Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2022-27239 (GCVE-0-2022-27239)
Vulnerability from cvelistv5 – Published: 2022-04-27 00:00 – Updated: 2024-08-03 05:25
VLAI?
EPSS
Summary
In cifs-utils through 6.14, a stack-based buffer overflow when parsing the mount.cifs ip= command-line argument could lead to local attackers gaining root privileges.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:25:32.591Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1197216"
},
{
"tags": [
"x_transferred"
],
"url": "http://wiki.robotz.com/index.php/Linux_CIFS_Utils_and_Samba"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/piastry/cifs-utils/pull/7/commits/955fb147e97a6a74e1aaa65766de91e2c1479765"
},
{
"tags": [
"x_transferred"
],
"url": "https://bugzilla.samba.org/show_bug.cgi?id=15025"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/piastry/cifs-utils/pull/7"
},
{
"name": "FEDORA-2022-eb2d3ca94d",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QIYZ4L6SLSYJQ446VJAO2VGAESURQNSP/"
},
{
"name": "FEDORA-2022-7fda04ab5a",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HXKZLJYJJEC3TIBFLXUORRMZUKG5W676/"
},
{
"name": "FEDORA-2022-34de4f833d",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5WBOLMANBYJILXQKRRK7OCR774PXJAYY/"
},
{
"name": "[debian-lts-announce] 20220516 [SECURITY] [DLA 3009-1] cifs-utils security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/05/msg00020.html"
},
{
"name": "DSA-5157",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.debian.org/security/2022/dsa-5157"
},
{
"name": "GLSA-202311-05",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202311-05"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In cifs-utils through 6.14, a stack-based buffer overflow when parsing the mount.cifs ip= command-line argument could lead to local attackers gaining root privileges."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-11-24T15:06:24.937Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1197216"
},
{
"url": "http://wiki.robotz.com/index.php/Linux_CIFS_Utils_and_Samba"
},
{
"url": "https://github.com/piastry/cifs-utils/pull/7/commits/955fb147e97a6a74e1aaa65766de91e2c1479765"
},
{
"url": "https://bugzilla.samba.org/show_bug.cgi?id=15025"
},
{
"url": "https://github.com/piastry/cifs-utils/pull/7"
},
{
"name": "FEDORA-2022-eb2d3ca94d",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QIYZ4L6SLSYJQ446VJAO2VGAESURQNSP/"
},
{
"name": "FEDORA-2022-7fda04ab5a",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HXKZLJYJJEC3TIBFLXUORRMZUKG5W676/"
},
{
"name": "FEDORA-2022-34de4f833d",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5WBOLMANBYJILXQKRRK7OCR774PXJAYY/"
},
{
"name": "[debian-lts-announce] 20220516 [SECURITY] [DLA 3009-1] cifs-utils security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/05/msg00020.html"
},
{
"name": "DSA-5157",
"tags": [
"vendor-advisory"
],
"url": "https://www.debian.org/security/2022/dsa-5157"
},
{
"name": "GLSA-202311-05",
"tags": [
"vendor-advisory"
],
"url": "https://security.gentoo.org/glsa/202311-05"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-27239",
"datePublished": "2022-04-27T00:00:00.000Z",
"dateReserved": "2022-03-18T00:00:00.000Z",
"dateUpdated": "2024-08-03T05:25:32.591Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:samba:cifs-utils:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"6.15\", \"matchCriteriaId\": \"A994C1D7-9394-43A0-976B-246980F5E77E\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DEECE5FC-CACF-4496-A3E7-164736409252\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"07B237A9-69A3-4A9C-9DA0-4E06BD37AE73\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FA6FEEC2-9F11-4643-8827-749718254FED\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:suse:caas_platform:4.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5AB27A2D-549C-450E-A09E-B3316895F052\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:suse:enterprise_storage:6.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3B20D44D-F87E-4692-8E04-695683F1ECE6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:suse:enterprise_storage:7.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F7305944-AC9C-47A3-AADF-71A8B24830D1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:suse:linux_enterprise_point_of_service:11.0:sp3:*:*:*:*:*:*\", \"matchCriteriaId\": \"694479D9-16C8-4B60-A4D3-975D9E0A7F53\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:suse:linux_enterprise_storage:7.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B264EB20-49EA-4819-A92B-0748AEFFAC68\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:suse:manager_proxy:4.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9910C73A-3BCD-4F56-8C7D-79CB289640A2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:suse:manager_proxy:4.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B0156BFA-9E83-43E6-9C73-9711AD054B5A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:suse:manager_proxy:4.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CAC2D0A4-56F8-4ED6-91E2-78434A016C5F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:suse:manager_retail_branch_server:4.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"450A3B3F-F26D-4EAB-BF5D-4C906C4A99DD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:suse:manager_retail_branch_server:4.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BD5BDD59-5008-4DDC-B805-BB6B7DE8E1A6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:suse:manager_retail_branch_server:4.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A69D3CCD-6590-46EF-9D3F-E903AB78E3BA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:suse:manager_server:4.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B5810E98-7BF5-42E2-9DE9-661049ABE367\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:suse:manager_server:4.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0E46DEFD-659D-4D8F-BCD8-6B8A022F8FB0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:suse:manager_server:4.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A1532304-0EA2-4816-B481-C87C7386DC88\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:suse:openstack_cloud:8.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1C3BEB21-4080-4258-B95C-562D717AED0B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:suse:openstack_cloud:9.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"83F8A7D8-FD3E-4C36-AB2A-A61449BF38C5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:suse:openstack_cloud_crowbar:8.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1675CBE5-44D3-4326-AE8B-EEB9E25D783A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:suse:openstack_cloud_crowbar:9.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B631400C-0A5A-45A3-9DFA-B419E83D324E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:suse:linux_enterprise_desktop:15:sp3:*:*:*:*:*:*\", \"matchCriteriaId\": \"ACB76FF0-B939-42E9-842B-171E929F317D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:suse:linux_enterprise_desktop:15:sp4:*:*:*:*:*:*\", \"matchCriteriaId\": \"F648F64B-C3F2-4B14-906D-E48345303F0E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:suse:linux_enterprise_high_performance_computing:12.0:sp5:*:*:-:*:*:*\", \"matchCriteriaId\": \"F8C8AD43-557D-4285-BA46-9C5785F53229\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:suse:linux_enterprise_high_performance_computing:15.0:-:*:*:ltss:*:*:*\", \"matchCriteriaId\": \"6CFA8943-A151-4E16-962D-75F1CB0C3C41\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:suse:linux_enterprise_high_performance_computing:15.0:sp1:*:*:espos:*:*:*\", \"matchCriteriaId\": \"89C89474-3F7A-499E-8E7C-25952584A68C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:suse:linux_enterprise_high_performance_computing:15.0:sp1:*:*:ltss:*:*:*\", \"matchCriteriaId\": \"CA2E84A0-A9ED-411B-9963-647D8A95D3D5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:suse:linux_enterprise_high_performance_computing:15.0:sp2:*:*:espos:*:*:*\", \"matchCriteriaId\": \"455B5F70-FDA0-4AE3-9C62-F0BC8E6C3D85\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:suse:linux_enterprise_high_performance_computing:15.0:sp2:*:*:ltss:*:*:*\", \"matchCriteriaId\": \"A0E17861-F7C2-479B-B687-42419ADED014\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:suse:linux_enterprise_high_performance_computing:15.0:sp3:*:*:-:*:*:*\", \"matchCriteriaId\": \"75A0B727-33A9-416B-9E83-5103ABE856B4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:suse:linux_enterprise_high_performance_computing:15.0:sp4:*:*:-:*:*:*\", \"matchCriteriaId\": \"D0E679A3-3EAC-4603-BD89-E04EE26845B2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:suse:linux_enterprise_micro:5.2:*:*:*:*:-:*:*\", \"matchCriteriaId\": \"EACDFD9B-C423-4FD1-B9AA-0D6D7D93CB36\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:suse:linux_enterprise_micro:5.2:*:*:*:*:rancher:*:*\", \"matchCriteriaId\": \"825D86FE-87DA-4389-8097-D7CF34718CB2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:suse:linux_enterprise_real_time:15.0:sp2:*:*:*:*:*:*\", \"matchCriteriaId\": \"4B0AC584-5E26-4ACE-BC19-9E69A302F238\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:-:*:*\", \"matchCriteriaId\": \"E534C201-BCC5-473C-AAA7-AAB97CEB5437\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:suse:linux_enterprise_server:11:sp4:*:*:ltss:*:*:*\", \"matchCriteriaId\": \"7B84C8D3-0B59-40DC-881D-D016A422E8CC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:suse:linux_enterprise_server:12:sp2:*:*:business_critical_linux:-:*:*\", \"matchCriteriaId\": \"93A9AC01-6C1F-4025-BD7C-E02C4E3D0CD0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:suse:linux_enterprise_server:12:sp3:*:*:*:sap:*:*\", \"matchCriteriaId\": \"16729D9C-DC05-41BD-9B32-682983190CE0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:suse:linux_enterprise_server:12:sp3:*:*:business_critical_linux:-:*:*\", \"matchCriteriaId\": \"EA9DC756-8E39-4AB6-B9D4-2A4100FF8D04\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:suse:linux_enterprise_server:12:sp3:*:*:espos:*:*:*\", \"matchCriteriaId\": \"77F1991E-E0D6-4BDE-BDF0-D34D6E67AAD4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:suse:linux_enterprise_server:12:sp3:*:*:ltss:*:*:*\", \"matchCriteriaId\": \"C6622CD4-DF4B-4064-BAEB-5E382C4B05C8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:suse:linux_enterprise_server:12:sp4:*:*:-:sap:*:*\", \"matchCriteriaId\": \"E279968E-C62B-4888-899A-2BF57E8F8692\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:suse:linux_enterprise_server:12:sp4:*:*:espos:*:*:*\", \"matchCriteriaId\": \"65709414-EAE0-4EA7-9C5F-EBDA80FF2A9D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:suse:linux_enterprise_server:12:sp4:*:*:ltss:*:*:*\", \"matchCriteriaId\": \"7E05EE7E-993C-4107-9A15-EBE0D2268239\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:suse:linux_enterprise_server:12:sp5:*:*:*:sap:*:*\", \"matchCriteriaId\": \"471E110C-10CC-4C36-BDE1-BBB27EF5C6EA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:suse:linux_enterprise_server:15:*:*:*:*:sap:*:*\", \"matchCriteriaId\": \"C665A768-DBDA-4197-9159-A2791E98A84F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:suse:linux_enterprise_server:15:-:*:*:espos:*:*:*\", \"matchCriteriaId\": \"88FFABAC-A728-4172-9A1E-2B84E82219D4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:suse:linux_enterprise_server:15:-:*:*:ltss:*:*:*\", \"matchCriteriaId\": \"B1065E14-69B3-4643-ACF7-3C14BF07C783\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:suse:linux_enterprise_server:15:sp1:*:*:business_critical_linux:-:*:*\", \"matchCriteriaId\": \"26FDBC27-D993-4A93-BC70-753FA21F4C11\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:suse:linux_enterprise_server:15:sp1:*:*:ltss:*:*:*\", \"matchCriteriaId\": \"55A521F2-51C3-4356-A8D6-BD5A1BD60C85\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:suse:linux_enterprise_server:15:sp2:*:*:business_critical_linux:-:*:*\", \"matchCriteriaId\": \"A256B5D1-49D2-4363-AAD6-30FD32F0D132\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:suse:linux_enterprise_server:15:sp2:*:*:ltss:*:*:*\", \"matchCriteriaId\": \"6E1420DB-3DF2-4A95-B703-913D67727295\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:suse:linux_enterprise_server:15:sp3:*:*:*:*:*:*\", \"matchCriteriaId\": \"6C2EACE6-C127-4B13-8002-8EEBEE8D549B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:suse:linux_enterprise_server:15:sp4:*:*:*:*:*:*\", \"matchCriteriaId\": \"72FDB554-E771-42DA-8B9E-DB5CB545A660\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:sp5:*:*:*:*:*:*\", \"matchCriteriaId\": \"6C734CEC-64F2-4129-B52E-C81884B3AC9A\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:hp:helion_openstack:8.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"541BB602-443D-4D8E-A46F-5EC4A9702E17\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A930E247-0B43-43CB-98FF-6CE7B8189835\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"80E516C0-98A4-4ADE-B69F-66A772E2BAAA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5C675112-476C-4D7C-BCB9-A2FB2D0BC9FD\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"In cifs-utils through 6.14, a stack-based buffer overflow when parsing the mount.cifs ip= command-line argument could lead to local attackers gaining root privileges.\"}, {\"lang\": \"es\", \"value\": \"En cifs-utils versiones hasta 6.14, un desbordamiento del b\\u00fafer en la regi\\u00f3n stack de la memoria cuando es analizado el argumento de l\\u00ednea de comandos mount.cifs ip= podr\\u00eda conllevar a que atacantes locales obtuvieran privilegios de root\"}]",
"id": "CVE-2022-27239",
"lastModified": "2024-11-21T06:55:28.487",
"metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 7.8, \"baseSeverity\": \"HIGH\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 1.8, \"impactScore\": 5.9}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:L/AC:L/Au:N/C:C/I:C/A:C\", \"baseScore\": 7.2, \"accessVector\": \"LOCAL\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"COMPLETE\", \"integrityImpact\": \"COMPLETE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 3.9, \"impactScore\": 10.0, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
"published": "2022-04-27T14:15:09.203",
"references": "[{\"url\": \"http://wiki.robotz.com/index.php/Linux_CIFS_Utils_and_Samba\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://bugzilla.samba.org/show_bug.cgi?id=15025\", \"source\": \"cve@mitre.org\", \"tags\": [\"Issue Tracking\", \"Permissions Required\", \"Vendor Advisory\"]}, {\"url\": \"https://bugzilla.suse.com/show_bug.cgi?id=1197216\", \"source\": \"cve@mitre.org\", \"tags\": [\"Issue Tracking\", \"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://github.com/piastry/cifs-utils/pull/7\", \"source\": \"cve@mitre.org\", \"tags\": [\"Issue Tracking\", \"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://github.com/piastry/cifs-utils/pull/7/commits/955fb147e97a6a74e1aaa65766de91e2c1479765\", \"source\": \"cve@mitre.org\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2022/05/msg00020.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5WBOLMANBYJILXQKRRK7OCR774PXJAYY/\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HXKZLJYJJEC3TIBFLXUORRMZUKG5W676/\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QIYZ4L6SLSYJQ446VJAO2VGAESURQNSP/\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://security.gentoo.org/glsa/202311-05\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://www.debian.org/security/2022/dsa-5157\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://wiki.robotz.com/index.php/Linux_CIFS_Utils_and_Samba\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://bugzilla.samba.org/show_bug.cgi?id=15025\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Issue Tracking\", \"Permissions Required\", \"Vendor Advisory\"]}, {\"url\": \"https://bugzilla.suse.com/show_bug.cgi?id=1197216\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Issue Tracking\", \"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://github.com/piastry/cifs-utils/pull/7\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Issue Tracking\", \"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://github.com/piastry/cifs-utils/pull/7/commits/955fb147e97a6a74e1aaa65766de91e2c1479765\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2022/05/msg00020.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5WBOLMANBYJILXQKRRK7OCR774PXJAYY/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HXKZLJYJJEC3TIBFLXUORRMZUKG5W676/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QIYZ4L6SLSYJQ446VJAO2VGAESURQNSP/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://security.gentoo.org/glsa/202311-05\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://www.debian.org/security/2022/dsa-5157\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}]",
