PT-2022-3778 · Oracle · Oracle Solaris

Published

2022-07-19

Updated

2022-07-23

CVE-2022-21533

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Oracle Solaris version 11

Description The issue is related to errors in resource release in the SMB Server component of Oracle Solaris. It can be exploited to cause a denial of service, allowing an attacker to crash or hang the system. The vulnerability can be exploited by a low-privileged attacker with logon access to the infrastructure where Oracle Solaris is running.

Recommendations For Oracle Solaris version 11, apply the necessary patches or updates to fix the resource release errors in the SMB Server component. As a temporary workaround, consider restricting access to the SMB Server to minimize the risk of exploitation.

Fix

Improper Resource Release

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-404

Related Identifiers

BDU:2022-04570

CVE-2022-21533

Affected Products

Oracle Solaris

PT-2022-3778 · Oracle · Oracle Solaris

CVE-2022-21533

Weakness Enumeration

Related Identifiers

Affected Products

References · 5