, Dec 22, 2022 at 04:49:04PM -0500, Jan Schaumann wrote:
> Josh Bressers <> wrote:
> > I was wondering if anyone on the list has additional details about this ZDI
> > advisory
> >
> > 
> > There aren't many usable details at the moment
> Agreed.
> The advisories link to a changelog in
> but it's unclear (to me) whether that implies v6.x
> kernels are not affected?
> Note also that this disclosure is accompanied by a few
> others:
> Authenticated remote information disclosure:
> Unauthenticated remote DoS:
> Authenticated RCE:
> Authenticated DoS:
> Lastly, given that this is a coordinated disclosure,
> I don't know why there are no CVE IDs reserved for
> these.
> -Jan

Marcus Meissner (he/him), Distinguished Engineer / Senior Project Manager Security
SUSE Software Solutions Germany GmbH, Frankenstrasse 146, 90461 Nuernberg, Germany
GF: Ivo Totev, Andrew Myers, Andrew McDonald, Martje Boudien Moerman, HRB 36809, AG Nuernberg

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.