CVE-2022-0168 There was a DOS issue in the Linux kernel's smb2_ioctl_query_info function because of an incorrect return from the memdup_user function.

A user with the CAP_SYS_ADMIN privilege can trigger this flaw when performing a remote code execution exploit on a CIFSv2 server using the “net rpc creds” command against the target. Red Hat has patched the issue in RHEL 7 and RHEL 6.7. Patches for other Linux distributions are available.

“In RHEL 7 and 6.7, a patch for the smb2_ioctl_query_info function has been applied. However, Red Hat recommends that all users of RHEL 6.7 upgrade to a supported Red Hat Enterprise Linux (RHEL) release. The issue has been assigned CVE ID CVE-2017-7407.”

CVE-2017-7405

A user with the CAP_SYS_ADMIN privilege can trigger this flaw when performing a remote code execution exploit on a CIFSv2 server using the “net rpc creds” command against the target. Red Hat has patched the issue in RHEL 7 and RHEL 6.7. Patches for other Linux distributions are available.

“In RHEL 7 and 6.7, a patch for the smb2_ioctl_query_info function has been applied. However, Red Hat recommends that all users of RHEL 6.7 upgrade to a supported Red Hat Enterprise Linux (RHEL) release. The issue has been assigned CVE ID CVE-2017-7405.”

CVE-2017-7406

The “net rpc creds” command issued by the target of a remote code execution exploit can trigger this flaw on Linux when the target is configured to use a CIFSv2 server.

“In RHEL 7 and 6.7, a patch for the smb2_ioctl_query_info function has been applied. However, Red Hat recommends that all users of RHEL 6.7 upgrade to a supported Red Hat Enterprise Linux (RHEL) release. The issue has been assigned CVE ID CVE-2017-7406.”

CVE-2017-7408

The “net rpc creds” command can be abused to create a denial of service condition in the target CIFSv2 server. Red Hat has patched the issue in RHEL 7 and RHEL 6.7. Patches for other Linux distributions are available.

“In RHEL 7 and 6.7, a patch for the smb2_ioctl_query_info function has been applied. However, Red Hat recommends that all users of RHEL 6.7 upgrade to a supported Red Hat Enterprise Linux (RHEL) release. The issue has been assigned CVE ID CVE-2017-7408.”

CVE-2018-5688

A user with the CAP_MAC_ADMIN privilege can trigger this flaw when performing a remote code execution exploit on a Mac OS client using the “net rpc creds” command against the target. Red Hat has patched the issue in RHEL 7 and RHEL 6.7. Patches for other Linux distributions are available.

“In RHEL 7 and 6.7, a patch for the smb2_ioctl_query_info function has been applied. However, Red Hat recommends that all users of RHEL 6.7 upgrade to a supported Red Hat Enterprise Linux (RHEL) release. The issue has been assigned CVE ID CVE-2017-7407.”

CVE-2018-5688 is not currently assigned an identifier by MITRE because it was discovered after CVE-2022-0168 was assigned an identifier by MITRE

CVE-2018-10933

A user with the CAP_NET_BIND_SERVICE privilege can trigger this flaw when performing a remote code execution exploit on a BIND server using the “dig” command against the target. Red Hat has patched the issue in RHEL 7 and RHEL 6.7. Patches for other Linux distributions are available.

“In RHEL 7 and 6.7, a patch for the named-checkzone function has been applied. However, Red Hat recommends that all users of RHEL 6.7 upgrade to a supported Red Hat Enterprise Linux (RHEL) release. The issue has been assigned CVE ID CVE-2017-7408.”

Both CVEs have been assigned "mitigation by disabling DNS services" as a resolution method, so it is recommended that all users disable DNS services after applying patches

References

Subscribe to CVE.news
Don’t miss out on the latest issues. Sign up now to get access to the library of members-only issues.
jamie@example.com
Subscribe