CVE-2022-0168: Null Pointer Dereference
First published: Wed Jan 05 2022(Updated: )
A denial of service (DOS) issue was found in the Linux kernel’s smb2_ioctl_query_info function in the fs/cifs/smb2ops.c Common Internet File System (CIFS) due to an incorrect return from the memdup_user function. This flaw allows a local, privileged (CAP_SYS_ADMIN) attacker to crash the system.
Credit: secalert@redhat.com secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| redhat/kernel-rt | <0:4.18.0-425.3.1.rt7.213.el8 | 0:4.18.0-425.3.1.rt7.213.el8 |
| redhat/kernel | <0:4.18.0-425.3.1.el8 | 0:4.18.0-425.3.1.el8 |
| redhat/kernel | <0:5.14.0-162.6.1.el9_1 | 0:5.14.0-162.6.1.el9_1 |
| redhat/kernel-rt | <0:5.14.0-162.6.1.rt21.168.el9_1 | 0:5.14.0-162.6.1.rt21.168.el9_1 |
| Linux Linux kernel | <5.18 | |
| Redhat Enterprise Linux | =8.0 | |
| Redhat Enterprise Linux | =9.0 | |
| ubuntu/linux | <5.4.0-156.173 | 5.4.0-156.173 |
| ubuntu/linux | <5.15.0-35.36 | 5.15.0-35.36 |
| ubuntu/linux | <5.18~<5.15.33 | 5.18~ 5.15.33 |
| ubuntu/linux-aws | <5.4.0-1107.115 | 5.4.0-1107.115 |
| ubuntu/linux-aws | <5.15.0-1009.11 | 5.15.0-1009.11 |
| ubuntu/linux-aws | <5.18~<5.15.33 | 5.18~ 5.15.33 |
| ubuntu/linux-aws-5.0 | <5.18~<5.15.33 | 5.18~ 5.15.33 |
| ubuntu/linux-aws-5.11 | <5.18~<5.15.33 | 5.18~ 5.15.33 |
| ubuntu/linux-aws-5.13 | <5.18~<5.15.33 | 5.18~ 5.15.33 |
| ubuntu/linux-aws-5.15 | <5.18~<5.15.33 | 5.18~ 5.15.33 |
| ubuntu/linux-aws-5.3 | <5.18~<5.15.33 | 5.18~ 5.15.33 |
| ubuntu/linux-aws-5.4 | <5.4.0-1107.115~18.04.1 | 5.4.0-1107.115~18.04.1 |
| ubuntu/linux-aws-5.4 | <5.18~<5.15.33 | 5.18~ 5.15.33 |
| ubuntu/linux-aws-5.8 | <5.18~<5.15.33 | 5.18~ 5.15.33 |
| ubuntu/linux-aws-6.5 | <5.18~<5.15.33 | 5.18~ 5.15.33 |
| ubuntu/linux-aws-fips | <5.18~<5.15.33 | 5.18~ 5.15.33 |
| ubuntu/linux-aws-hwe | <5.18~<5.15.33 | 5.18~ 5.15.33 |
| ubuntu/linux-azure | <5.15.0-1008.9 | 5.15.0-1008.9 |
| ubuntu/linux-azure | <5.18~<5.15.33 | 5.18~ 5.15.33 |
| ubuntu/linux-azure-4.15 | <5.18~<5.15.33 | 5.18~ 5.15.33 |
| ubuntu/linux-azure-5.11 | <5.18~<5.15.33 | 5.18~ 5.15.33 |
| ubuntu/linux-azure-5.13 | <5.18~<5.15.33 | 5.18~ 5.15.33 |
| ubuntu/linux-azure-5.15 | <5.15.0-1008.9~20.04.1 | 5.15.0-1008.9~20.04.1 |
| ubuntu/linux-azure-5.15 | <5.18~<5.15.33 | 5.18~ 5.15.33 |
| ubuntu/linux-azure-5.3 | <5.18~<5.15.33 | 5.18~ 5.15.33 |