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-787\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2022-27239\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2022-04-27T14:15:09.203\",\"lastModified\":\"2024-11-21T06:55:28.487\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In cifs-utils through 6.14, a stack-based buffer overflow when parsing the mount.cifs ip= command-line argument could lead to local attackers gaining root privileges.\"},{\"lang\":\"es\",\"value\":\"En cifs-utils versiones hasta 6.14, un desbordamiento del b\u00fafer en la regi\u00f3n stack de la memoria cuando es analizado el argumento de l\u00ednea de comandos mount.cifs ip= podr\u00eda conllevar a que atacantes locales obtuvieran privilegios de root\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:L/Au:N/C:C/I:C/A:C\",\"baseScore\":7.2,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":3.9,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-787\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:samba:cifs-utils:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"6.15\",\"matchCriteriaId\":\"A994C1D7-9394-43A0-976B-246980F5E77E\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DEECE5FC-CACF-4496-A3E7-164736409252\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"07B237A9-69A3-4A9C-9DA0-4E06BD37AE73\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FA6FEEC2-9F11-4643-8827-749718254FED\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:suse:caas_platform:4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5AB27A2D-549C-450E-A09E-B3316895F052\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:suse:enterprise_storage:6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3B20D44D-F87E-4692-8E04-695683F1ECE6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:suse:enterprise_storage:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F7305944-AC9C-47A3-AADF-71A8B24830D1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:suse:linux_enterprise_point_of_service:11.0:sp3:*:*:*:*:*:*\",\"matchCriteriaId\":\"694479D9-16C8-4B60-A4D3-975D9E0A7F53\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:suse:linux_enterprise_storage:7.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B264EB20-49EA-4819-A92B-0748AEFFAC68\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:suse:manager_proxy:4.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9910C73A-3BCD-4F56-8C7D-79CB289640A2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:suse:manager_proxy:4.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B0156BFA-9E83-43E6-9C73-9711AD054B5A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:suse:manager_proxy:4.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CAC2D0A4-56F8-4ED6-91E2-78434A016C5F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:suse:manager_retail_branch_server:4.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"450A3B3F-F26D-4EAB-BF5D-4C906C4A99DD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:suse:manager_retail_branch_server:4.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BD5BDD59-5008-4DDC-B805-BB6B7DE8E1A6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:suse:manager_retail_branch_server:4.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A69D3CCD-6590-46EF-9D3F-E903AB78E3BA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:suse:manager_server:4.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B5810E98-7BF5-42E2-9DE9-661049ABE367\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:suse:manager_server:4.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0E46DEFD-659D-4D8F-BCD8-6B8A022F8FB0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:suse:manager_server:4.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A1532304-0EA2-4816-B481-C87C7386DC88\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:suse:openstack_cloud:8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1C3BEB21-4080-4258-B95C-562D717AED0B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:suse:openstack_cloud:9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"83F8A7D8-FD3E-4C36-AB2A-A61449BF38C5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:suse:openstack_cloud_crowbar:8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1675CBE5-44D3-4326-AE8B-EEB9E25D783A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:suse:openstack_cloud_crowbar:9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B631400C-0A5A-45A3-9DFA-B419E83D324E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_desktop:15:sp3:*:*:*:*:*:*\",\"matchCriteriaId\":\"ACB76FF0-B939-42E9-842B-171E929F317D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_desktop:15:sp4:*:*:*:*:*:*\",\"matchCriteriaId\":\"F648F64B-C3F2-4B14-906D-E48345303F0E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_high_performance_computing:12.0:sp5:*:*:-:*:*:*\",\"matchCriteriaId\":\"F8C8AD43-557D-4285-BA46-9C5785F53229\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_high_performance_computing:15.0:-:*:*:ltss:*:*:*\",\"matchCriteriaId\":\"6CFA8943-A151-4E16-962D-75F1CB0C3C41\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_high_performance_computing:15.0:sp1:*:*:espos:*:*:*\",\"matchCriteriaId\":\"89C89474-3F7A-499E-8E7C-25952584A68C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_high_performance_computing:15.0:sp1:*:*:ltss:*:*:*\",\"matchCriteriaId\":\"CA2E84A0-A9ED-411B-9963-647D8A95D3D5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_high_performance_computing:15.0:sp2:*:*:espos:*:*:*\",\"matchCriteriaId\":\"455B5F70-FDA0-4AE3-9C62-F0BC8E6C3D85\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_high_performance_computing:15.0:sp2:*:*:ltss:*:*:*\",\"matchCriteriaId\":\"A0E17861-F7C2-479B-B687-42419ADED014\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_high_performance_computing:15.0:sp3:*:*:-:*:*:*\",\"matchCriteriaId\":\"75A0B727-33A9-416B-9E83-5103ABE856B4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_high_performance_computing:15.0:sp4:*:*:-:*:*:*\",\"matchCriteriaId\":\"D0E679A3-3EAC-4603-BD89-E04EE26845B2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_micro:5.2:*:*:*:*:-:*:*\",\"matchCriteriaId\":\"EACDFD9B-C423-4FD1-B9AA-0D6D7D93CB36\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_micro:5.2:*:*:*:*:rancher:*:*\",\"matchCriteriaId\":\"825D86FE-87DA-4389-8097-D7CF34718CB2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_real_time:15.0:sp2:*:*:*:*:*:*\",\"matchCriteriaId\":\"4B0AC584-5E26-4ACE-BC19-9E69A302F238\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:-:*:*\",\"matchCriteriaId\":\"E534C201-BCC5-473C-AAA7-AAB97CEB5437\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_server:11:sp4:*:*:ltss:*:*:*\",\"matchCriteriaId\":\"7B84C8D3-0B59-40DC-881D-D016A422E8CC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_server:12:sp2:*:*:business_critical_linux:-:*:*\",\"matchCriteriaId\":\"93A9AC01-6C1F-4025-BD7C-E02C4E3D0CD0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_server:12:sp3:*:*:*:sap:*:*\",\"matchCriteriaId\":\"16729D9C-DC05-41BD-9B32-682983190CE0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_server:12:sp3:*:*:business_critical_linux:-:*:*\",\"matchCriteriaId\":\"EA9DC756-8E39-4AB6-B9D4-2A4100FF8D04\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_server:12:sp3:*:*:espos:*:*:*\",\"matchCriteriaId\":\"77F1991E-E0D6-4BDE-BDF0-D34D6E67AAD4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_server:12:sp3:*:*:ltss:*:*:*\",\"matchCriteriaId\":\"C6622CD4-DF4B-4064-BAEB-5E382C4B05C8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_server:12:sp4:*:*:-:sap:*:*\",\"matchCriteriaId\":\"E279968E-C62B-4888-899A-2BF57E8F8692\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_server:12:sp4:*:*:espos:*:*:*\",\"matchCriteriaId\":\"65709414-EAE0-4EA7-9C5F-EBDA80FF2A9D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_server:12:sp4:*:*:ltss:*:*:*\",\"matchCriteriaId\":\"7E05EE7E-993C-4107-9A15-EBE0D2268239\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_server:12:sp5:*:*:*:sap:*:*\",\"matchCriteriaId\":\"471E110C-10CC-4C36-BDE1-BBB27EF5C6EA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_server:15:*:*:*:*:sap:*:*\",\"matchCriteriaId\":\"C665A768-DBDA-4197-9159-A2791E98A84F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_server:15:-:*:*:espos:*:*:*\",\"matchCriteriaId\":\"88FFABAC-A728-4172-9A1E-2B84E82219D4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_server:15:-:*:*:ltss:*:*:*\",\"matchCriteriaId\":\"B1065E14-69B3-4643-ACF7-3C14BF07C783\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_server:15:sp1:*:*:business_critical_linux:-:*:*\",\"matchCriteriaId\":\"26FDBC27-D993-4A93-BC70-753FA21F4C11\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_server:15:sp1:*:*:ltss:*:*:*\",\"matchCriteriaId\":\"55A521F2-51C3-4356-A8D6-BD5A1BD60C85\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_server:15:sp2:*:*:business_critical_linux:-:*:*\",\"matchCriteriaId\":\"A256B5D1-49D2-4363-AAD6-30FD32F0D132\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_server:15:sp2:*:*:ltss:*:*:*\",\"matchCriteriaId\":\"6E1420DB-3DF2-4A95-B703-913D67727295\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_server:15:sp3:*:*:*:*:*:*\",\"matchCriteriaId\":\"6C2EACE6-C127-4B13-8002-8EEBEE8D549B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_server:15:sp4:*:*:*:*:*:*\",\"matchCriteriaId\":\"72FDB554-E771-42DA-8B9E-DB5CB545A660\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:sp5:*:*:*:*:*:*\",\"matchCriteriaId\":\"6C734CEC-64F2-4129-B52E-C81884B3AC9A\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:hp:helion_openstack:8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"541BB602-443D-4D8E-A46F-5EC4A9702E17\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A930E247-0B43-43CB-98FF-6CE7B8189835\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"80E516C0-98A4-4ADE-B69F-66A772E2BAAA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5C675112-476C-4D7C-BCB9-A2FB2D0BC9FD\"}]}]}],\"references\":[{\"url\":\"http://wiki.robotz.com/index.php/Linux_CIFS_Utils_and_Samba\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://bugzilla.samba.org/show_bug.cgi?id=15025\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\",\"Permissions Required\",\"Vendor Advisory\"]},{\"url\":\"https://bugzilla.suse.com/show_bug.cgi?id=1197216\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/piastry/cifs-utils/pull/7\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/piastry/cifs-utils/pull/7/commits/955fb147e97a6a74e1aaa65766de91e2c1479765\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2022/05/msg00020.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5WBOLMANBYJILXQKRRK7OCR774PXJAYY/\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HXKZLJYJJEC3TIBFLXUORRMZUKG5W676/\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QIYZ4L6SLSYJQ446VJAO2VGAESURQNSP/\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://security.gentoo.org/glsa/202311-05\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://www.debian.org/security/2022/dsa-5157\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://wiki.robotz.com/index.php/Linux_CIFS_Utils_and_Samba\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://bugzilla.samba.org/show_bug.cgi?id=15025\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Permissions Required\",\"Vendor Advisory\"]},{\"url\":\"https://bugzilla.suse.com/show_bug.cgi?id=1197216\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/piastry/cifs-utils/pull/7\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/piastry/cifs-utils/pull/7/commits/955fb147e97a6a74e1aaa65766de91e2c1479765\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2022/05/msg00020.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5WBOLMANBYJILXQKRRK7OCR774PXJAYY/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HXKZLJYJJEC3TIBFLXUORRMZUKG5W676/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QIYZ4L6SLSYJQ446VJAO2VGAESURQNSP/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://security.gentoo.org/glsa/202311-05\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://www.debian.org/security/2022/dsa-5157\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]}]}}"
}
}
BDU:2022-04338
Vulnerability from fstec - Published: 27.04.2022
VLAI Severity ?
Title
Уязвимость компонента mount.cifs.c пакета утилит для монтирования сетевых файловых систем CIFS cifs-utils операционной системы Linux, позволяющая нарушителю повысить свои привилегии
Description
Уязвимость компонента mount.cifs.c пакета утилит для монтирования сетевых файловых систем CIFS cifs-utils операционной системы Linux связана с записью за границами буфера в памяти. Эксплуатация уязвимости может позволить нарушителю повысить свои привилегии
Severity ?
Vendor
Canonical Ltd., Red Hat Inc., Novell Inc., Сообщество свободного программного обеспечения, Fedora Project, ООО «Ред Софт», АО «ИВК», Samba Team, ООО «РусБИТех-Астра», АО "НППКТ"
Software Name
Ubuntu, Red Hat Enterprise Linux, Suse Linux Enterprise Server, SUSE Linux Enterprise Server for SAP Applications, Debian GNU/Linux, SUSE Linux Enterprise High Performance Computing, Fedora, SUSE Linux Enterprise Module for Basesystem, РЕД ОС (запись в едином реестре российских программ №3751), Альт 8 СП (запись в едином реестре российских программ №4305), SUSE Linux Enterprise Micro, SUSE Manager Retail Branch Server, SUSE Manager Server, cifs-utils, SUSE Linux Enterprise Server Business Critical Linux, Astra Linux Special Edition (запись в едином реестре российских программ №369), ОСОН ОСнова Оnyx (запись в едином реестре российских программ №5913), Suse Linux Enterprise Desktop, OpenSUSE Leap, SUSE Linux Enterprise Server LTSS Extended Security, SUSE Manager Proxy
Software Version
14.04 LTS (Ubuntu), 16.04 LTS (Ubuntu), 18.04 LTS (Ubuntu), 8 (Red Hat Enterprise Linux), 12 SP5 (Suse Linux Enterprise Server), 12 SP5 (SUSE Linux Enterprise Server for SAP Applications), 10 (Debian GNU/Linux), 12 SP5 (SUSE Linux Enterprise High Performance Computing), 20.04 LTS (Ubuntu), 15-ESPOS (Suse Linux Enterprise Server), 34 (Fedora), 15 SP3 (SUSE Linux Enterprise Module for Basesystem), 11 (Debian GNU/Linux), 12 (Debian GNU/Linux), 35 (Fedora), 21.10 (Ubuntu), 7.3 (РЕД ОС), 15 SP3 (SUSE Linux Enterprise High Performance Computing), 15 SP3 (Suse Linux Enterprise Server), - (Альт 8 СП), 36 (Fedora), 15 SP4 (Suse Linux Enterprise Server), 5.2 (SUSE Linux Enterprise Micro), 22.04 LTS (Ubuntu), 4.3 (SUSE Manager Retail Branch Server), 4.3 (SUSE Manager Server), 15 SP4 (SUSE Linux Enterprise High Performance Computing), 15 SP4 (SUSE Linux Enterprise Module for Basesystem), до 6.14 включительно (cifs-utils), 15 SP1 (SUSE Linux Enterprise Server Business Critical Linux), 15 SP2 (SUSE Linux Enterprise Server Business Critical Linux), 4.7 (Astra Linux Special Edition), до 2.5.1 (ОСОН ОСнова Оnyx), 5.3 (SUSE Linux Enterprise Micro), 15 SP3-LTSS (Suse Linux Enterprise Server), 15 SP3-ESPOS (SUSE Linux Enterprise High Performance Computing), 15 SP3-LTSS (SUSE Linux Enterprise High Performance Computing), 15 SP5 (Suse Linux Enterprise Server), 15 SP5 (SUSE Linux Enterprise High Performance Computing), 15 SP5 (SUSE Linux Enterprise Module for Basesystem), 5.4 (SUSE Linux Enterprise Micro), 5.5 (SUSE Linux Enterprise Micro), 15 SP4-LTSS (SUSE Linux Enterprise High Performance Computing), 15 SP4-LTSS (Suse Linux Enterprise Server), 15 SP6 (Suse Linux Enterprise Desktop), 15 SP6 (Suse Linux Enterprise Server), 15 SP6 (SUSE Linux Enterprise Server for SAP Applications), 15 SP6 (SUSE Linux Enterprise High Performance Computing), 15 SP6 (SUSE Linux Enterprise Module for Basesystem), 15.6 (OpenSUSE Leap), 12 SP5-LTSS (Suse Linux Enterprise Server), 15 SP5-LTSS (Suse Linux Enterprise Server), 15 SP5-LTSS (SUSE Linux Enterprise High Performance Computing), 15 SP5-ESPOS (SUSE Linux Enterprise High Performance Computing), 12 SP5 (SUSE Linux Enterprise Server LTSS Extended Security), 15 SP7 (Suse Linux Enterprise Desktop), 15 SP7 (SUSE Linux Enterprise High Performance Computing), 15 SP7 (Suse Linux Enterprise Server), 15 SP7 (SUSE Linux Enterprise Server for SAP Applications), 15 SP7 (SUSE Linux Enterprise Module for Basesystem), LTS 4.3 (SUSE Manager Proxy), LTS 4.3 (SUSE Manager Retail Branch Server), LTS 4.3 (SUSE Manager Server), 13 (Debian GNU/Linux)
Possible Mitigations
В условиях отсутствия обновлений безопасности от производителя рекомендуется придерживаться "Рекомендаций по безопасной настройке операционных систем LINUX", изложенных в методическом документе ФСТЭК России, утверждённом 25 декабря 2022 года.
