Date: Sat, 31 Dec 2022 16:05:59 +0100 From: Marcus Meissner <meissner@...e.de> To: oss-security@...ts.openwall.com Subject: Re: Details on this supposed Linux Kernel ksmbd RCE Hi, I made a small mistake in this email, (CVE db is correct). On Fri, Dec 23, 2022 at 05:21:29PM +0100, Marcus Meissner wrote: > Hi, > > Mitre has assigned following CVEs, also torvalds mainline commits: > > ZDI-22-1691 - CVE-2022-47940 > 158a66b245739e15858de42c0ba60fcf3de9b8e6 should be: > ZDI-22-1691 - CVE-2022-47943 > ac60778b87e45576d7bfdbd6f53df902654e6f09 and this > Mitre assigned also from the stable patch, but was not in ZDI set - CVE-2022-47943 > ac60778b87e45576d7bfdbd6f53df902654e6f09 should be: > Mitre assigned also from the stable patch, but was not in ZDI set - CVE-2022-47940 > 158a66b245739e15858de42c0ba60fcf3de9b8e6 so basically I had CVE-2022-47940 and CVE-2022-47943 switched. Sorry for this mistake. Ciao, Marcus > (I did not request that in my batch, Mitre seemed to have > picked this from the stable patch.) > > I mistakenly declared 5.13-5.19 affectedness to Mitre in a hurry, > but it is more 5.15 - 5.18.x / 5.19.x > > Ciao, Marcus > > > On Thu, Dec 22, 2022 at 04:49:04PM -0500, Jan Schaumann wrote: > > Josh Bressers <josh@...ss.net> wrote: > > > > > I was wondering if anyone on the list has additional details about this ZDI > > > advisory > > > https://www.zerodayinitiative.com/advisories/ZDI-22-1690/ > > > > > > There aren't many usable details at the moment > > > > Agreed. > > > > The advisories link to a changelog in > > https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.61 > > but it's unclear (to me) whether that implies v6.x > > kernels are not affected? > > > > Note also that this disclosure is accompanied by a few > > others: > > > > Authenticated remote information disclosure: > > https://www.zerodayinitiative.com/advisories/ZDI-22-1691/ > > > > Unauthenticated remote DoS: > > https://www.zerodayinitiative.com/advisories/ZDI-22-1687/ > > > > Authenticated RCE: > > https://www.zerodayinitiative.com/advisories/ZDI-22-1688/ > > > > Authenticated DoS: > > https://www.zerodayinitiative.com/advisories/ZDI-22-1689/ > > > > Lastly, given that this is a coordinated disclosure, > > I don't know why there are no CVE IDs reserved for > > these. > > > > -Jan > > -- > Marcus Meissner (he/him), Distinguished Engineer / Senior Project Manager Security > SUSE Software Solutions Germany GmbH, Frankenstrasse 146, 90461 Nuernberg, Germany > GF: Ivo Totev, Andrew Myers, Andrew McDonald, Martje Boudien Moerman, HRB 36809, AG Nuernberg -- Marcus Meissner (he/him), Distinguished Engineer / Senior Project Manager Security SUSE Software Solutions Germany GmbH, Frankenstrasse 146, 90461 Nuernberg, Germany GF: Ivo Totev, Andrew Myers, Andrew McDonald, Martje Boudien Moerman, HRB 36809, AG Nuernberg
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.