In cifs-utils through 6.14, a stack-based buffer overflow when parsing the mount.cifs ip= command-line argument could lead to local attackers gaining root privileges.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
Configuration 4 (hide)
|
Configuration 5 (hide)
|
History
24 Nov 2023, 15:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
07 Nov 2023, 03:45
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
05 Oct 2022, 19:37
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:* cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:* cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:* |
|
First Time |
Fedoraproject
Fedoraproject fedora |
|
References | (DEBIAN) https://www.debian.org/security/2022/dsa-5157 - Third Party Advisory | |
References | (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HXKZLJYJJEC3TIBFLXUORRMZUKG5W676/ - Mailing List, Third Party Advisory | |
References | (MLIST) https://lists.debian.org/debian-lts-announce/2022/05/msg00020.html - Mailing List, Third Party Advisory | |
References | (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5WBOLMANBYJILXQKRRK7OCR774PXJAYY/ - Mailing List, Third Party Advisory | |
References | (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QIYZ4L6SLSYJQ446VJAO2VGAESURQNSP/ - Mailing List, Third Party Advisory |
03 Jun 2022, 15:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
16 May 2022, 16:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
09 May 2022, 03:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
07 May 2022, 10:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
06 May 2022, 18:49
Type | Values Removed | Values Added |
---|---|---|
References | (MISC) http://wiki.robotz.com/index.php/Linux_CIFS_Utils_and_Samba - Third Party Advisory | |
References | (MISC) https://github.com/piastry/cifs-utils/pull/7/commits/955fb147e97a6a74e1aaa65766de91e2c1479765 - Patch, Third Party Advisory | |
References | (MISC) https://bugzilla.samba.org/show_bug.cgi?id=15025 - Issue Tracking, Permissions Required, Vendor Advisory | |
References | (MISC) https://github.com/piastry/cifs-utils/pull/7 - Issue Tracking, Patch, Third Party Advisory | |
References | (MISC) https://bugzilla.suse.com/show_bug.cgi?id=1197216 - Issue Tracking, Patch, Third Party Advisory | |
CWE | CWE-787 | |
First Time |
Suse linux Enterprise Desktop
Debian debian Linux Suse manager Proxy Hp Suse manager Server Suse manager Retail Branch Server Suse linux Enterprise Server Suse linux Enterprise Storage Suse caas Platform Suse openstack Cloud Crowbar Suse linux Enterprise High Performance Computing Suse linux Enterprise Real Time Suse Samba Debian Hp helion Openstack Suse linux Enterprise Software Development Kit Suse enterprise Storage Suse linux Enterprise Point Of Service Suse openstack Cloud Suse linux Enterprise Micro Samba cifs-utils |
|
CPE | cpe:2.3:o:suse:linux_enterprise_server:15:sp3:*:*:*:*:*:* cpe:2.3:o:suse:linux_enterprise_desktop:15:sp4:*:*:*:*:*:* cpe:2.3:a:suse:openstack_cloud:8.0:*:*:*:*:*:*:* cpe:2.3:o:suse:linux_enterprise_server:15:-:*:*:ltss:*:*:* cpe:2.3:o:suse:linux_enterprise_desktop:15:sp3:*:*:*:*:*:* cpe:2.3:o:suse:linux_enterprise_server:15:-:*:*:espos:*:*:* cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:* cpe:2.3:o:suse:linux_enterprise_server:12:sp4:*:*:-:sap:*:* cpe:2.3:o:suse:linux_enterprise_micro:5.2:*:*:*:*:-:*:* cpe:2.3:a:suse:manager_retail_branch_server:4.2:*:*:*:*:*:*:* cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:sp5:*:*:*:*:*:* cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:* cpe:2.3:a:suse:enterprise_storage