Использование рекомендаций:
Для cifs-utils:
https://github.com/piastry/cifs-utils/pull/7
https://github.com/piastry/cifs-utils/pull/7/commits/955fb147e97a6a74e1aaa65766de91e2c1479765
Для Debian GNU/Linux:
https://security-tracker.debian.org/tracker/CVE-2022-29869
Для программных продуктов Novell Inc.:
https://www.suse.com/security/cve/CVE-2022-27239.html
Для Ubuntu:
https://ubuntu.com/security/notices/USN-5459-1
Для Fedora:
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5WBOLMANBYJILXQKRRK7OCR774PXJAYY/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HXKZLJYJJEC3TIBFLXUORRMZUKG5W676/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QIYZ4L6SLSYJQ446VJAO2VGAESURQNSP/
Для ОС Astra Linux:
использование рекомендаций производителя: https://wiki.astralinux.ru/astra-linux-se47-bulletin-2022-0926SE47
Для Альт 8 СП :
https://altsp.su/obnovleniya-bezopasnosti/
Для ОСОН Основа:
Обновление программного обеспечения cifs-utils до версии 2:6.11-3.1+deb11u1
Для РедОС:
http://repo.red-soft.ru/redos/7.3c/x86_64/updates/
Для программных продуктов Red Hat Inc.:
https://access.redhat.com/security/cve/cve-2022-27239
Reference
https://altsp.su/obnovleniya-bezopasnosti/
https://github.com/piastry/cifs-utils/pull/7
https://github.com/piastry/cifs-utils/pull/7/commits/955fb147e97a6a74e1aaa65766de91e2c1479765
https://security-tracker.debian.org/tracker/CVE-2022-29869
https://www.suse.com/security/cve/CVE-2022-27239.html
https://ubuntu.com/security/notices/USN-5459-1
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5WBOLMANBYJILXQKRRK7OCR774PXJAYY/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HXKZLJYJJEC3TIBFLXUORRMZUKG5W676/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QIYZ4L6SLSYJQ446VJAO2VGAESURQNSP/
https://поддержка.нппкт.рф/bin/view/ОСнова/Обновления/2.5.1/
https://wiki.astralinux.ru/astra-linux-se47-bulletin-2022-0926SE47
http://repo.red-soft.ru/redos/7.3c/x86_64/updates/
https://access.redhat.com/security/cve/cve-2022-27239
CWE
CWE-787
{
"CVSS 2.0": "AV:L/AC:L/Au:S/C:C/I:C/A:C",
"CVSS 3.0": "AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"CVSS 4.0": null,
"remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
"remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
"\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "Canonical Ltd., Red Hat Inc., Novell Inc., \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f, Fedora Project, \u041e\u041e\u041e \u00ab\u0420\u0435\u0434 \u0421\u043e\u0444\u0442\u00bb, \u0410\u041e \u00ab\u0418\u0412\u041a\u00bb, Samba Team, \u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb, \u0410\u041e \"\u041d\u041f\u041f\u041a\u0422\"",
"\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "14.04 LTS (Ubuntu), 16.04 LTS (Ubuntu), 18.04 LTS (Ubuntu), 8 (Red Hat Enterprise Linux), 12 SP5 (Suse Linux Enterprise Server), 12 SP5 (SUSE Linux Enterprise Server for SAP Applications), 10 (Debian GNU/Linux), 12 SP5 (SUSE Linux Enterprise High Performance Computing), 20.04 LTS (Ubuntu), 15-ESPOS (Suse Linux Enterprise Server), 34 (Fedora), 15 SP3 (SUSE Linux Enterprise Module for Basesystem), 11 (Debian GNU/Linux), 12 (Debian GNU/Linux), 35 (Fedora), 21.10 (Ubuntu), 7.3 (\u0420\u0415\u0414 \u041e\u0421), 15 SP3 (SUSE Linux Enterprise High Performance Computing), 15 SP3 (Suse Linux Enterprise Server), - (\u0410\u043b\u044c\u0442 8 \u0421\u041f), 36 (Fedora), 15 SP4 (Suse Linux Enterprise Server), 5.2 (SUSE Linux Enterprise Micro), 22.04 LTS (Ubuntu), 4.3 (SUSE Manager Retail Branch Server), 4.3 (SUSE Manager Server), 15 SP4 (SUSE Linux Enterprise High Performance Computing), 15 SP4 (SUSE Linux Enterprise Module for Basesystem), \u0434\u043e 6.14 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e (cifs-utils), 15 SP1 (SUSE Linux Enterprise Server Business Critical Linux), 15 SP2 (SUSE Linux Enterprise Server Business Critical Linux), 4.7 (Astra Linux Special Edition), \u0434\u043e 2.5.1 (\u041e\u0421\u041e\u041d \u041e\u0421\u043d\u043e\u0432\u0430 \u041enyx), 5.3 (SUSE Linux Enterprise Micro), 15 SP3-LTSS (Suse Linux Enterprise Server), 15 SP3-ESPOS (SUSE Linux Enterprise High Performance Computing), 15 SP3-LTSS (SUSE Linux Enterprise High Performance Computing), 15 SP5 (Suse Linux Enterprise Server), 15 SP5 (SUSE Linux Enterprise High Performance Computing), 15 SP5 (SUSE Linux Enterprise Module for Basesystem), 5.4 (SUSE Linux Enterprise Micro), 5.5 (SUSE Linux Enterprise Micro), 15 SP4-LTSS (SUSE Linux Enterprise High Performance Computing), 15 SP4-LTSS (Suse Linux Enterprise Server), 15 SP6 (Suse Linux Enterprise Desktop), 15 SP6 (Suse Linux Enterprise Server), 15 SP6 (SUSE Linux Enterprise Server for SAP Applications), 15 SP6 (SUSE Linux Enterprise High Performance Computing), 15 SP6 (SUSE Linux Enterprise Module for Basesystem), 15.6 (OpenSUSE Leap), 12 SP5-LTSS (Suse Linux Enterprise Server), 15 SP5-LTSS (Suse Linux Enterprise Server), 15 SP5-LTSS (SUSE Linux Enterprise High Performance Computing), 15 SP5-ESPOS (SUSE Linux Enterprise High Performance Computing), 12 SP5 (SUSE Linux Enterprise Server LTSS Extended Security), 15 SP7 (Suse Linux Enterprise Desktop), 15 SP7 (SUSE Linux Enterprise High Performance Computing), 15 SP7 (Suse Linux Enterprise Server), 15 SP7 (SUSE Linux Enterprise Server for SAP Applications), 15 SP7 (SUSE Linux Enterprise Module for Basesystem), LTS 4.3 (SUSE Manager Proxy), LTS 4.3 (SUSE Manager Retail Branch Server), LTS 4.3 (SUSE Manager Server), 13 (Debian GNU/Linux)",
"\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0412 \u0443\u0441\u043b\u043e\u0432\u0438\u044f\u0445 \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0438\u044f \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u043e\u0442 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043f\u0440\u0438\u0434\u0435\u0440\u0436\u0438\u0432\u0430\u0442\u044c\u0441\u044f \"\u0420\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439 \u043f\u043e \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0439 \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0435 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c LINUX\", \u0438\u0437\u043b\u043e\u0436\u0435\u043d\u043d\u044b\u0445 \u0432 \u043c\u0435\u0442\u043e\u0434\u0438\u0447\u0435\u0441\u043a\u043e\u043c \u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u0435 \u0424\u0421\u0422\u042d\u041a \u0420\u043e\u0441\u0441\u0438\u0438, \u0443\u0442\u0432\u0435\u0440\u0436\u0434\u0451\u043d\u043d\u043e\u043c 25 \u0434\u0435\u043a\u0430\u0431\u0440\u044f 2022 \u0433\u043e\u0434\u0430.\n\n\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439:\n\n\u0414\u043b\u044f cifs-utils:\nhttps://github.com/piastry/cifs-utils/pull/7\nhttps://github.com/piastry/cifs-utils/pull/7/commits/955fb147e97a6a74e1aaa65766de91e2c1479765\n\n\u0414\u043b\u044f Debian GNU/Linux:\nhttps://security-tracker.debian.org/tracker/CVE-2022-29869\n\n\u0414\u043b\u044f \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u044b\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432 Novell Inc.:\nhttps://www.suse.com/security/cve/CVE-2022-27239.html\n\n\u0414\u043b\u044f Ubuntu:\nhttps://ubuntu.com/security/notices/USN-5459-1\n\n\u0414\u043b\u044f Fedora:\nhttps://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5WBOLMANBYJILXQKRRK7OCR774PXJAYY/\nhttps://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HXKZLJYJJEC3TIBFLXUORRMZUKG5W676/\nhttps://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QIYZ4L6SLSYJQ446VJAO2VGAESURQNSP/\n\n\u0414\u043b\u044f \u041e\u0421 Astra Linux:\n\u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f: https://wiki.astralinux.ru/astra-linux-se47-bulletin-2022-0926SE47\n\n\u0414\u043b\u044f \u0410\u043b\u044c\u0442 8 \u0421\u041f :\nhttps://altsp.su/obnovleniya-bezopasnosti/\n\n\u0414\u043b\u044f \u041e\u0421\u041e\u041d \u041e\u0441\u043d\u043e\u0432\u0430:\n\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f cifs-utils \u0434\u043e \u0432\u0435\u0440\u0441\u0438\u0438 2:6.11-3.1+deb11u1\n\n\u0414\u043b\u044f \u0420\u0435\u0434\u041e\u0421:\nhttp://repo.red-soft.ru/redos/7.3c/x86_64/updates/\n\n\n\u0414\u043b\u044f \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u044b\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432 Red Hat Inc.:\nhttps://access.redhat.com/security/cve/cve-2022-27239",
"\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "27.04.2022",
"\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "10.09.2025",
"\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "13.07.2022",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2022-04338",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2022-27239",
"\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
"\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
"\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "Ubuntu, Red Hat Enterprise Linux, Suse Linux Enterprise Server, SUSE Linux Enterprise Server for SAP Applications, Debian GNU/Linux, SUSE Linux Enterprise High Performance Computing, Fedora, SUSE Linux Enterprise Module for Basesystem, \u0420\u0415\u0414 \u041e\u0421 (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21163751), \u0410\u043b\u044c\u0442 8 \u0421\u041f (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21164305), SUSE Linux Enterprise Micro, SUSE Manager Retail Branch Server, SUSE Manager Server, cifs-utils, SUSE Linux Enterprise Server Business Critical Linux, Astra Linux Special Edition (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u2116369), \u041e\u0421\u041e\u041d \u041e\u0421\u043d\u043e\u0432\u0430 \u041enyx (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21165913), Suse Linux Enterprise Desktop, OpenSUSE Leap, SUSE Linux Enterprise Server LTSS Extended Security, SUSE Manager Proxy",
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": "Canonical Ltd. Ubuntu 14.04 LTS , Canonical Ltd. Ubuntu 16.04 LTS , Canonical Ltd. Ubuntu 18.04 LTS , Red Hat Inc. Red Hat Enterprise Linux 8 , Novell Inc. Suse Linux Enterprise Server 12 SP5 , Novell Inc. SUSE Linux Enterprise Server for SAP Applications 12 SP5 , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Debian GNU/Linux 10 , Canonical Ltd. Ubuntu 20.04 LTS , Novell Inc. Suse Linux Enterprise Server 15-ESPOS , Fedora Project Fedora 34 , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Debian GNU/Linux 11 , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Debian GNU/Linux 12 , Fedora Project Fedora 35 , Canonical Ltd. Ubuntu 21.10 , \u041e\u041e\u041e \u00ab\u0420\u0435\u0434 \u0421\u043e\u0444\u0442\u00bb \u0420\u0415\u0414 \u041e\u0421 7.3 (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21163751), Novell Inc. Suse Linux Enterprise Server 15 SP3 , \u0410\u041e \u00ab\u0418\u0412\u041a\u00bb \u0410\u043b\u044c\u0442 8 \u0421\u041f - (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21164305), Fedora Project Fedora 36 , Novell Inc. Suse Linux Enterprise Server 15 SP4 , Canonical Ltd. Ubuntu 22.04 LTS , Novell Inc. SUSE Linux Enterprise Server Business Critical Linux 15 SP1 , Novell Inc. SUSE Linux Enterprise Server Business Critical Linux 15 SP2 , \u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb Astra Linux Special Edition 4.7 ARM (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u2116369), \u0410\u041e \"\u041d\u041f\u041f\u041a\u0422\" \u041e\u0421\u041e\u041d \u041e\u0421\u043d\u043e\u0432\u0430 \u041enyx \u0434\u043e 2.5.1 (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21165913), Novell Inc. Suse Linux Enterprise Server 15 SP3-LTSS , Novell Inc. Suse Linux Enterprise Server 15 SP5 , Novell Inc. Suse Linux Enterprise Server 15 SP4-LTSS , Novell Inc. Suse Linux Enterprise Desktop 15 SP6 , Novell Inc. Suse Linux Enterprise Server 15 SP6 , Novell Inc. SUSE Linux Enterprise Server for SAP Applications 15 SP6 , Novell Inc. OpenSUSE Leap 15.6 , Novell Inc. Suse Linux Enterprise Server 12 SP5-LTSS , Novell Inc. Suse Linux Enterprise Server 15 SP5-LTSS , Novell Inc. Suse Linux Enterprise Desktop 15 SP7 , Novell Inc. Suse Linux Enterprise Server 15 SP7 , Novell Inc. SUSE Linux Enterprise Server for SAP Applications 15 SP7 , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Debian GNU/Linux 13 ",
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0430 mount.cifs.c \u043f\u0430\u043a\u0435\u0442\u0430 \u0443\u0442\u0438\u043b\u0438\u0442 \u0434\u043b\u044f \u043c\u043e\u043d\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u0441\u0435\u0442\u0435\u0432\u044b\u0445 \u0444\u0430\u0439\u043b\u043e\u0432\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c CIFS cifs-utils \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b Linux, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u043f\u043e\u0432\u044b\u0441\u0438\u0442\u044c \u0441\u0432\u043e\u0438 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438",
"\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u0417\u0430\u043f\u0438\u0441\u044c \u0437\u0430 \u0433\u0440\u0430\u043d\u0438\u0446\u0430\u043c\u0438 \u0431\u0443\u0444\u0435\u0440\u0430 (CWE-787)",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0430 mount.cifs.c \u043f\u0430\u043a\u0435\u0442\u0430 \u0443\u0442\u0438\u043b\u0438\u0442 \u0434\u043b\u044f \u043c\u043e\u043d\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u0441\u0435\u0442\u0435\u0432\u044b\u0445 \u0444\u0430\u0439\u043b\u043e\u0432\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c CIFS cifs-utils \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b Linux \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u0437\u0430\u043f\u0438\u0441\u044c\u044e \u0437\u0430 \u0433\u0440\u0430\u043d\u0438\u0446\u0430\u043c\u0438 \u0431\u0443\u0444\u0435\u0440\u0430 \u0432 \u043f\u0430\u043c\u044f\u0442\u0438. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u043f\u043e\u0432\u044b\u0441\u0438\u0442\u044c \u0441\u0432\u043e\u0438 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438",
"\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
"\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
"\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u041c\u0430\u043d\u0438\u043f\u0443\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0430\u043c\u0438 \u0434\u0430\u043d\u043d\u044b\u0445",
"\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://altsp.su/obnovleniya-bezopasnosti/\nhttps://github.com/piastry/cifs-utils/pull/7\nhttps://github.com/piastry/cifs-utils/pull/7/commits/955fb147e97a6a74e1aaa65766de91e2c1479765\nhttps://security-tracker.debian.org/tracker/CVE-2022-29869\nhttps://www.suse.com/security/cve/CVE-2022-27239.html\nhttps://ubuntu.com/security/notices/USN-5459-1\nhttps://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5WBOLMANBYJILXQKRRK7OCR774PXJAYY/\nhttps://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HXKZLJYJJEC3TIBFLXUORRMZUKG5W676/\nhttps://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QIYZ4L6SLSYJQ446VJAO2VGAESURQNSP/\nhttps://\u043f\u043e\u0434\u0434\u0435\u0440\u0436\u043a\u0430.\u043d\u043f\u043f\u043a\u0442.\u0440\u0444/bin/view/\u041e\u0421\u043d\u043e\u0432\u0430/\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f/2.5.1/\nhttps://wiki.astralinux.ru/astra-linux-se47-bulletin-2022-0926SE47\nhttp://repo.red-soft.ru/redos/7.3c/x86_64/updates/\nhttps://access.redhat.com/security/cve/cve-2022-27239",
"\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
"\u0422\u0438\u043f \u041f\u041e": "\u041e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430, \u041f\u0440\u0438\u043a\u043b\u0430\u0434\u043d\u043e\u0435 \u041f\u041e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c, \u0421\u0435\u0442\u0435\u0432\u043e\u0435 \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u043e, \u0421\u0435\u0442\u0435\u0432\u043e\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0435 \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u043e",
"\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-787",
"\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 6,8)\n\u0412\u044b\u0441\u043e\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.1 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 7,8)"
}
SUSE-SU-2022:14951-1
Vulnerability from csaf_suse - Published: 2022-04-27 07:59 - Updated: 2022-04-27 07:59Summary
Security update for cifs-utils
Severity
Important
Notes
Title of the patch: Security update for cifs-utils
Description of the patch: This update for cifs-utils fixes the following issues:
- CVE-2022-27239: Fixed a buffer overflow in the command line ip option (bsc#1197216).
