CVE-2022-27239

Published: Apr 27, 2022

Modified: Aug 3, 2024

PUBLISHED

Description

In cifs-utils through 6.14, a stack-based buffer overflow when parsing the mount.cifs ip= command-line argument could lead to local attackers gaining root privileges.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://bugzilla.suse.com/show_bug.cgi?id=1197216

http://wiki.robotz.com/index.php/Linux_CIFS_Utils_and_Samba

https://github.com/piastry/cifs-utils/pull/7/commits/955fb147e97a6a74e1aaa65766de91e2c1479765

https://bugzilla.samba.org/show_bug.cgi?id=15025

https://github.com/piastry/cifs-utils/pull/7

FEDORA-2022-eb2d3ca94d

vendor-advisory

FEDORA-2022-7fda04ab5a

vendor-advisory

FEDORA-2022-34de4f833d

vendor-advisory

[debian-lts-announce] 20220516 [SECURITY] [DLA 3009-1] cifs-utils security update

mailing-list

DSA-5157

vendor-advisory

GLSA-202311-05

vendor-advisory

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2022-27239

Description

Affected Products

References