| ubuntu/linux-azure-5.4 | <5.4.0-1113.119~18.04.1 | 5.4.0-1113.119~18.04.1 |
| ubuntu/linux-azure-5.4 | <5.18~<5.15.33 | 5.18~ 5.15.33 |
| ubuntu/linux-azure-6.5 | <5.18~<5.15.33 | 5.18~ 5.15.33 |
| ubuntu/linux-azure-edge | <5.18~<5.15.33 | 5.18~ 5.15.33 |
| ubuntu/linux-azure-fde | <5.18~<5.15.33 | 5.18~ 5.15.33 |
| ubuntu/linux-azure-fde-5.15 | <5.18~<5.15.33 | 5.18~ 5.15.33 |
| ubuntu/linux-azure-fips | <5.18~<5.15.33 | 5.18~ 5.15.33 |
| ubuntu/linux-bluefield | <5.4.0-1068.74 | 5.4.0-1068.74 |
| ubuntu/linux-bluefield | <5.18~<5.15.33 | 5.18~ 5.15.33 |
| ubuntu/linux-dell300x | <5.18~<5.15.33 | 5.18~ 5.15.33 |
| ubuntu/linux-fips | <5.18~<5.15.33 | 5.18~ 5.15.33 |
| ubuntu/linux-gcp | <5.4.0-1110.119 | 5.4.0-1110.119 |
| ubuntu/linux-gcp | <5.15.0-1006.9 | 5.15.0-1006.9 |
| ubuntu/linux-gcp | <5.18~<5.15.33 | 5.18~ 5.15.33 |
| ubuntu/linux-gcp-4.15 | <5.18~<5.15.33 | 5.18~ 5.15.33 |
| ubuntu/linux-gcp-5.11 | <5.18~<5.15.33 | 5.18~ 5.15.33 |
| ubuntu/linux-gcp-5.13 | <5.18~<5.15.33 | 5.18~ 5.15.33 |
| ubuntu/linux-gcp-5.15 | <5.18~<5.15.33 | 5.18~ 5.15.33 |
| ubuntu/linux-gcp-5.3 | <5.18~<5.15.33 | 5.18~ 5.15.33 |
| ubuntu/linux-gcp-5.4 | <5.4.0-1110.119~18.04.1 | 5.4.0-1110.119~18.04.1 |
| ubuntu/linux-gcp-5.8 | <5.18~<5.15.33 | 5.18~ 5.15.33 |
| ubuntu/linux-gcp-6.5 | <5.18~<5.15.33 | 5.18~ 5.15.33 |
| ubuntu/linux-gcp-fips | <5.18~<5.15.33 | 5.18~ 5.15.33 |
| ubuntu/linux-gke | <5.4.0-1105.112 | 5.4.0-1105.112 |
| ubuntu/linux-gke | <5.15.0-1006.7 | 5.15.0-1006.7 |
| ubuntu/linux-gke | <5.18~<5.15.33 | 5.18~ 5.15.33 |
| ubuntu/linux-gke-4.15 | <5.18~<5.15.33 | 5.18~ 5.15.33 |
| ubuntu/linux-gke-5.0 | <5.18~<5.15.33 | 5.18~ 5.15.33 |
| ubuntu/linux-gke-5.15 | <5.18~<5.15.33 | 5.18~ 5.15.33 |
| ubuntu/linux-gke-5.3 | <5.18~<5.15.33 | 5.18~ 5.15.33 |
| ubuntu/linux-gke-5.4 | <5.18~<5.15.33 | 5.18~ 5.15.33 |
| ubuntu/linux-gkeop | <5.4.0-1074.78 | 5.4.0-1074.78 |
| ubuntu/linux-gkeop | <5.18~<5.15.33 | 5.18~ 5.15.33 |
| ubuntu/linux-gkeop-5.15 | <5.18~<5.15.33 | 5.18~ 5.15.33 |
| ubuntu/linux-gkeop-5.4 | <5.18~<5.15.33 | 5.18~ 5.15.33 |
| ubuntu/linux-hwe | <5.18~<5.15.33 | 5.18~ 5.15.33 |
| ubuntu/linux-hwe-5.11 | <5.18~<5.15.33 | 5.18~ 5.15.33 |
| ubuntu/linux-hwe-5.13 | <5.18~<5.15.33 | 5.18~ 5.15.33 |
| ubuntu/linux-hwe-5.15 | <5.15.0-41.44~20.04.1 | 5.15.0-41.44~20.04.1 |
| ubuntu/linux-hwe-5.15 | <5.18~<5.15.33 | 5.18~ 5.15.33 |