Patchnames: slessp4-cifs-utils-14951
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
6.7 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
References
| URL | Category | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for cifs-utils",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for cifs-utils fixes the following issues:\n\n- CVE-2022-27239: Fixed a buffer overflow in the command line ip option (bsc#1197216).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "slessp4-cifs-utils-14951",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2022_14951-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2022:14951-1",
"url": "https://www.suse.com/support/update/announcement/2022/suse-su-202214951-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2022:14951-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2022-April/010847.html"
},
{
"category": "self",
"summary": "SUSE Bug 1197216",
"url": "https://bugzilla.suse.com/1197216"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-27239 page",
"url": "https://www.suse.com/security/cve/CVE-2022-27239/"
}
],
"title": "Security update for cifs-utils",
"tracking": {
"current_release_date": "2022-04-27T07:59:50Z",
"generator": {
"date": "2022-04-27T07:59:50Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2022:14951-1",
"initial_release_date": "2022-04-27T07:59:50Z",
"revision_history": [
{
"date": "2022-04-27T07:59:50Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "cifs-utils-5.1-0.16.3.1.i586",
"product": {
"name": "cifs-utils-5.1-0.16.3.1.i586",
"product_id": "cifs-utils-5.1-0.16.3.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "cifs-utils-5.1-0.16.3.1.ppc64",
"product": {
"name": "cifs-utils-5.1-0.16.3.1.ppc64",
"product_id": "cifs-utils-5.1-0.16.3.1.ppc64"
}
}
],
"category": "architecture",
"name": "ppc64"
},
{
"branches": [
{
"category": "product_version",
"name": "cifs-utils-5.1-0.16.3.1.s390x",
"product": {
"name": "cifs-utils-5.1-0.16.3.1.s390x",
"product_id": "cifs-utils-5.1-0.16.3.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "cifs-utils-5.1-0.16.3.1.x86_64",
"product": {
"name": "cifs-utils-5.1-0.16.3.1.x86_64",
"product_id": "cifs-utils-5.1-0.16.3.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 11 SP4-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 11 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_sles:11:sp4"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-5.1-0.16.3.1.i586 as component of SUSE Linux Enterprise Server 11 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:cifs-utils-5.1-0.16.3.1.i586"
},
"product_reference": "cifs-utils-5.1-0.16.3.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-5.1-0.16.3.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:cifs-utils-5.1-0.16.3.1.ppc64"
},
"product_reference": "cifs-utils-5.1-0.16.3.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-5.1-0.16.3.1.s390x as component of SUSE Linux Enterprise Server 11 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:cifs-utils-5.1-0.16.3.1.s390x"
},
"product_reference": "cifs-utils-5.1-0.16.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-5.1-0.16.3.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:cifs-utils-5.1-0.16.3.1.x86_64"
},
"product_reference": "cifs-utils-5.1-0.16.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-27239",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-27239"
}
],
"notes": [
{
"category": "general",
"text": "In cifs-utils through 6.14, a stack-based buffer overflow when parsing the mount.cifs ip= command-line argument could lead to local attackers gaining root privileges.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4-LTSS:cifs-utils-5.1-0.16.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:cifs-utils-5.1-0.16.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:cifs-utils-5.1-0.16.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4-LTSS:cifs-utils-5.1-0.16.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-27239",
"url": "https://www.suse.com/security/cve/CVE-2022-27239"
},
{
"category": "external",
"summary": "SUSE Bug 1197216 for CVE-2022-27239",
"url": "https://bugzilla.suse.com/1197216"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4-LTSS:cifs-utils-5.1-0.16.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:cifs-utils-5.1-0.16.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:cifs-utils-5.1-0.16.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4-LTSS:cifs-utils-5.1-0.16.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4-LTSS:cifs-utils-5.1-0.16.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:cifs-utils-5.1-0.16.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:cifs-utils-5.1-0.16.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4-LTSS:cifs-utils-5.1-0.16.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-04-27T07:59:50Z",
"details": "moderate"
}
],
"title": "CVE-2022-27239"
}
]
}
SUSE-SU-2022:1430-1
Vulnerability from csaf_suse - Published: 2022-04-27 08:01 - Updated: 2022-04-27 08:01Summary
Security update for cifs-utils
Severity
Important
Notes
Title of the patch: Security update for cifs-utils
Description of the patch: This update for cifs-utils fixes the following issues:
- CVE-2022-27239: Fixed a buffer overflow in the command line ip option (bsc#1197216).
Patchnames: SUSE-2022-1430,SUSE-SLE-Module-Basesystem-15-SP3-2022-1430,SUSE-SLE-Product-HPC-15-SP1-ESPOS-2022-1430,SUSE-SLE-Product-HPC-15-SP1-LTSS-2022-1430,SUSE-SLE-Product-HPC-15-SP2-ESPOS-2022-1430,SUSE-SLE-Product-HPC-15-SP2-LTSS-2022-1430,SUSE-SLE-Product-RT-15-SP2-2022-1430,SUSE-SLE-Product-SLES-15-SP1-BCL-2022-1430,SUSE-SLE-Product-SLES-15-SP1-LTSS-2022-1430,SUSE-SLE-Product-SLES-15-SP2-BCL-2022-1430,SUSE-SLE-Product-SLES-15-SP2-LTSS-2022-1430,SUSE-SLE-Product-SLES_SAP-15-SP1-2022-1430,SUSE-SLE-Product-SLES_SAP-15-SP2-2022-1430,SUSE-SLE-Product-SUSE-Manager-Proxy-4.1-2022-1430,SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.1-2022-1430,SUSE-SLE-Product-SUSE-Manager-Server-4.1-2022-1430,SUSE-SUSE-MicroOS-5.2-2022-1430,SUSE-Storage-6-2022-1430,SUSE-Storage-7-2022-1430,openSUSE-SLE-15.3-2022-1430
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
6.7 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
References
| URL | Category | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for cifs-utils",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for cifs-utils fixes the following issues:\n\n- CVE-2022-27239: Fixed a buffer overflow in the command line ip option (bsc#1197216).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2022-1430,SUSE-SLE-Module-Basesystem-15-SP3-2022-1430,SUSE-SLE-Product-HPC-15-SP1-ESPOS-2022-1430,SUSE-SLE-Product-HPC-15-SP1-LTSS-2022-1430,SUSE-SLE-Product-HPC-15-SP2-ESPOS-2022-1430,SUSE-SLE-Product-HPC-15-SP2-LTSS-2022-1430,SUSE-SLE-Product-RT-15-SP2-2022-1430,SUSE-SLE-Product-SLES-15-SP1-BCL-2022-1430,SUSE-SLE-Product-SLES-15-SP1-LTSS-2022-1430,SUSE-SLE-Product-SLES-15-SP2-BCL-2022-1430,SUSE-SLE-Product-SLES-15-SP2-LTSS-2022-1430,SUSE-SLE-Product-SLES_SAP-15-SP1-2022-1430,SUSE-SLE-Product-SLES_SAP-15-SP2-2022-1430,SUSE-SLE-Product-SUSE-Manager-Proxy-4.1-2022-1430,SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.1-2022-1430,SUSE-SLE-Product-SUSE-Manager-Server-4.1-2022-1430,SUSE-SUSE-MicroOS-5.2-2022-1430,SUSE-Storage-6-2022-1430,SUSE-Storage-7-2022-1430,openSUSE-SLE-15.3-2022-1430",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2022_1430-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2022:1430-1",
"url": "https://www.suse.com/support/update/announcement/2022/suse-su-20221430-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2022:1430-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2022-April/010845.html"
},
{
"category": "self",
"summary": "SUSE Bug 1197216",
"url": "https://bugzilla.suse.com/1197216"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-27239 page",
"url": "https://www.suse.com/security/cve/CVE-2022-27239/"
}
],
"title": "Security update for cifs-utils",
"tracking": {
"current_release_date": "2022-04-27T08:01:56Z",
"generator": {
"date": "2022-04-27T08:01:56Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2022:1430-1",
"initial_release_date": "2022-04-27T08:01:56Z",
"revision_history": [
{
"date": "2022-04-27T08:01:56Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "cifs-utils-6.9-150100.5.15.1.aarch64",
"product": {
"name": "cifs-utils-6.9-150100.5.15.1.aarch64",
"product_id": "cifs-utils-6.9-150100.5.15.1.aarch64"
}
},
{
"category": "product_version",
"name": "cifs-utils-devel-6.9-150100.5.15.1.aarch64",
"product": {
"name": "cifs-utils-devel-6.9-150100.5.15.1.aarch64",
"product_id": "cifs-utils-devel-6.9-150100.5.15.1.aarch64"
}
},
{
"category": "product_version",
"name": "pam_cifscreds-6.9-150100.5.15.1.aarch64",
"product": {
"name": "pam_cifscreds-6.9-150100.5.15.1.aarch64",
"product_id": "pam_cifscreds-6.9-150100.5.15.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "cifs-utils-6.9-150100.5.15.1.i586",
"product": {
"name": "cifs-utils-6.9-150100.5.15.1.i586",
"product_id": "cifs-utils-6.9-150100.5.15.1.i586"
}
},
{
"category": "product_version",
"name": "cifs-utils-devel-6.9-150100.5.15.1.i586",
"product": {
"name": "cifs-utils-devel-6.9-150100.5.15.1.i586",
"product_id": "cifs-utils-devel-6.9-150100.5.15.1.i586"
}
},
{
"category": "product_version",
"name": "pam_cifscreds-6.9-150100.5.15.1.i586",
"product": {
"name": "pam_cifscreds-6.9-150100.5.15.1.i586",
"product_id": "pam_cifscreds-6.9-150100.5.15.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "cifs-utils-6.9-150100.5.15.1.ppc64le",
"product": {
"name": "cifs-utils-6.9-150100.5.15.1.ppc64le",
"product_id": "cifs-utils-6.9-150100.5.15.1.ppc64le"
}
},
{
"category": "product_version",
"name": "cifs-utils-devel-6.9-150100.5.15.1.ppc64le",
"product": {
"name": "cifs-utils-devel-6.9-150100.5.15.1.ppc64le",
"product_id": "cifs-utils-devel-6.9-150100.5.15.1.ppc64le"
}
},
{
"category": "product_version",
"name": "pam_cifscreds-6.9-150100.5.15.1.ppc64le",
"product": {
"name": "pam_cifscreds-6.9-150100.5.15.1.ppc64le",
"product_id": "pam_cifscreds-6.9-150100.5.15.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "cifs-utils-6.9-150100.5.15.1.s390x",
"product": {
"name": "cifs-utils-6.9-150100.5.15.1.s390x",
"product_id": "cifs-utils-6.9-150100.5.15.1.s390x"
}
},
{
"category": "product_version",
"name": "cifs-utils-devel-6.9-150100.5.15.1.s390x",
"product": {
"name": "cifs-utils-devel-6.9-150100.5.15.1.s390x",
"product_id": "cifs-utils-devel-6.9-150100.5.15.1.s390x"
}
},
{
"category": "product_version",
"name": "pam_cifscreds-6.9-150100.5.15.1.s390x",
"product": {
"name": "pam_cifscreds-6.9-150100.5.15.1.s390x",
"product_id": "pam_cifscreds-6.9-150100.5.15.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "cifs-utils-6.9-150100.5.15.1.x86_64",
"product": {
"name": "cifs-utils-6.9-150100.5.15.1.x86_64",
"product_id": "cifs-utils-6.9-150100.5.15.1.x86_64"
}
},
{
"category": "product_version",
"name": "cifs-utils-devel-6.9-150100.5.15.1.x86_64",
"product": {
"name": "cifs-utils-devel-6.9-150100.5.15.1.x86_64",
"product_id": "cifs-utils-devel-6.9-150100.5.15.1.x86_64"
}
},
{
"category": "product_version",
"name": "pam_cifscreds-6.9-150100.5.15.1.x86_64",
"product": {
"name": "pam_cifscreds-6.9-150100.5.15.1.x86_64",
"product_id": "pam_cifscreds-6.9-150100.5.15.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Basesystem 15 SP3",
"product": {
"name": "SUSE Linux Enterprise Module for Basesystem 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-basesystem:15:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-espos:15:sp1"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp1"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-espos:15:sp2"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp2"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Real Time 15 SP2",
"product": {
"name": "SUSE Linux Enterprise Real Time 15 SP2",
"product_id": "SUSE Linux Enterprise Real Time 15 SP2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_rt:15:sp2"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP1-BCL",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP1-BCL",
"product_id": "SUSE Linux Enterprise Server 15 SP1-BCL",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_bcl:15:sp1"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP1-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp1"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP2-BCL",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP2-BCL",
"product_id": "SUSE Linux Enterprise Server 15 SP2-BCL",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_bcl:15:sp2"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP2-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp2"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp1"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp2"
}
}
},
{
"category": "product_name",
"name": "SUSE Manager Proxy 4.1",
"product": {
"name": "SUSE Manager Proxy 4.1",
"product_id": "SUSE Manager Proxy 4.1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-manager-proxy:4.1"
}
}
},
{
"category": "product_name",
"name": "SUSE Manager Retail Branch Server 4.1",
"product": {
"name": "SUSE Manager Retail Branch Server 4.1",
"product_id": "SUSE Manager Retail Branch Server 4.1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-manager-retail-branch-server:4.1"
}
}
},
{
"category": "product_name",
"name": "SUSE Manager Server 4.1",
"product": {
"name": "SUSE Manager Server 4.1",
"product_id": "SUSE Manager Server 4.1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-manager-server:4.1"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Micro 5.2",
"product": {
"name": "SUSE Linux Enterprise Micro 5.2",
"product_id": "SUSE Linux Enterprise Micro 5.2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-microos:5.2"
}
}
},
{
"category": "product_name",
"name": "SUSE Enterprise Storage 6",
"product": {
"name": "SUSE Enterprise Storage 6",
"product_id": "SUSE Enterprise Storage 6",
"product_identification_helper": {
"cpe": "cpe:/o:suse:ses:6"
}
}
},
{
"category": "product_name",
"name": "SUSE Enterprise Storage 7",
"product": {
"name": "SUSE Enterprise Storage 7",
"product_id": "SUSE Enterprise Storage 7",
"product_identification_helper": {
"cpe": "cpe:/o:suse:ses:7"
}
}
},
{
"category": "product_name",
"name": "openSUSE Leap 15.3",
"product": {
"name": "openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.3"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-6.9-150100.5.15.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP3:cifs-utils-6.9-150100.5.15.1.aarch64"
},
"product_reference": "cifs-utils-6.9-150100.5.15.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-6.9-150100.5.15.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP3:cifs-utils-6.9-150100.5.15.1.ppc64le"
},
"product_reference": "cifs-utils-6.9-150100.5.15.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-6.9-150100.5.15.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP3:cifs-utils-6.9-150100.5.15.1.s390x"
},
"product_reference": "cifs-utils-6.9-150100.5.15.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-6.9-150100.5.15.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP3:cifs-utils-6.9-150100.5.15.1.x86_64"
},
"product_reference": "cifs-utils-6.9-150100.5.15.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-devel-6.9-150100.5.15.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP3:cifs-utils-devel-6.9-150100.5.15.1.aarch64"
},
"product_reference": "cifs-utils-devel-6.9-150100.5.15.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-devel-6.9-150100.5.15.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP3:cifs-utils-devel-6.9-150100.5.15.1.ppc64le"
},
"product_reference": "cifs-utils-devel-6.9-150100.5.15.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-devel-6.9-150100.5.15.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP3:cifs-utils-devel-6.9-150100.5.15.1.s390x"
},
"product_reference": "cifs-utils-devel-6.9-150100.5.15.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-devel-6.9-150100.5.15.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP3:cifs-utils-devel-6.9-150100.5.15.1.x86_64"
},
"product_reference": "cifs-utils-devel-6.9-150100.5.15.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-6.9-150100.5.15.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:cifs-utils-6.9-150100.5.15.1.aarch64"
},
"product_reference": "cifs-utils-6.9-150100.5.15.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-6.9-150100.5.15.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:cifs-utils-6.9-150100.5.15.1.x86_64"
},
"product_reference": "cifs-utils-6.9-150100.5.15.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-devel-6.9-150100.5.15.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:cifs-utils-devel-6.9-150100.5.15.1.aarch64"
},
"product_reference": "cifs-utils-devel-6.9-150100.5.15.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-devel-6.9-150100.5.15.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:cifs-utils-devel-6.9-150100.5.15.1.x86_64"
},
"product_reference": "cifs-utils-devel-6.9-150100.5.15.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-6.9-150100.5.15.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:cifs-utils-6.9-150100.5.15.1.aarch64"
},
"product_reference": "cifs-utils-6.9-150100.5.15.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-6.9-150100.5.15.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:cifs-utils-6.9-150100.5.15.1.x86_64"
},
"product_reference": "cifs-utils-6.9-150100.5.15.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-devel-6.9-150100.5.15.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:cifs-utils-devel-6.9-150100.5.15.1.aarch64"
},
"product_reference": "cifs-utils-devel-6.9-150100.5.15.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-devel-6.9-150100.5.15.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:cifs-utils-devel-6.9-150100.5.15.1.x86_64"
},
"product_reference": "cifs-utils-devel-6.9-150100.5.15.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-6.9-150100.5.15.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:cifs-utils-6.9-150100.5.15.1.aarch64"
},
"product_reference": "cifs-utils-6.9-150100.5.15.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-6.9-150100.5.15.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:cifs-utils-6.9-150100.5.15.1.x86_64"
},
"product_reference": "cifs-utils-6.9-150100.5.15.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-devel-6.9-150100.5.15.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:cifs-utils-devel-6.9-150100.5.15.1.aarch64"
},
"product_reference": "cifs-utils-devel-6.9-150100.5.15.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-devel-6.9-150100.5.15.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:cifs-utils-devel-6.9-150100.5.15.1.x86_64"
},
"product_reference": "cifs-utils-devel-6.9-150100.5.15.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-6.9-150100.5.15.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:cifs-utils-6.9-150100.5.15.1.aarch64"
},
"product_reference": "cifs-utils-6.9-150100.5.15.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-6.9-150100.5.15.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:cifs-utils-6.9-150100.5.15.1.x86_64"