:6.0:*:*:*:*:*:*:* cpe:2.3:o:suse:linux_enterprise_server:12:sp4:*:*:espos:*:*:* cpe:2.3:a:suse:manager_proxy:4.2:*:*:*:*:*:*:* cpe:2.3:o:suse:linux_enterprise_server:11:sp4:*:*:ltss:*:*:* cpe:2.3:a:suse:openstack_cloud_crowbar:9.0:*:*:*:*:*:*:* cpe:2.3:a:hp:helion_openstack:8.0:*:*:*:*:*:*:* cpe:2.3:o:suse:linux_enterprise_server:15:sp4:*:*:*:*:*:* cpe:2.3:o:suse:linux_enterprise_server:12:sp3:*:*:ltss:*:*:* cpe:2.3:o:suse:linux_enterprise_server:15:sp1:*:*:business_critical_linux:-:*:* cpe:2.3:a:suse:openstack_cloud_crowbar:8.0:*:*:*:*:*:*:* cpe:2.3:o:suse:linux_enterprise_server:15:sp2:*:*:ltss:*:*:* cpe:2.3:o:suse:linux_enterprise_high_performance_computing:15.0:-:*:*:ltss:*:*:* cpe:2.3:a:suse:manager_server:4.1:*:*:*:*:*:*:* cpe:2.3:a:suse:manager_proxy:4.3:*:*:*:*:*:*:* cpe:2.3:o:suse:linux_enterprise_high_performance_computing:15.0:sp2:*:*:espos:*:*:* cpe:2.3:o:suse:linux_enterprise_server:12:sp3:*:*:espos:*:*:* cpe:2.3:o:suse:linux_enterprise_server:12:sp4:*:*:ltss:*:*:* cpe:2.3:o:suse:linux_enterprise_high_performance_computing:15.0:sp1:*:*:ltss:*:*:* cpe:2.3:a:suse:manager_server:4.3:*:*:*:*:*:*:* cpe:2.3:o:suse:linux_enterprise_high_performance_computing:15.0:sp2:*:*:ltss:*:*:* cpe:2.3:o:suse:linux_enterprise_server:15:*:*:*:*:sap:*:* cpe:2.3:o:suse:linux_enterprise_high_performance_computing:12.0:sp5:*:*:-:*:*:* cpe:2.3:a:suse:manager_proxy:4.1:*:*:*:*:*:*:* cpe:2.3:o:suse:linux_enterprise_server:15:sp2:*:*:business_critical_linux:-:*:* cpe:2.3:o:suse:linux_enterprise_real_time:15.0:sp2:*:*:*:*:*:* cpe:2.3:o:suse:linux_enterprise_server:15:sp1:*:*:ltss:*:*:* cpe:2.3:o:suse:linux_enterprise_server:12:sp3:*:*:*:sap:*:* cpe:2.3:o:suse:linux_enterprise_high_performance_computing:15.0:sp4:*:*:-:*:*:* cpe:2.3:a:suse:linux_enterprise_point_of_service:11.0:sp3:*:*:*:*:*:* cpe:2.3:a:suse:linux_enterprise_storage:7.1:*:*:*:*:*:*:* cpe:2.3:o:suse:linux_enterprise_micro:5.2:*:*:*:*:rancher:*:* cpe:2.3:a:suse:manager_server:4.2:*:*:*:*:*:*:* cpe:2.3:o:suse:linux_enterprise_high_performance_computing:15.0:sp1:*:*:espos:*:*:* cpe:2.3:o:suse:linux_enterprise_server:12:sp5:*:*:*:sap:*:* cpe:2.3:a:samba:cifs-utils:*:*:*:*:*:*:*:* cpe:2.3:o:suse:linux_enterprise_server:12:sp2:*:*:business_critical_linux:-:*:* cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:-:*:* cpe:2.3:a:suse:openstack_cloud:9.0:*:*:*:*:*:*:* cpe:2.3:a:suse:manager_retail_branch_server:4.1:*:*:*:*:*:*:* cpe:2.3:a:suse:enterprise_storage:7.0:*:*:*:*:*:*:* cpe:2.3:o:suse:linux_enterprise_server:12:sp3:*:*:business_critical_linux:-:*:* cpe:2.3:o:suse:linux_enterprise_high_performance_computing:15.0:sp3:*:*:-:*:*:* cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:* cpe:2.3:a:suse:manager_retail_branch_server:4.3:*:*:*:*:*:*:* cpe:2.3:a:suse:caas_platform:4.0:*:*:*:*:*:*:* |
|
CVSS |
v2 : v3 : |
v2 : 7.2
v3 : 7.8 |
27 Apr 2022, 14:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-04-27 14:15
Updated : 2023-12-10 14:22
NVD link : CVE-2022-27239
Mitre link : CVE-2022-27239
CVE.ORG link : CVE-2022-27239
JSON object : View
Products Affected
suse
- linux_enterprise_software_development_kit
- openstack_cloud_crowbar
- caas_platform
- manager_proxy
- linux_enterprise_storage
- linux_enterprise_high_performance_computing
- linux_enterprise_desktop
- linux_enterprise_point_of_service
- enterprise_storage
- linux_enterprise_micro
- openstack_cloud
- linux_enterprise_real_time
- linux_enterprise_server
- manager_retail_branch_server
- manager_server
hp
- helion_openstack
fedoraproject
- fedora
samba
- cifs-utils
debian
- debian_linux
CWE
CWE-787
Out-of-bounds Write