| ubuntu/linux-hwe-5.4 | <5.4.0-156.173~18.04.1 | 5.4.0-156.173~18.04.1 |
| ubuntu/linux-hwe-5.4 | <5.18~<5.15.33 | 5.18~ 5.15.33 |
| ubuntu/linux-hwe-5.8 | <5.18~<5.15.33 | 5.18~ 5.15.33 |
| ubuntu/linux-hwe-6.5 | <5.18~<5.15.33 | 5.18~ 5.15.33 |
| ubuntu/linux-hwe-edge | <5.18~<5.15.33 | 5.18~ 5.15.33 |
| ubuntu/linux-ibm | <5.4.0-1054.59 | 5.4.0-1054.59 |
| ubuntu/linux-ibm | <5.15.0-1005.5 | 5.15.0-1005.5 |
| ubuntu/linux-ibm | <5.18~<5.15.33 | 5.18~ 5.15.33 |
| ubuntu/linux-ibm-5.15 | <5.18~<5.15.33 | 5.18~ 5.15.33 |
| ubuntu/linux-ibm-5.4 | <5.4.0-1054.59~18.04.1 | 5.4.0-1054.59~18.04.1 |
| ubuntu/linux-ibm-5.4 | <5.18~<5.15.33 | 5.18~ 5.15.33 |
| ubuntu/linux-intel | <5.18~<5.15.33 | 5.18~ 5.15.33 |
| ubuntu/linux-intel-5.13 | <5.18~<5.15.33 | 5.18~ 5.15.33 |
| ubuntu/linux-intel-iotg | <5.15.0-1008.11 | 5.15.0-1008.11 |
| ubuntu/linux-intel-iotg | <5.18~<5.15.33 | 5.18~ 5.15.33 |
| ubuntu/linux-intel-iotg-5.15 | <5.15.0-1008.11~20.04.1 | 5.15.0-1008.11~20.04.1 |
| ubuntu/linux-intel-iotg-5.15 | <5.18~<5.15.33 | 5.18~ 5.15.33 |
| ubuntu/linux-iot | <5.4.0-1019.20 | 5.4.0-1019.20 |
| ubuntu/linux-iot | <5.18~<5.15.33 | 5.18~ 5.15.33 |
| ubuntu/linux-kvm | <5.4.0-1096.102 | 5.4.0-1096.102 |
| ubuntu/linux-kvm | <5.15.0-1008.8 | 5.15.0-1008.8 |
| ubuntu/linux-kvm | <5.18~<5.15.33 | 5.18~ 5.15.33 |
| ubuntu/linux-laptop | <5.18~<5.15.33 | 5.18~ 5.15.33 |
| ubuntu/linux-lowlatency | <5.15.0-35.36 | 5.15.0-35.36 |
| ubuntu/linux-lowlatency | <5.18~<5.15.33 | 5.18~ 5.15.33 |
| ubuntu/linux-lowlatency-hwe-5.15 | <5.15.0-42.45~20.04.1 | 5.15.0-42.45~20.04.1 |
| ubuntu/linux-lowlatency-hwe-5.15 | <5.18~<5.15.33 | 5.18~ 5.15.33 |
| ubuntu/linux-lowlatency-hwe-5.19 | <5.18~<5.15.33 | 5.18~ 5.15.33 |
| ubuntu/linux-lowlatency-hwe-6.5 | <5.18~<5.15.33 | 5.18~ 5.15.33 |
| ubuntu/linux-lts-xenial | <5.18~<5.15.33 | 5.18~ 5.15.33 |
| ubuntu/linux-nvidia | <5.18~<5.15.33 | 5.18~ 5.15.33 |
| ubuntu/linux-nvidia-6.5 | <5.18~<5.15.33 | 5.18~ 5.15.33 |
| ubuntu/linux-nvidia-6.8 | <5.18~<5.15.33 | 5.18~ 5.15.33 |
| ubuntu/linux-nvidia-lowlatency | <5.18~<5.15.33 | 5.18~ 5.15.33 |
| ubuntu/linux-oem | <5.18~<5.15.33 | 5.18~ 5.15.33 |
| ubuntu/linux-oem-5.10 | <5.18~<5.15.33 | 5.18~ 5.15.33 |
| ubuntu/linux-oem-5.13 | <5.18~<5.15.33 | 5.18~ 5.15.33 |
| ubuntu/linux-oem-5.14 | <5.14.0-1036.40 | 5.14.0-1036.40 |
| ubuntu/linux-oem-5.17 | <5.17.0-1004.4 | 5.17.0-1004.4 |