},
"product_reference": "cifs-utils-6.9-150100.5.15.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-devel-6.9-150100.5.15.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:cifs-utils-devel-6.9-150100.5.15.1.aarch64"
},
"product_reference": "cifs-utils-devel-6.9-150100.5.15.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-devel-6.9-150100.5.15.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:cifs-utils-devel-6.9-150100.5.15.1.x86_64"
},
"product_reference": "cifs-utils-devel-6.9-150100.5.15.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-6.9-150100.5.15.1.x86_64 as component of SUSE Linux Enterprise Real Time 15 SP2",
"product_id": "SUSE Linux Enterprise Real Time 15 SP2:cifs-utils-6.9-150100.5.15.1.x86_64"
},
"product_reference": "cifs-utils-6.9-150100.5.15.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-devel-6.9-150100.5.15.1.x86_64 as component of SUSE Linux Enterprise Real Time 15 SP2",
"product_id": "SUSE Linux Enterprise Real Time 15 SP2:cifs-utils-devel-6.9-150100.5.15.1.x86_64"
},
"product_reference": "cifs-utils-devel-6.9-150100.5.15.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-6.9-150100.5.15.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP1-BCL",
"product_id": "SUSE Linux Enterprise Server 15 SP1-BCL:cifs-utils-6.9-150100.5.15.1.x86_64"
},
"product_reference": "cifs-utils-6.9-150100.5.15.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-devel-6.9-150100.5.15.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP1-BCL",
"product_id": "SUSE Linux Enterprise Server 15 SP1-BCL:cifs-utils-devel-6.9-150100.5.15.1.x86_64"
},
"product_reference": "cifs-utils-devel-6.9-150100.5.15.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-6.9-150100.5.15.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:cifs-utils-6.9-150100.5.15.1.aarch64"
},
"product_reference": "cifs-utils-6.9-150100.5.15.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-6.9-150100.5.15.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:cifs-utils-6.9-150100.5.15.1.ppc64le"
},
"product_reference": "cifs-utils-6.9-150100.5.15.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-6.9-150100.5.15.1.s390x as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:cifs-utils-6.9-150100.5.15.1.s390x"
},
"product_reference": "cifs-utils-6.9-150100.5.15.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-6.9-150100.5.15.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:cifs-utils-6.9-150100.5.15.1.x86_64"
},
"product_reference": "cifs-utils-6.9-150100.5.15.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-devel-6.9-150100.5.15.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:cifs-utils-devel-6.9-150100.5.15.1.aarch64"
},
"product_reference": "cifs-utils-devel-6.9-150100.5.15.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-devel-6.9-150100.5.15.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:cifs-utils-devel-6.9-150100.5.15.1.ppc64le"
},
"product_reference": "cifs-utils-devel-6.9-150100.5.15.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-devel-6.9-150100.5.15.1.s390x as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:cifs-utils-devel-6.9-150100.5.15.1.s390x"
},
"product_reference": "cifs-utils-devel-6.9-150100.5.15.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-devel-6.9-150100.5.15.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:cifs-utils-devel-6.9-150100.5.15.1.x86_64"
},
"product_reference": "cifs-utils-devel-6.9-150100.5.15.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-6.9-150100.5.15.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP2-BCL",
"product_id": "SUSE Linux Enterprise Server 15 SP2-BCL:cifs-utils-6.9-150100.5.15.1.x86_64"
},
"product_reference": "cifs-utils-6.9-150100.5.15.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-devel-6.9-150100.5.15.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP2-BCL",
"product_id": "SUSE Linux Enterprise Server 15 SP2-BCL:cifs-utils-devel-6.9-150100.5.15.1.x86_64"
},
"product_reference": "cifs-utils-devel-6.9-150100.5.15.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-6.9-150100.5.15.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:cifs-utils-6.9-150100.5.15.1.aarch64"
},
"product_reference": "cifs-utils-6.9-150100.5.15.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-6.9-150100.5.15.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:cifs-utils-6.9-150100.5.15.1.ppc64le"
},
"product_reference": "cifs-utils-6.9-150100.5.15.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-6.9-150100.5.15.1.s390x as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:cifs-utils-6.9-150100.5.15.1.s390x"
},
"product_reference": "cifs-utils-6.9-150100.5.15.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-6.9-150100.5.15.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:cifs-utils-6.9-150100.5.15.1.x86_64"
},
"product_reference": "cifs-utils-6.9-150100.5.15.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-devel-6.9-150100.5.15.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:cifs-utils-devel-6.9-150100.5.15.1.aarch64"
},
"product_reference": "cifs-utils-devel-6.9-150100.5.15.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-devel-6.9-150100.5.15.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:cifs-utils-devel-6.9-150100.5.15.1.ppc64le"
},
"product_reference": "cifs-utils-devel-6.9-150100.5.15.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-devel-6.9-150100.5.15.1.s390x as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:cifs-utils-devel-6.9-150100.5.15.1.s390x"
},
"product_reference": "cifs-utils-devel-6.9-150100.5.15.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-devel-6.9-150100.5.15.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:cifs-utils-devel-6.9-150100.5.15.1.x86_64"
},
"product_reference": "cifs-utils-devel-6.9-150100.5.15.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-6.9-150100.5.15.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1:cifs-utils-6.9-150100.5.15.1.ppc64le"
},
"product_reference": "cifs-utils-6.9-150100.5.15.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-6.9-150100.5.15.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1:cifs-utils-6.9-150100.5.15.1.x86_64"
},
"product_reference": "cifs-utils-6.9-150100.5.15.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-devel-6.9-150100.5.15.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1:cifs-utils-devel-6.9-150100.5.15.1.ppc64le"
},
"product_reference": "cifs-utils-devel-6.9-150100.5.15.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-devel-6.9-150100.5.15.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1:cifs-utils-devel-6.9-150100.5.15.1.x86_64"
},
"product_reference": "cifs-utils-devel-6.9-150100.5.15.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-6.9-150100.5.15.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:cifs-utils-6.9-150100.5.15.1.ppc64le"
},
"product_reference": "cifs-utils-6.9-150100.5.15.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-6.9-150100.5.15.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:cifs-utils-6.9-150100.5.15.1.x86_64"
},
"product_reference": "cifs-utils-6.9-150100.5.15.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-devel-6.9-150100.5.15.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:cifs-utils-devel-6.9-150100.5.15.1.ppc64le"
},
"product_reference": "cifs-utils-devel-6.9-150100.5.15.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-devel-6.9-150100.5.15.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:cifs-utils-devel-6.9-150100.5.15.1.x86_64"
},
"product_reference": "cifs-utils-devel-6.9-150100.5.15.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-6.9-150100.5.15.1.x86_64 as component of SUSE Manager Proxy 4.1",
"product_id": "SUSE Manager Proxy 4.1:cifs-utils-6.9-150100.5.15.1.x86_64"
},
"product_reference": "cifs-utils-6.9-150100.5.15.1.x86_64",
"relates_to_product_reference": "SUSE Manager Proxy 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-devel-6.9-150100.5.15.1.x86_64 as component of SUSE Manager Proxy 4.1",
"product_id": "SUSE Manager Proxy 4.1:cifs-utils-devel-6.9-150100.5.15.1.x86_64"
},
"product_reference": "cifs-utils-devel-6.9-150100.5.15.1.x86_64",
"relates_to_product_reference": "SUSE Manager Proxy 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-6.9-150100.5.15.1.x86_64 as component of SUSE Manager Retail Branch Server 4.1",
"product_id": "SUSE Manager Retail Branch Server 4.1:cifs-utils-6.9-150100.5.15.1.x86_64"
},
"product_reference": "cifs-utils-6.9-150100.5.15.1.x86_64",
"relates_to_product_reference": "SUSE Manager Retail Branch Server 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-devel-6.9-150100.5.15.1.x86_64 as component of SUSE Manager Retail Branch Server 4.1",
"product_id": "SUSE Manager Retail Branch Server 4.1:cifs-utils-devel-6.9-150100.5.15.1.x86_64"
},
"product_reference": "cifs-utils-devel-6.9-150100.5.15.1.x86_64",
"relates_to_product_reference": "SUSE Manager Retail Branch Server 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-6.9-150100.5.15.1.ppc64le as component of SUSE Manager Server 4.1",
"product_id": "SUSE Manager Server 4.1:cifs-utils-6.9-150100.5.15.1.ppc64le"
},
"product_reference": "cifs-utils-6.9-150100.5.15.1.ppc64le",
"relates_to_product_reference": "SUSE Manager Server 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-6.9-150100.5.15.1.s390x as component of SUSE Manager Server 4.1",
"product_id": "SUSE Manager Server 4.1:cifs-utils-6.9-150100.5.15.1.s390x"
},
"product_reference": "cifs-utils-6.9-150100.5.15.1.s390x",
"relates_to_product_reference": "SUSE Manager Server 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-6.9-150100.5.15.1.x86_64 as component of SUSE Manager Server 4.1",
"product_id": "SUSE Manager Server 4.1:cifs-utils-6.9-150100.5.15.1.x86_64"
},
"product_reference": "cifs-utils-6.9-150100.5.15.1.x86_64",
"relates_to_product_reference": "SUSE Manager Server 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-devel-6.9-150100.5.15.1.ppc64le as component of SUSE Manager Server 4.1",
"product_id": "SUSE Manager Server 4.1:cifs-utils-devel-6.9-150100.5.15.1.ppc64le"
},
"product_reference": "cifs-utils-devel-6.9-150100.5.15.1.ppc64le",
"relates_to_product_reference": "SUSE Manager Server 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-devel-6.9-150100.5.15.1.s390x as component of SUSE Manager Server 4.1",
"product_id": "SUSE Manager Server 4.1:cifs-utils-devel-6.9-150100.5.15.1.s390x"
},
"product_reference": "cifs-utils-devel-6.9-150100.5.15.1.s390x",
"relates_to_product_reference": "SUSE Manager Server 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-devel-6.9-150100.5.15.1.x86_64 as component of SUSE Manager Server 4.1",
"product_id": "SUSE Manager Server 4.1:cifs-utils-devel-6.9-150100.5.15.1.x86_64"
},
"product_reference": "cifs-utils-devel-6.9-150100.5.15.1.x86_64",
"relates_to_product_reference": "SUSE Manager Server 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-6.9-150100.5.15.1.aarch64 as component of SUSE Linux Enterprise Micro 5.2",
"product_id": "SUSE Linux Enterprise Micro 5.2:cifs-utils-6.9-150100.5.15.1.aarch64"
},
"product_reference": "cifs-utils-6.9-150100.5.15.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-6.9-150100.5.15.1.s390x as component of SUSE Linux Enterprise Micro 5.2",
"product_id": "SUSE Linux Enterprise Micro 5.2:cifs-utils-6.9-150100.5.15.1.s390x"
},
"product_reference": "cifs-utils-6.9-150100.5.15.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-6.9-150100.5.15.1.x86_64 as component of SUSE Linux Enterprise Micro 5.2",
"product_id": "SUSE Linux Enterprise Micro 5.2:cifs-utils-6.9-150100.5.15.1.x86_64"
},
"product_reference": "cifs-utils-6.9-150100.5.15.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-6.9-150100.5.15.1.aarch64 as component of SUSE Enterprise Storage 6",
"product_id": "SUSE Enterprise Storage 6:cifs-utils-6.9-150100.5.15.1.aarch64"
},
"product_reference": "cifs-utils-6.9-150100.5.15.1.aarch64",
"relates_to_product_reference": "SUSE Enterprise Storage 6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-6.9-150100.5.15.1.x86_64 as component of SUSE Enterprise Storage 6",
"product_id": "SUSE Enterprise Storage 6:cifs-utils-6.9-150100.5.15.1.x86_64"
},
"product_reference": "cifs-utils-6.9-150100.5.15.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-devel-6.9-150100.5.15.1.aarch64 as component of SUSE Enterprise Storage 6",
"product_id": "SUSE Enterprise Storage 6:cifs-utils-devel-6.9-150100.5.15.1.aarch64"
},
"product_reference": "cifs-utils-devel-6.9-150100.5.15.1.aarch64",
"relates_to_product_reference": "SUSE Enterprise Storage 6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-devel-6.9-150100.5.15.1.x86_64 as component of SUSE Enterprise Storage 6",
"product_id": "SUSE Enterprise Storage 6:cifs-utils-devel-6.9-150100.5.15.1.x86_64"
},
"product_reference": "cifs-utils-devel-6.9-150100.5.15.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-6.9-150100.5.15.1.aarch64 as component of SUSE Enterprise Storage 7",
"product_id": "SUSE Enterprise Storage 7:cifs-utils-6.9-150100.5.15.1.aarch64"
},
"product_reference": "cifs-utils-6.9-150100.5.15.1.aarch64",
"relates_to_product_reference": "SUSE Enterprise Storage 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-6.9-150100.5.15.1.x86_64 as component of SUSE Enterprise Storage 7",
"product_id": "SUSE Enterprise Storage 7:cifs-utils-6.9-150100.5.15.1.x86_64"
},
"product_reference": "cifs-utils-6.9-150100.5.15.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-devel-6.9-150100.5.15.1.aarch64 as component of SUSE Enterprise Storage 7",
"product_id": "SUSE Enterprise Storage 7:cifs-utils-devel-6.9-150100.5.15.1.aarch64"
},
"product_reference": "cifs-utils-devel-6.9-150100.5.15.1.aarch64",
"relates_to_product_reference": "SUSE Enterprise Storage 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-devel-6.9-150100.5.15.1.x86_64 as component of SUSE Enterprise Storage 7",
"product_id": "SUSE Enterprise Storage 7:cifs-utils-devel-6.9-150100.5.15.1.x86_64"
},
"product_reference": "cifs-utils-devel-6.9-150100.5.15.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-6.9-150100.5.15.1.aarch64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:cifs-utils-6.9-150100.5.15.1.aarch64"
},
"product_reference": "cifs-utils-6.9-150100.5.15.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-6.9-150100.5.15.1.ppc64le as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:cifs-utils-6.9-150100.5.15.1.ppc64le"
},
"product_reference": "cifs-utils-6.9-150100.5.15.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-6.9-150100.5.15.1.s390x as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:cifs-utils-6.9-150100.5.15.1.s390x"
},
"product_reference": "cifs-utils-6.9-150100.5.15.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-6.9-150100.5.15.1.x86_64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:cifs-utils-6.9-150100.5.15.1.x86_64"
},
"product_reference": "cifs-utils-6.9-150100.5.15.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-devel-6.9-150100.5.15.1.aarch64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:cifs-utils-devel-6.9-150100.5.15.1.aarch64"
},
"product_reference": "cifs-utils-devel-6.9-150100.5.15.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-devel-6.9-150100.5.15.1.ppc64le as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:cifs-utils-devel-6.9-150100.5.15.1.ppc64le"
},
"product_reference": "cifs-utils-devel-6.9-150100.5.15.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-devel-6.9-150100.5.15.1.s390x as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:cifs-utils-devel-6.9-150100.5.15.1.s390x"
},
"product_reference": "cifs-utils-devel-6.9-150100.5.15.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-devel-6.9-150100.5.15.1.x86_64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:cifs-utils-devel-6.9-150100.5.15.1.x86_64"
},
"product_reference": "cifs-utils-devel-6.9-150100.5.15.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam_cifscreds-6.9-150100.5.15.1.aarch64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:pam_cifscreds-6.9-150100.5.15.1.aarch64"
},
"product_reference": "pam_cifscreds-6.9-150100.5.15.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam_cifscreds-6.9-150100.5.15.1.ppc64le as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:pam_cifscreds-6.9-150100.5.15.1.ppc64le"
},
"product_reference": "pam_cifscreds-6.9-150100.5.15.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam_cifscreds-6.9-150100.5.15.1.s390x as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:pam_cifscreds-6.9-150100.5.15.1.s390x"
},
"product_reference": "pam_cifscreds-6.9-150100.5.15.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam_cifscreds-6.9-150100.5.15.1.x86_64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:pam_cifscreds-6.9-150100.5.15.1.x86_64"
},
"product_reference": "pam_cifscreds-6.9-150100.5.15.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.3"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-27239",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-27239"
}
],
"notes": [
{
"category": "general",
"text": "In cifs-utils through 6.14, a stack-based buffer overflow when parsing the mount.cifs ip= command-line argument could lead to local attackers gaining root privileges.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 6:cifs-utils-6.9-150100.5.15.1.aarch64",
"SUSE Enterprise Storage 6:cifs-utils-6.9-150100.5.15.1.x86_64",
"SUSE Enterprise Storage 6:cifs-utils-devel-6.9-150100.5.15.1.aarch64",
"SUSE Enterprise Storage 6:cifs-utils-devel-6.9-150100.5.15.1.x86_64",
"SUSE Enterprise Storage 7:cifs-utils-6.9-150100.5.15.1.aarch64",
"SUSE Enterprise Storage 7:cifs-utils-6.9-150100.5.15.1.x86_64",
"SUSE Enterprise Storage 7:cifs-utils-devel-6.9-150100.5.15.1.aarch64",
"SUSE Enterprise Storage 7:cifs-utils-devel-6.9-150100.5.15.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:cifs-utils-6.9-150100.5.15.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:cifs-utils-6.9-150100.5.15.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:cifs-utils-devel-6.9-150100.5.15.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:cifs-utils-devel-6.9-150100.5.15.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:cifs-utils-6.9-150100.5.15.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:cifs-utils-6.9-150100.5.15.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:cifs-utils-devel-6.9-150100.5.15.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:cifs-utils-devel-6.9-150100.5.15.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:cifs-utils-6.9-150100.5.15.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:cifs-utils-6.9-150100.5.15.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:cifs-utils-devel-6.9-150100.5.15.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:cifs-utils-devel-6.9-150100.5.15.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:cifs-utils-6.9-150100.5.15.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:cifs-utils-6.9-150100.5.15.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:cifs-utils-devel-6.9-150100.5.15.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:cifs-utils-devel-6.9-150100.5.15.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:cifs-utils-6.9-150100.5.15.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:cifs-utils-6.9-150100.5.15.1.s390x",
"SUSE Linux Enterprise Micro 5.2:cifs-utils-6.9-150100.5.15.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:cifs-utils-6.9-150100.5.15.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:cifs-utils-6.9-150100.5.15.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:cifs-utils-6.9-150100.5.15.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:cifs-utils-6.9-150100.5.15.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:cifs-utils-devel-6.9-150100.5.15.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:cifs-utils-devel-6.9-150100.5.15.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:cifs-utils-devel-6.9-150100.5.15.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:cifs-utils-devel-6.9-150100.5.15.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP2:cifs-utils-6.9-150100.5.15.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP2:cifs-utils-devel-6.9-150100.5.15.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:cifs-utils-6.9-150100.5.15.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:cifs-utils-devel-6.9-150100.5.15.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:cifs-utils-6.9-150100.5.15.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:cifs-utils-6.9-150100.5.15.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:cifs-utils-6.9-150100.5.15.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:cifs-utils-6.9-150100.5.15.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:cifs-utils-devel-6.9-150100.5.15.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:cifs-utils-devel-6.9-150100.5.15.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:cifs-utils-devel-6.9-150100.5.15.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:cifs-utils-devel-6.9-150100.5.15.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:cifs-utils-6.9-150100.5.15.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:cifs-utils-devel-6.9-150100.5.15.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:cifs-utils-6.9-150100.5.15.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:cifs-utils-6.9-150100.5.15.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:cifs-utils-6.9-150100.5.15.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:cifs-utils-6.9-150100.5.15.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:cifs-utils-devel-6.9-150100.5.15.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:cifs-utils-devel-6.9-150100.5.15.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:cifs-utils-devel-6.9-150100.5.15.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:cifs-utils-devel-6.9-150100.5.15.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:cifs-utils-6.9-150100.5.15.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:cifs-utils-6.9-150100.5.15.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:cifs-utils-devel-6.9-150100.5.15.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:cifs-utils-devel-6.9-150100.5.15.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:cifs-utils-6.9-150100.5.15.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:cifs-utils-6.9-150100.5.15.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:cifs-utils-devel-6.9-150100.5.15.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:cifs-utils-devel-6.9-150100.5.15.1.x86_64",
"SUSE Manager Proxy 4.1:cifs-utils-6.9-150100.5.15.1.x86_64",
"SUSE Manager Proxy 4.1:cifs-utils-devel-6.9-150100.5.15.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:cifs-utils-6.9-150100.5.15.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:cifs-utils-devel-6.9-150100.5.15.1.x86_64",
"SUSE Manager Server 4.1:cifs-utils-6.9-150100.5.15.1.ppc64le",
"SUSE Manager Server 4.1:cifs-utils-6.9-150100.5.15.1.s390x",
"SUSE Manager Server 4.1:cifs-utils-6.9-150100.5.15.1.x86_64",
"SUSE Manager Server 4.1:cifs-utils-devel-6.9-150100.5.15.1.ppc64le",
"SUSE Manager Server 4.1:cifs-utils-devel-6.9-150100.5.15.1.s390x",
"SUSE Manager Server 4.1:cifs-utils-devel-6.9-150100.5.15.1.x86_64",
"openSUSE Leap 15.3:cifs-utils-6.9-150100.5.15.1.aarch64",
"openSUSE Leap 15.3:cifs-utils-6.9-150100.5.15.1.ppc64le",
"openSUSE Leap 15.3:cifs-utils-6.9-150100.5.15.1.s390x",
"openSUSE Leap 15.3:cifs-utils-6.9-150100.5.15.1.x86_64",
"openSUSE Leap 15.3:cifs-utils-devel-6.9-150100.5.15.1.aarch64",
"openSUSE Leap 15.3:cifs-utils-devel-6.9-150100.5.15.1.ppc64le",
"openSUSE Leap 15.3:cifs-utils-devel-6.9-150100.5.15.1.s390x",
"openSUSE Leap 15.3:cifs-utils-devel-6.9-150100.5.15.1.x86_64",
"openSUSE Leap 15.3:pam_cifscreds-6.9-150100.5.15.1.aarch64",
"openSUSE Leap 15.3:pam_cifscreds-6.9-150100.5.15.1.ppc64le",
"openSUSE Leap 15.3:pam_cifscreds-6.9-150100.5.15.1.s390x",
"openSUSE Leap 15.3:pam_cifscreds-6.9-150100.5.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-27239",
"url": "https://www.suse.com/security/cve/CVE-2022-27239"
},
{
"category": "external",
"summary": "SUSE Bug 1197216 for CVE-2022-27239",
"url": "https://bugzilla.suse.com/1197216"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 6:cifs-utils-6.9-150100.5.15.1.aarch64",
"SUSE Enterprise Storage 6:cifs-utils-6.9-150100.5.15.1.x86_64",
"SUSE Enterprise Storage 6:cifs-utils-devel-6.9-150100.5.15.1.aarch64",
"SUSE Enterprise Storage 6:cifs-utils-devel-6.9-150100.5.15.1.x86_64",
"SUSE Enterprise Storage 7:cifs-utils-6.9-150100.5.15.1.aarch64",
"SUSE Enterprise Storage 7:cifs-utils-6.9-150100.5.15.1.x86_64",
"SUSE Enterprise Storage 7:cifs-utils-devel-6.9-150100.5.15.1.aarch64",
"SUSE Enterprise Storage 7:cifs-utils-devel-6.9-150100.5.15.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:cifs-utils-6.9-150100.5.15.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:cifs-utils-6.9-150100.5.15.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:cifs-utils-devel-6.9-150100.5.15.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:cifs-utils-devel-6.9-150100.5.15.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:cifs-utils-6.9-150100.5.15.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:cifs-utils-6.9-150100.5.15.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:cifs-utils-devel-6.9-150100.5.15.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:cifs-utils-devel-6.9-150100.5.15.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:cifs-utils-6.9-150100.5.15.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:cifs-utils-6.9-150100.5.15.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:cifs-utils-devel-6.9-150100.5.15.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:cifs-utils-devel-6.9-150100.5.15.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:cifs-utils-6.9-150100.5.15.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:cifs-utils-6.9-150100.5.15.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:cifs-utils-devel-6.9-150100.5.15.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:cifs-utils-devel-6.9-150100.5.15.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:cifs-utils-6.9-150100.5.15.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:cifs-utils-6.9-150100.5.15.1.s390x",
"SUSE Linux Enterprise Micro 5.2:cifs-utils-6.9-150100.5.15.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:cifs-utils-6.9-150100.5.15.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:cifs-utils-6.9-150100.5.15.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:cifs-utils-6.9-150100.5.15.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:cifs-utils-6.9-150100.5.15.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:cifs-utils-devel-6.9-150100.5.15.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:cifs-utils-devel-6.9-150100.5.15.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:cifs-utils-devel-6.9-150100.5.15.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:cifs-utils-devel-6.9-150100.5.15.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP2:cifs-utils-6.9-150100.5.15.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP2:cifs-utils-devel-6.9-150100.5.15.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:cifs-utils-6.9-150100.5.15.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:cifs-utils-devel-6.9-150100.5.15.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:cifs-utils-6.9-150100.5.15.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:cifs-utils-6.9-150100.5.15.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:cifs-utils-6.9-150100.5.15.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:cifs-utils-6.9-150100.5.15.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:cifs-utils-devel-6.9-150100.5.15.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:cifs-utils-devel-6.9-150100.5.15.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:cifs-utils-devel-6.9-150100.5.15.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:cifs-utils-devel-6.9-150100.5.15.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:cifs-utils-6.9-150100.5.15.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:cifs-utils-devel-6.9-150100.5.15.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:cifs-utils-6.9-150100.5.15.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:cifs-utils-6.9-150100.5.15.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:cifs-utils-6.9-150100.5.15.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:cifs-utils-6.9-150100.5.15.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:cifs-utils-devel-6.9-150100.5.15.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:cifs-utils-devel-6.9-150100.5.15.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:cifs-utils-devel-6.9-150100.5.15.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:cifs-utils-devel-6.9-150100.5.15.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:cifs-utils-6.9-150100.5.15.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:cifs-utils-6.9-150100.5.15.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:cifs-utils-devel-6.9-150100.5.15.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:cifs-utils-devel-6.9-150100.5.15.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:cifs-utils-6.9-150100.5.15.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:cifs-utils-6.9-150100.5.15.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:cifs-utils-devel-6.9-150100.5.15.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:cifs-utils-devel-6.9-150100.5.15.1.x86_64",
"SUSE Manager Proxy 4.1:cifs-utils-6.9-150100.5.15.1.x86_64",
"SUSE Manager Proxy 4.1:cifs-utils-devel-6.9-150100.5.15.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:cifs-utils-6.9-150100.5.15.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:cifs-utils-devel-6.9-150100.5.15.1.x86_64",
"SUSE Manager Server 4.1:cifs-utils-6.9-150100.5.15.1.ppc64le",
"SUSE Manager Server 4.1:cifs-utils-6.9-150100.5.15.1.s390x",
"SUSE Manager Server 4.1:cifs-utils-6.9-150100.5.15.1.x86_64",
"SUSE Manager Server 4.1:cifs-utils-devel-6.9-150100.5.15.1.ppc64le",
"SUSE Manager Server 4.1:cifs-utils-devel-6.9-150100.5.15.1.s390x",
"SUSE Manager Server 4.1:cifs-utils-devel-6.9-150100.5.15.1.x86_64",
"openSUSE Leap 15.3:cifs-utils-6.9-150100.5.15.1.aarch64",
"openSUSE Leap 15.3:cifs-utils-6.9-150100.5.15.1.ppc64le",
"openSUSE Leap 15.3:cifs-utils-6.9-150100.5.15.1.s390x",
"openSUSE Leap 15.3:cifs-utils-6.9-150100.5.15.1.x86_64",
"openSUSE Leap 15.3:cifs-utils-devel-6.9-150100.5.15.1.aarch64",
"openSUSE Leap 15.3:cifs-utils-devel-6.9-150100.5.15.1.ppc64le",
"openSUSE Leap 15.3:cifs-utils-devel-6.9-150100.5.15.1.s390x",
"openSUSE Leap 15.3:cifs-utils-devel-6.9-150100.5.15.1.x86_64",
"openSUSE Leap 15.3:pam_cifscreds-6.9-150100.5.15.1.aarch64",
"openSUSE Leap 15.3:pam_cifscreds-6.9-150100.5.15.1.ppc64le",
"openSUSE Leap 15.3:pam_cifscreds-6.9-150100.5.15.1.s390x",
"openSUSE Leap 15.3:pam_cifscreds-6.9-150100.5.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 6:cifs-utils-6.9-150100.5.15.1.aarch64",
"SUSE Enterprise Storage 6:cifs-utils-6.9-150100.5.15.1.x86_64",
"SUSE Enterprise Storage 6:cifs-utils-devel-6.9-150100.5.15.1.aarch64",
"SUSE Enterprise Storage 6:cifs-utils-devel-6.9-150100.5.15.1.x86_64",
"SUSE Enterprise Storage 7:cifs-utils-6.9-150100.5.15.1.aarch64",
"SUSE Enterprise Storage 7:cifs-utils-6.9-150100.5.15.1.x86_64",
"SUSE Enterprise Storage 7:cifs-utils-devel-6.9-150100.5.15.1.aarch64",
"SUSE Enterprise Storage 7:cifs-utils-devel-6.9-150100.5.15.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:cifs-utils-6.9-150100.5.15.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:cifs-utils-6.9-150100.5.15.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:cifs-utils-devel-6.9-150100.5.15.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:cifs-utils-devel-6.9-150100.5.15.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:cifs-utils-6.9-150100.5.15.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:cifs-utils-6.9-150100.5.15.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:cifs-utils-devel-6.9-150100.5.15.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:cifs-utils-devel-6.9-150100.5.15.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:cifs-utils-6.9-150100.5.15.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:cifs-utils-6.9-150100.5.15.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:cifs-utils-devel-6.9-150100.5.15.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:cifs-utils-devel-6.9-150100.5.15.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:cifs-utils-6.9-150100.5.15.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:cifs-utils-6.9-150100.5.15.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:cifs-utils-devel-6.9-150100.5.15.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:cifs-utils-devel-6.9-150100.5.15.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:cifs-utils-6.9-150100.5.15.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:cifs-utils-6.9-150100.5.15.1.s390x",
"SUSE Linux Enterprise Micro 5.2:cifs-utils-6.9-150100.5.15.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:cifs-utils-6.9-150100.5.15.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:cifs-utils-6.9-150100.5.15.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:cifs-utils-6.9-150100.5.15.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:cifs-utils-6.9-150100.5.15.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:cifs-utils-devel-6.9-150100.5.15.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:cifs-utils-devel-6.9-150100.5.15.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:cifs-utils-devel-6.9-150100.5.15.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:cifs-utils-devel-6.9-150100.5.15.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP2:cifs-utils-6.9-150100.5.15.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP2:cifs-utils-devel-6.9-150100.5.15.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:cifs-utils-6.9-150100.5.15.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-BCL:cifs-utils-devel-6.9-150100.5.15.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:cifs-utils-6.9-150100.5.15.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:cifs-utils-6.9-150100.5.15.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:cifs-utils-6.9-150100.5.15.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:cifs-utils-6.9-150100.5.15.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:cifs-utils-devel-6.9-150100.5.15.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:cifs-utils-devel-6.9-150100.5.15.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:cifs-utils-devel-6.9-150100.5.15.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:cifs-utils-devel-6.9-150100.5.15.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:cifs-utils-6.9-150100.5.15.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:cifs-utils-devel-6.9-150100.5.15.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:cifs-utils-6.9-150100.5.15.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:cifs-utils-6.9-150100.5.15.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:cifs-utils-6.9-150100.5.15.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:cifs-utils-6.9-150100.5.15.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:cifs-utils-devel-6.9-150100.5.15.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:cifs-utils-devel-6.9-150100.5.15.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:cifs-utils-devel-6.9-150100.5.15.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:cifs-utils-devel-6.9-150100.5.15.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:cifs-utils-6.9-150100.5.15.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:cifs-utils-6.9-150100.5.15.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:cifs-utils-devel-6.9-150100.5.15.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:cifs-utils-devel-6.9-150100.5.15.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:cifs-utils-6.9-150100.5.15.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:cifs-utils-6.9-150100.5.15.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:cifs-utils-devel-6.9-150100.5.15.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:cifs-utils-devel-6.9-150100.5.15.1.x86_64",
"SUSE Manager Proxy 4.1:cifs-utils-6.9-150100.5.15.1.x86_64",
"SUSE Manager Proxy 4.1:cifs-utils-devel-6.9-150100.5.15.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:cifs-utils-6.9-150100.5.15.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:cifs-utils-devel-6.9-150100.5.15.1.x86_64",
"SUSE Manager Server 4.1:cifs-utils-6.9-150100.5.15.1.ppc64le",
"SUSE Manager Server 4.1:cifs-utils-6.9-150100.5.15.1.s390x",
"SUSE Manager Server 4.1:cifs-utils-6.9-150100.5.15.1.x86_64",
"SUSE Manager Server 4.1:cifs-utils-devel-6.9-150100.5.15.1.ppc64le",
"SUSE Manager Server 4.1:cifs-utils-devel-6.9-150100.5.15.1.s390x",
"SUSE Manager Server 4.1:cifs-utils-devel-6.9-150100.5.15.1.x86_64",
"openSUSE Leap 15.3:cifs-utils-6.9-150100.5.15.1.aarch64",
"openSUSE Leap 15.3:cifs-utils-6.9-150100.5.15.1.ppc64le",
"openSUSE Leap 15.3:cifs-utils-6.9-150100.5.15.1.s390x",
"openSUSE Leap 15.3:cifs-utils-6.9-150100.5.15.1.x86_64",
"openSUSE Leap 15.3:cifs-utils-devel-6.9-150100.5.15.1.aarch64",
"openSUSE Leap 15.3:cifs-utils-devel-6.9-150100.5.15.1.ppc64le",
"openSUSE Leap 15.3:cifs-utils-devel-6.9-150100.5.15.1.s390x",
"openSUSE Leap 15.3:cifs-utils-devel-6.9-150100.5.15.1.x86_64",
"openSUSE Leap 15.3:pam_cifscreds-6.9-150100.5.15.1.aarch64",
"openSUSE Leap 15.3:pam_cifscreds-6.9-150100.5.15.1.ppc64le",
"openSUSE Leap 15.3:pam_cifscreds-6.9-150100.5.15.1.s390x",
"openSUSE Leap 15.3:pam_cifscreds-6.9-150100.5.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-04-27T08:01:56Z",
"details": "moderate"
}
],
"title": "CVE-2022-27239"
}
]
}
SUSE-SU-2022:1428-1
Vulnerability from csaf_suse - Published: 2022-04-27 08:00 - Updated: 2022-04-27 08:00Summary
Security update for cifs-utils
Severity
Important
Notes
Title of the patch: Security update for cifs-utils
Description of the patch: This update for cifs-utils fixes the following issues:
- CVE-2022-27239: Fixed a buffer overflow in the command line ip option (bsc#1197216).