| ubuntu/linux-oem-5.17 | <5.18~<5.15.33 | 5.18~ 5.15.33 |
| ubuntu/linux-oem-5.6 | <5.18~<5.15.33 | 5.18~ 5.15.33 |
| ubuntu/linux-oem-6.0 | <5.18~<5.15.33 | 5.18~ 5.15.33 |
| ubuntu/linux-oem-6.1 | <5.18~<5.15.33 | 5.18~ 5.15.33 |
| ubuntu/linux-oem-6.5 | <5.18~<5.15.33 | 5.18~ 5.15.33 |
| ubuntu/linux-oem-6.8 | <5.18~<5.15.33 | 5.18~ 5.15.33 |
| ubuntu/linux-oem-osp1 | <5.18~<5.15.33 | 5.18~ 5.15.33 |
| ubuntu/linux-oracle | <5.4.0-1106.115 | 5.4.0-1106.115 |
| ubuntu/linux-oracle | <5.15.0-1007.9 | 5.15.0-1007.9 |
| ubuntu/linux-oracle | <5.18~<5.15.33 | 5.18~ 5.15.33 |
| ubuntu/linux-oracle-5.0 | <5.18~<5.15.33 | 5.18~ 5.15.33 |
| ubuntu/linux-oracle-5.11 | <5.18~<5.15.33 | 5.18~ 5.15.33 |
| ubuntu/linux-oracle-5.13 | <5.18~<5.15.33 | 5.18~ 5.15.33 |
| ubuntu/linux-oracle-5.15 | <5.18~<5.15.33 | 5.18~ 5.15.33 |
| ubuntu/linux-oracle-5.3 | <5.18~<5.15.33 | 5.18~ 5.15.33 |
| ubuntu/linux-oracle-5.4 | <5.4.0-1106.115~18.04.1 | 5.4.0-1106.115~18.04.1 |
| ubuntu/linux-oracle-6.5 | <5.18~<5.15.33 | 5.18~ 5.15.33 |
| ubuntu/linux-raspi | <5.4.0-1091.102 | 5.4.0-1091.102 |
| ubuntu/linux-raspi | <5.15.0-1011.13 | 5.15.0-1011.13 |
| ubuntu/linux-raspi | <5.18~<5.15.33 | 5.18~ 5.15.33 |
| ubuntu/linux-raspi-5.4 | <5.4.0-1091.102~18.04.1 | 5.4.0-1091.102~18.04.1 |
| ubuntu/linux-raspi-5.4 | <5.18~<5.15.33 | 5.18~ 5.15.33 |
| ubuntu/linux-raspi2 | <5.18~<5.15.33 | 5.18~ 5.15.33 |
| ubuntu/linux-raspi2-5.3 | <5.18~<5.15.33 | 5.18~ 5.15.33 |
| ubuntu/linux-riscv | <5.15.0-1012.13 | 5.15.0-1012.13 |
| ubuntu/linux-riscv | <5.18~<5.15.33 | 5.18~ 5.15.33 |
| ubuntu/linux-riscv-5.11 | <5.18~<5.15.33 | 5.18~ 5.15.33 |
| ubuntu/linux-riscv-5.15 | <5.18~<5.15.33 | 5.18~ 5.15.33 |
| ubuntu/linux-riscv-5.8 | <5.18~<5.15.33 | 5.18~ 5.15.33 |
| ubuntu/linux-riscv-6.5 | <5.18~<5.15.33 | 5.18~ 5.15.33 |
| ubuntu/linux-snapdragon | <5.18~<5.15.33 | 5.18~ 5.15.33 |
| ubuntu/linux-starfive | <5.18~<5.15.33 | 5.18~ 5.15.33 |
| ubuntu/linux-starfive-6.5 | <5.18~<5.15.33 | 5.18~ 5.15.33 |
| ubuntu/linux-xilinx-zynqmp | <5.4.0-1027.31 | 5.4.0-1027.31 |
| ubuntu/linux-xilinx-zynqmp | <5.18~<5.15.33 | 5.18~ 5.15.33 |
| debian/linux | 5.10.218-1 5.10.221-1 6.1.94-1 6.1.99-1 6.9.12-1 6.10.3-1 |
Remedy
Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://www.cve.org/CVERecord?id=CVE-2022-0168 https://nvd.nist.gov/vuln/detail/CVE-2022-0168