Patchnames: HPE-Helion-OpenStack-8-2022-1428,SUSE-2022-1428,SUSE-OpenStack-Cloud-8-2022-1428,SUSE-OpenStack-Cloud-Crowbar-8-2022-1428,SUSE-SLE-SAP-12-SP3-2022-1428,SUSE-SLE-SERVER-12-SP2-BCL-2022-1428,SUSE-SLE-SERVER-12-SP3-2022-1428,SUSE-SLE-SERVER-12-SP3-BCL-2022-1428
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
6.7 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
References
| URL | Category | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for cifs-utils",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for cifs-utils fixes the following issues:\n\n- CVE-2022-27239: Fixed a buffer overflow in the command line ip option (bsc#1197216).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "HPE-Helion-OpenStack-8-2022-1428,SUSE-2022-1428,SUSE-OpenStack-Cloud-8-2022-1428,SUSE-OpenStack-Cloud-Crowbar-8-2022-1428,SUSE-SLE-SAP-12-SP3-2022-1428,SUSE-SLE-SERVER-12-SP2-BCL-2022-1428,SUSE-SLE-SERVER-12-SP3-2022-1428,SUSE-SLE-SERVER-12-SP3-BCL-2022-1428",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2022_1428-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2022:1428-1",
"url": "https://www.suse.com/support/update/announcement/2022/suse-su-20221428-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2022:1428-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2022-April/010844.html"
},
{
"category": "self",
"summary": "SUSE Bug 1197216",
"url": "https://bugzilla.suse.com/1197216"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-27239 page",
"url": "https://www.suse.com/security/cve/CVE-2022-27239/"
}
],
"title": "Security update for cifs-utils",
"tracking": {
"current_release_date": "2022-04-27T08:00:07Z",
"generator": {
"date": "2022-04-27T08:00:07Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2022:1428-1",
"initial_release_date": "2022-04-27T08:00:07Z",
"revision_history": [
{
"date": "2022-04-27T08:00:07Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "cifs-utils-6.9-9.18.1.aarch64",
"product": {
"name": "cifs-utils-6.9-9.18.1.aarch64",
"product_id": "cifs-utils-6.9-9.18.1.aarch64"
}
},
{
"category": "product_version",
"name": "cifs-utils-devel-6.9-9.18.1.aarch64",
"product": {
"name": "cifs-utils-devel-6.9-9.18.1.aarch64",
"product_id": "cifs-utils-devel-6.9-9.18.1.aarch64"
}
},
{
"category": "product_version",
"name": "pam_cifscreds-6.9-9.18.1.aarch64",
"product": {
"name": "pam_cifscreds-6.9-9.18.1.aarch64",
"product_id": "pam_cifscreds-6.9-9.18.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "cifs-utils-6.9-9.18.1.i586",
"product": {
"name": "cifs-utils-6.9-9.18.1.i586",
"product_id": "cifs-utils-6.9-9.18.1.i586"
}
},
{
"category": "product_version",
"name": "cifs-utils-devel-6.9-9.18.1.i586",
"product": {
"name": "cifs-utils-devel-6.9-9.18.1.i586",
"product_id": "cifs-utils-devel-6.9-9.18.1.i586"
}
},
{
"category": "product_version",
"name": "pam_cifscreds-6.9-9.18.1.i586",
"product": {
"name": "pam_cifscreds-6.9-9.18.1.i586",
"product_id": "pam_cifscreds-6.9-9.18.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "cifs-utils-6.9-9.18.1.ppc64le",
"product": {
"name": "cifs-utils-6.9-9.18.1.ppc64le",
"product_id": "cifs-utils-6.9-9.18.1.ppc64le"
}
},
{
"category": "product_version",
"name": "cifs-utils-devel-6.9-9.18.1.ppc64le",
"product": {
"name": "cifs-utils-devel-6.9-9.18.1.ppc64le",
"product_id": "cifs-utils-devel-6.9-9.18.1.ppc64le"
}
},
{
"category": "product_version",
"name": "pam_cifscreds-6.9-9.18.1.ppc64le",
"product": {
"name": "pam_cifscreds-6.9-9.18.1.ppc64le",
"product_id": "pam_cifscreds-6.9-9.18.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "cifs-utils-6.9-9.18.1.s390",
"product": {
"name": "cifs-utils-6.9-9.18.1.s390",
"product_id": "cifs-utils-6.9-9.18.1.s390"
}
},
{
"category": "product_version",
"name": "cifs-utils-devel-6.9-9.18.1.s390",
"product": {
"name": "cifs-utils-devel-6.9-9.18.1.s390",
"product_id": "cifs-utils-devel-6.9-9.18.1.s390"
}
},
{
"category": "product_version",
"name": "pam_cifscreds-6.9-9.18.1.s390",
"product": {
"name": "pam_cifscreds-6.9-9.18.1.s390",
"product_id": "pam_cifscreds-6.9-9.18.1.s390"
}
}
],
"category": "architecture",
"name": "s390"
},
{
"branches": [
{
"category": "product_version",
"name": "cifs-utils-6.9-9.18.1.s390x",
"product": {
"name": "cifs-utils-6.9-9.18.1.s390x",
"product_id": "cifs-utils-6.9-9.18.1.s390x"
}
},
{
"category": "product_version",
"name": "cifs-utils-devel-6.9-9.18.1.s390x",
"product": {
"name": "cifs-utils-devel-6.9-9.18.1.s390x",
"product_id": "cifs-utils-devel-6.9-9.18.1.s390x"
}
},
{
"category": "product_version",
"name": "pam_cifscreds-6.9-9.18.1.s390x",
"product": {
"name": "pam_cifscreds-6.9-9.18.1.s390x",
"product_id": "pam_cifscreds-6.9-9.18.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "cifs-utils-6.9-9.18.1.x86_64",
"product": {
"name": "cifs-utils-6.9-9.18.1.x86_64",
"product_id": "cifs-utils-6.9-9.18.1.x86_64"
}
},
{
"category": "product_version",
"name": "cifs-utils-devel-6.9-9.18.1.x86_64",
"product": {
"name": "cifs-utils-devel-6.9-9.18.1.x86_64",
"product_id": "cifs-utils-devel-6.9-9.18.1.x86_64"
}
},
{
"category": "product_version",
"name": "pam_cifscreds-6.9-9.18.1.x86_64",
"product": {
"name": "pam_cifscreds-6.9-9.18.1.x86_64",
"product_id": "pam_cifscreds-6.9-9.18.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "HPE Helion OpenStack 8",
"product": {
"name": "HPE Helion OpenStack 8",
"product_id": "HPE Helion OpenStack 8",
"product_identification_helper": {
"cpe": "cpe:/o:suse:hpe-helion-openstack:8"
}
}
},
{
"category": "product_name",
"name": "SUSE OpenStack Cloud 8",
"product": {
"name": "SUSE OpenStack Cloud 8",
"product_id": "SUSE OpenStack Cloud 8",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-openstack-cloud:8"
}
}
},
{
"category": "product_name",
"name": "SUSE OpenStack Cloud Crowbar 8",
"product": {
"name": "SUSE OpenStack Cloud Crowbar 8",
"product_id": "SUSE OpenStack Cloud Crowbar 8",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-openstack-cloud-crowbar:8"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:12:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP2-BCL",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP2-BCL",
"product_id": "SUSE Linux Enterprise Server 12 SP2-BCL",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-bcl:12:sp2"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP3-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP3-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:12:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP3-BCL",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP3-BCL",
"product_id": "SUSE Linux Enterprise Server 12 SP3-BCL",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-bcl:12:sp3"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-6.9-9.18.1.x86_64 as component of HPE Helion OpenStack 8",
"product_id": "HPE Helion OpenStack 8:cifs-utils-6.9-9.18.1.x86_64"
},
"product_reference": "cifs-utils-6.9-9.18.1.x86_64",
"relates_to_product_reference": "HPE Helion OpenStack 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-6.9-9.18.1.x86_64 as component of SUSE OpenStack Cloud 8",
"product_id": "SUSE OpenStack Cloud 8:cifs-utils-6.9-9.18.1.x86_64"
},
"product_reference": "cifs-utils-6.9-9.18.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-6.9-9.18.1.x86_64 as component of SUSE OpenStack Cloud Crowbar 8",
"product_id": "SUSE OpenStack Cloud Crowbar 8:cifs-utils-6.9-9.18.1.x86_64"
},
"product_reference": "cifs-utils-6.9-9.18.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud Crowbar 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-6.9-9.18.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:cifs-utils-6.9-9.18.1.ppc64le"
},
"product_reference": "cifs-utils-6.9-9.18.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-6.9-9.18.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:cifs-utils-6.9-9.18.1.x86_64"
},
"product_reference": "cifs-utils-6.9-9.18.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-6.9-9.18.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP2-BCL",
"product_id": "SUSE Linux Enterprise Server 12 SP2-BCL:cifs-utils-6.9-9.18.1.x86_64"
},
"product_reference": "cifs-utils-6.9-9.18.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-6.9-9.18.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP3-LTSS:cifs-utils-6.9-9.18.1.aarch64"
},
"product_reference": "cifs-utils-6.9-9.18.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-6.9-9.18.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP3-LTSS:cifs-utils-6.9-9.18.1.ppc64le"
},
"product_reference": "cifs-utils-6.9-9.18.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-6.9-9.18.1.s390x as component of SUSE Linux Enterprise Server 12 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP3-LTSS:cifs-utils-6.9-9.18.1.s390x"
},
"product_reference": "cifs-utils-6.9-9.18.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-6.9-9.18.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP3-LTSS:cifs-utils-6.9-9.18.1.x86_64"
},
"product_reference": "cifs-utils-6.9-9.18.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-6.9-9.18.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3-BCL",
"product_id": "SUSE Linux Enterprise Server 12 SP3-BCL:cifs-utils-6.9-9.18.1.x86_64"
},
"product_reference": "cifs-utils-6.9-9.18.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3-BCL"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-27239",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-27239"
}
],
"notes": [
{
"category": "general",
"text": "In cifs-utils through 6.14, a stack-based buffer overflow when parsing the mount.cifs ip= command-line argument could lead to local attackers gaining root privileges.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"HPE Helion OpenStack 8:cifs-utils-6.9-9.18.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:cifs-utils-6.9-9.18.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:cifs-utils-6.9-9.18.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:cifs-utils-6.9-9.18.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:cifs-utils-6.9-9.18.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:cifs-utils-6.9-9.18.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:cifs-utils-6.9-9.18.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cifs-utils-6.9-9.18.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cifs-utils-6.9-9.18.1.x86_64",
"SUSE OpenStack Cloud 8:cifs-utils-6.9-9.18.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:cifs-utils-6.9-9.18.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-27239",
"url": "https://www.suse.com/security/cve/CVE-2022-27239"
},
{
"category": "external",
"summary": "SUSE Bug 1197216 for CVE-2022-27239",
"url": "https://bugzilla.suse.com/1197216"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"HPE Helion OpenStack 8:cifs-utils-6.9-9.18.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:cifs-utils-6.9-9.18.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:cifs-utils-6.9-9.18.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:cifs-utils-6.9-9.18.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:cifs-utils-6.9-9.18.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:cifs-utils-6.9-9.18.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:cifs-utils-6.9-9.18.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cifs-utils-6.9-9.18.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cifs-utils-6.9-9.18.1.x86_64",
"SUSE OpenStack Cloud 8:cifs-utils-6.9-9.18.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:cifs-utils-6.9-9.18.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"HPE Helion OpenStack 8:cifs-utils-6.9-9.18.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:cifs-utils-6.9-9.18.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:cifs-utils-6.9-9.18.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:cifs-utils-6.9-9.18.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:cifs-utils-6.9-9.18.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:cifs-utils-6.9-9.18.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:cifs-utils-6.9-9.18.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cifs-utils-6.9-9.18.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:cifs-utils-6.9-9.18.1.x86_64",
"SUSE OpenStack Cloud 8:cifs-utils-6.9-9.18.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:cifs-utils-6.9-9.18.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-04-27T08:00:07Z",
"details": "moderate"
}
],
"title": "CVE-2022-27239"
}
]
}
SUSE-SU-2022:1427-1
Vulnerability from csaf_suse - Published: 2022-04-27 08:00 - Updated: 2022-04-27 08:00Summary
Security update for cifs-utils
Severity
Important
Notes
Title of the patch: Security update for cifs-utils
Description of the patch: This update for cifs-utils fixes the following issues:
- CVE-2022-27239: Fixed a buffer overflow in the command line ip option (bsc#1197216).