- https://bugzilla.redhat.com/show_bug.cgi?id=2037386
- https://access.redhat.com/errata/RHSA-2022:7444
- https://access.redhat.com/errata/RHSA-2022:7683
- https://access.redhat.com/errata/RHSA-2022:8267
- https://access.redhat.com/errata/RHSA-2022:7933
- https://access.redhat.com/security/cve/cve-2022-0168
- https://access.redhat.com/security/cve/CVE-2022-0168
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=d6f5e358452479fa8a773b5c6ccc9e4ec5a20880
- https://launchpad.net/bugs/cve/CVE-2022-0168
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=2067080
- https://git.kernel.org/linus/d6f5e358452479fa8a773b5c6ccc9e4ec5a20880
- https://access.redhat.com/errata/RHSA-2024:0724
- https://ubuntu.com/security/notices/USN-5469-1
- https://ubuntu.com/security/notices/USN-6284-1
- https://ubuntu.com/security/notices/USN-6301-1
- https://ubuntu.com/security/notices/USN-6312-1
- https://ubuntu.com/security/notices/USN-6314-1
- https://ubuntu.com/security/notices/USN-6331-1
- https://ubuntu.com/security/notices/USN-6337-1
- https://www.cve.org/CVERecord?id=CVE-2022-0168
- https://nvd.nist.gov/vuln/detail/CVE-2022-0168
- https://security-tracker.debian.org/tracker/CVE-2022-0168
- https://git.kernel.org/linus/ccd48ec3d4a6cc595b2d9c5146e63b6c23546701
- https://git.kernel.org/linus/0e90696dc2b33a2c390242c5b9f330a16ae2ac82
- https://git.kernel.org/linus/b92e358757b91c2827af112cae9af513f26a3f34
- https://git.kernel.org/linus/efac779b1c69670ed1e5ab84123ccc2c14e082f0
- https://ubuntu.com/security/CVE-2022-0168
Parent vulnerabilities
(Appears in the following advisories)
- collector/redhat-cve
- collector/nvd-index
- agent/type
- agent/first-publish-date
- collector/launchpad-cve
- source/Launchpad
- agent/author
- agent/remedy
- agent/weakness
- agent/severity
- collector/nvd-cve
- source/NVD
- agent/software-canonical-lookup
- agent/description
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2022-0168
- agent/references
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/event
- collector/usn-cve
- source/Ubuntu
- collector/security-tracker-debian
- source/Debian
- agent/softwarecombine
- agent/tags
- package-manager/redhat
- vendor/linux
- canonical/linux linux kernel
- vendor/redhat
- canonical/redhat enterprise linux
- version/redhat enterprise linux/8.0
- version/redhat enterprise linux/9.0
- package-manager/ubuntu
- package-manager/debian