Patchnames: SUSE-2022-1427,SUSE-SLE-Product-HPC-15-2022-1427,SUSE-SLE-Product-SLES-15-2022-1427,SUSE-SLE-Product-SLES_SAP-15-2022-1427
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
6.7 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
References
| URL | Category | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for cifs-utils",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for cifs-utils fixes the following issues:\n\n- CVE-2022-27239: Fixed a buffer overflow in the command line ip option (bsc#1197216).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2022-1427,SUSE-SLE-Product-HPC-15-2022-1427,SUSE-SLE-Product-SLES-15-2022-1427,SUSE-SLE-Product-SLES_SAP-15-2022-1427",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2022_1427-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2022:1427-1",
"url": "https://www.suse.com/support/update/announcement/2022/suse-su-20221427-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2022:1427-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2022-April/010846.html"
},
{
"category": "self",
"summary": "SUSE Bug 1197216",
"url": "https://bugzilla.suse.com/1197216"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-27239 page",
"url": "https://www.suse.com/security/cve/CVE-2022-27239/"
}
],
"title": "Security update for cifs-utils",
"tracking": {
"current_release_date": "2022-04-27T08:00:00Z",
"generator": {
"date": "2022-04-27T08:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2022:1427-1",
"initial_release_date": "2022-04-27T08:00:00Z",
"revision_history": [
{
"date": "2022-04-27T08:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "cifs-utils-6.9-150000.3.17.1.aarch64",
"product": {
"name": "cifs-utils-6.9-150000.3.17.1.aarch64",
"product_id": "cifs-utils-6.9-150000.3.17.1.aarch64"
}
},
{
"category": "product_version",
"name": "cifs-utils-devel-6.9-150000.3.17.1.aarch64",
"product": {
"name": "cifs-utils-devel-6.9-150000.3.17.1.aarch64",
"product_id": "cifs-utils-devel-6.9-150000.3.17.1.aarch64"
}
},
{
"category": "product_version",
"name": "pam_cifscreds-6.9-150000.3.17.1.aarch64",
"product": {
"name": "pam_cifscreds-6.9-150000.3.17.1.aarch64",
"product_id": "pam_cifscreds-6.9-150000.3.17.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "cifs-utils-6.9-150000.3.17.1.i586",
"product": {
"name": "cifs-utils-6.9-150000.3.17.1.i586",
"product_id": "cifs-utils-6.9-150000.3.17.1.i586"
}
},
{
"category": "product_version",
"name": "cifs-utils-devel-6.9-150000.3.17.1.i586",
"product": {
"name": "cifs-utils-devel-6.9-150000.3.17.1.i586",
"product_id": "cifs-utils-devel-6.9-150000.3.17.1.i586"
}
},
{
"category": "product_version",
"name": "pam_cifscreds-6.9-150000.3.17.1.i586",
"product": {
"name": "pam_cifscreds-6.9-150000.3.17.1.i586",
"product_id": "pam_cifscreds-6.9-150000.3.17.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "cifs-utils-6.9-150000.3.17.1.ppc64le",
"product": {
"name": "cifs-utils-6.9-150000.3.17.1.ppc64le",
"product_id": "cifs-utils-6.9-150000.3.17.1.ppc64le"
}
},
{
"category": "product_version",
"name": "cifs-utils-devel-6.9-150000.3.17.1.ppc64le",
"product": {
"name": "cifs-utils-devel-6.9-150000.3.17.1.ppc64le",
"product_id": "cifs-utils-devel-6.9-150000.3.17.1.ppc64le"
}
},
{
"category": "product_version",
"name": "pam_cifscreds-6.9-150000.3.17.1.ppc64le",
"product": {
"name": "pam_cifscreds-6.9-150000.3.17.1.ppc64le",
"product_id": "pam_cifscreds-6.9-150000.3.17.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "cifs-utils-6.9-150000.3.17.1.s390x",
"product": {
"name": "cifs-utils-6.9-150000.3.17.1.s390x",
"product_id": "cifs-utils-6.9-150000.3.17.1.s390x"
}
},
{
"category": "product_version",
"name": "cifs-utils-devel-6.9-150000.3.17.1.s390x",
"product": {
"name": "cifs-utils-devel-6.9-150000.3.17.1.s390x",
"product_id": "cifs-utils-devel-6.9-150000.3.17.1.s390x"
}
},
{
"category": "product_version",
"name": "pam_cifscreds-6.9-150000.3.17.1.s390x",
"product": {
"name": "pam_cifscreds-6.9-150000.3.17.1.s390x",
"product_id": "pam_cifscreds-6.9-150000.3.17.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "cifs-utils-6.9-150000.3.17.1.x86_64",
"product": {
"name": "cifs-utils-6.9-150000.3.17.1.x86_64",
"product_id": "cifs-utils-6.9-150000.3.17.1.x86_64"
}
},
{
"category": "product_version",
"name": "cifs-utils-devel-6.9-150000.3.17.1.x86_64",
"product": {
"name": "cifs-utils-devel-6.9-150000.3.17.1.x86_64",
"product_id": "cifs-utils-devel-6.9-150000.3.17.1.x86_64"
}
},
{
"category": "product_version",
"name": "pam_cifscreds-6.9-150000.3.17.1.x86_64",
"product": {
"name": "pam_cifscreds-6.9-150000.3.17.1.x86_64",
"product_id": "pam_cifscreds-6.9-150000.3.17.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15-ESPOS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15-ESPOS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-espos:15"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15-LTSS",
"product_id": "SUSE Linux Enterprise Server 15-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-6.9-150000.3.17.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15-ESPOS:cifs-utils-6.9-150000.3.17.1.aarch64"
},
"product_reference": "cifs-utils-6.9-150000.3.17.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-6.9-150000.3.17.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15-ESPOS:cifs-utils-6.9-150000.3.17.1.x86_64"
},
"product_reference": "cifs-utils-6.9-150000.3.17.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-devel-6.9-150000.3.17.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15-ESPOS:cifs-utils-devel-6.9-150000.3.17.1.aarch64"
},
"product_reference": "cifs-utils-devel-6.9-150000.3.17.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-devel-6.9-150000.3.17.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15-ESPOS:cifs-utils-devel-6.9-150000.3.17.1.x86_64"
},
"product_reference": "cifs-utils-devel-6.9-150000.3.17.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-6.9-150000.3.17.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15-LTSS:cifs-utils-6.9-150000.3.17.1.aarch64"
},
"product_reference": "cifs-utils-6.9-150000.3.17.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-6.9-150000.3.17.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15-LTSS:cifs-utils-6.9-150000.3.17.1.x86_64"
},
"product_reference": "cifs-utils-6.9-150000.3.17.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-devel-6.9-150000.3.17.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15-LTSS:cifs-utils-devel-6.9-150000.3.17.1.aarch64"
},
"product_reference": "cifs-utils-devel-6.9-150000.3.17.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-devel-6.9-150000.3.17.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15-LTSS:cifs-utils-devel-6.9-150000.3.17.1.x86_64"
},
"product_reference": "cifs-utils-devel-6.9-150000.3.17.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-6.9-150000.3.17.1.aarch64 as component of SUSE Linux Enterprise Server 15-LTSS",
"product_id": "SUSE Linux Enterprise Server 15-LTSS:cifs-utils-6.9-150000.3.17.1.aarch64"
},
"product_reference": "cifs-utils-6.9-150000.3.17.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-6.9-150000.3.17.1.ppc64le as component of SUSE Linux Enterprise Server 15-LTSS",
"product_id": "SUSE Linux Enterprise Server 15-LTSS:cifs-utils-6.9-150000.3.17.1.ppc64le"
},
"product_reference": "cifs-utils-6.9-150000.3.17.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-6.9-150000.3.17.1.s390x as component of SUSE Linux Enterprise Server 15-LTSS",
"product_id": "SUSE Linux Enterprise Server 15-LTSS:cifs-utils-6.9-150000.3.17.1.s390x"
},
"product_reference": "cifs-utils-6.9-150000.3.17.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-6.9-150000.3.17.1.x86_64 as component of SUSE Linux Enterprise Server 15-LTSS",
"product_id": "SUSE Linux Enterprise Server 15-LTSS:cifs-utils-6.9-150000.3.17.1.x86_64"
},
"product_reference": "cifs-utils-6.9-150000.3.17.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-devel-6.9-150000.3.17.1.aarch64 as component of SUSE Linux Enterprise Server 15-LTSS",
"product_id": "SUSE Linux Enterprise Server 15-LTSS:cifs-utils-devel-6.9-150000.3.17.1.aarch64"
},
"product_reference": "cifs-utils-devel-6.9-150000.3.17.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-devel-6.9-150000.3.17.1.ppc64le as component of SUSE Linux Enterprise Server 15-LTSS",
"product_id": "SUSE Linux Enterprise Server 15-LTSS:cifs-utils-devel-6.9-150000.3.17.1.ppc64le"
},
"product_reference": "cifs-utils-devel-6.9-150000.3.17.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-devel-6.9-150000.3.17.1.s390x as component of SUSE Linux Enterprise Server 15-LTSS",
"product_id": "SUSE Linux Enterprise Server 15-LTSS:cifs-utils-devel-6.9-150000.3.17.1.s390x"
},
"product_reference": "cifs-utils-devel-6.9-150000.3.17.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-devel-6.9-150000.3.17.1.x86_64 as component of SUSE Linux Enterprise Server 15-LTSS",
"product_id": "SUSE Linux Enterprise Server 15-LTSS:cifs-utils-devel-6.9-150000.3.17.1.x86_64"
},
"product_reference": "cifs-utils-devel-6.9-150000.3.17.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-6.9-150000.3.17.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15:cifs-utils-6.9-150000.3.17.1.ppc64le"
},
"product_reference": "cifs-utils-6.9-150000.3.17.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-6.9-150000.3.17.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15:cifs-utils-6.9-150000.3.17.1.x86_64"
},
"product_reference": "cifs-utils-6.9-150000.3.17.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-devel-6.9-150000.3.17.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15:cifs-utils-devel-6.9-150000.3.17.1.ppc64le"
},
"product_reference": "cifs-utils-devel-6.9-150000.3.17.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-devel-6.9-150000.3.17.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15:cifs-utils-devel-6.9-150000.3.17.1.x86_64"
},
"product_reference": "cifs-utils-devel-6.9-150000.3.17.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-27239",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-27239"
}
],
"notes": [
{
"category": "general",
"text": "In cifs-utils through 6.14, a stack-based buffer overflow when parsing the mount.cifs ip= command-line argument could lead to local attackers gaining root privileges.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:cifs-utils-6.9-150000.3.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:cifs-utils-6.9-150000.3.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:cifs-utils-devel-6.9-150000.3.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:cifs-utils-devel-6.9-150000.3.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:cifs-utils-6.9-150000.3.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:cifs-utils-6.9-150000.3.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:cifs-utils-devel-6.9-150000.3.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:cifs-utils-devel-6.9-150000.3.17.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:cifs-utils-6.9-150000.3.17.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:cifs-utils-6.9-150000.3.17.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:cifs-utils-6.9-150000.3.17.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:cifs-utils-6.9-150000.3.17.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:cifs-utils-devel-6.9-150000.3.17.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:cifs-utils-devel-6.9-150000.3.17.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:cifs-utils-devel-6.9-150000.3.17.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:cifs-utils-devel-6.9-150000.3.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:cifs-utils-6.9-150000.3.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:cifs-utils-6.9-150000.3.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:cifs-utils-devel-6.9-150000.3.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:cifs-utils-devel-6.9-150000.3.17.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-27239",
"url": "https://www.suse.com/security/cve/CVE-2022-27239"
},
{
"category": "external",
"summary": "SUSE Bug 1197216 for CVE-2022-27239",
"url": "https://bugzilla.suse.com/1197216"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:cifs-utils-6.9-150000.3.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:cifs-utils-6.9-150000.3.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:cifs-utils-devel-6.9-150000.3.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:cifs-utils-devel-6.9-150000.3.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:cifs-utils-6.9-150000.3.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:cifs-utils-6.9-150000.3.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:cifs-utils-devel-6.9-150000.3.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:cifs-utils-devel-6.9-150000.3.17.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:cifs-utils-6.9-150000.3.17.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:cifs-utils-6.9-150000.3.17.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:cifs-utils-6.9-150000.3.17.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:cifs-utils-6.9-150000.3.17.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:cifs-utils-devel-6.9-150000.3.17.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:cifs-utils-devel-6.9-150000.3.17.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:cifs-utils-devel-6.9-150000.3.17.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:cifs-utils-devel-6.9-150000.3.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:cifs-utils-6.9-150000.3.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:cifs-utils-6.9-150000.3.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:cifs-utils-devel-6.9-150000.3.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:cifs-utils-devel-6.9-150000.3.17.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:cifs-utils-6.9-150000.3.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:cifs-utils-6.9-150000.3.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:cifs-utils-devel-6.9-150000.3.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:cifs-utils-devel-6.9-150000.3.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:cifs-utils-6.9-150000.3.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:cifs-utils-6.9-150000.3.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:cifs-utils-devel-6.9-150000.3.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:cifs-utils-devel-6.9-150000.3.17.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:cifs-utils-6.9-150000.3.17.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:cifs-utils-6.9-150000.3.17.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:cifs-utils-6.9-150000.3.17.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:cifs-utils-6.9-150000.3.17.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:cifs-utils-devel-6.9-150000.3.17.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:cifs-utils-devel-6.9-150000.3.17.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:cifs-utils-devel-6.9-150000.3.17.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:cifs-utils-devel-6.9-150000.3.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:cifs-utils-6.9-150000.3.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:cifs-utils-6.9-150000.3.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:cifs-utils-devel-6.9-150000.3.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:cifs-utils-devel-6.9-150000.3.17.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-04-27T08:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2022-27239"
}
]
}
SUSE-SU-2022:14950-1
Vulnerability from csaf_suse - Published: 2022-04-27 07:59 - Updated: 2022-04-27 07:59Summary
Security update for cifs-utils
Severity
Important
Notes
Title of the patch: Security update for cifs-utils
Description of the patch: This update for cifs-utils fixes the following issues:
- CVE-2022-27239: Fixed a buffer overflow in the command line ip option (bsc#1197216).
Patchnames: sleposp3-cifs-utils-14950
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
6.7 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
References
| URL | Category | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for cifs-utils",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for cifs-utils fixes the following issues:\n\n- CVE-2022-27239: Fixed a buffer overflow in the command line ip option (bsc#1197216).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "sleposp3-cifs-utils-14950",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2022_14950-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2022:14950-1",
"url": "https://www.suse.com/support/update/announcement/2022/suse-su-202214950-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2022:14950-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2022-April/010849.html"
},
{
"category": "self",
"summary": "SUSE Bug 1197216",
"url": "https://bugzilla.suse.com/1197216"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-27239 page",
"url": "https://www.suse.com/security/cve/CVE-2022-27239/"
}
],
"title": "Security update for cifs-utils",
"tracking": {
"current_release_date": "2022-04-27T07:59:37Z",
"generator": {
"date": "2022-04-27T07:59:37Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2022:14950-1",
"initial_release_date": "2022-04-27T07:59:37Z",
"revision_history": [
{
"date": "2022-04-27T07:59:37Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "cifs-utils-5.1-0.14.3.1.i586",
"product": {
"name": "cifs-utils-5.1-0.14.3.1.i586",
"product_id": "cifs-utils-5.1-0.14.3.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Point of Sale 11 SP3",
"product": {
"name": "SUSE Linux Enterprise Point of Sale 11 SP3",
"product_id": "SUSE Linux Enterprise Point of Sale 11 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-pos:11:sp3"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-5.1-0.14.3.1.i586 as component of SUSE Linux Enterprise Point of Sale 11 SP3",
"product_id": "SUSE Linux Enterprise Point of Sale 11 SP3:cifs-utils-5.1-0.14.3.1.i586"
},
"product_reference": "cifs-utils-5.1-0.14.3.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Point of Sale 11 SP3"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-27239",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-27239"
}
],
"notes": [
{
"category": "general",
"text": "In cifs-utils through 6.14, a stack-based buffer overflow when parsing the mount.cifs ip= command-line argument could lead to local attackers gaining root privileges.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Point of Sale 11 SP3:cifs-utils-5.1-0.14.3.1.i586"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-27239",
"url": "https://www.suse.com/security/cve/CVE-2022-27239"
},
{
"category": "external",
"summary": "SUSE Bug 1197216 for CVE-2022-27239",
"url": "https://bugzilla.suse.com/1197216"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Point of Sale 11 SP3:cifs-utils-5.1-0.14.3.1.i586"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Point of Sale 11 SP3:cifs-utils-5.1-0.14.3.1.i586"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-04-27T07:59:37Z",
"details": "moderate"
}
],
"title": "CVE-2022-27239"
}
]
}
SUSE-SU-2022:1429-1
Vulnerability from csaf_suse - Published: 2022-04-27 08:00 - Updated: 2022-04-27 08:00Summary
Security update for cifs-utils
Severity
Important
Notes
Title of the patch: Security update for cifs-utils
Description of the patch: This update for cifs-utils fixes the following issues:
- CVE-2022-27239: Fixed a buffer overflow in the command line ip option (bsc#1197216).
Patchnames: SUSE-2022-1429,SUSE-OpenStack-Cloud-9-2022-1429,SUSE-OpenStack-Cloud-Crowbar-9-2022-1429,SUSE-SLE-SAP-12-SP4-2022-1429,SUSE-SLE-SDK-12-SP5-2022-1429,SUSE-SLE-SERVER-12-SP4-LTSS-2022-1429,SUSE-SLE-SERVER-12-SP5-2022-1429
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
6.7 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
References
| URL | Category | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for cifs-utils",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for cifs-utils fixes the following issues:\n\n- CVE-2022-27239: Fixed a buffer overflow in the command line ip option (bsc#1197216).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2022-1429,SUSE-OpenStack-Cloud-9-2022-1429,SUSE-OpenStack-Cloud-Crowbar-9-2022-1429,SUSE-SLE-SAP-12-SP4-2022-1429,SUSE-SLE-SDK-12-SP5-2022-1429,SUSE-SLE-SERVER-12-SP4-LTSS-2022-1429,SUSE-SLE-SERVER-12-SP5-2022-1429",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2022_1429-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2022:1429-1",
"url": "https://www.suse.com/support/update/announcement/2022/suse-su-20221429-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2022:1429-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2022-April/010850.html"
},
{
"category": "self",
"summary": "SUSE Bug 1197216",
"url": "https://bugzilla.suse.com/1197216"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-27239 page",
"url": "https://www.suse.com/security/cve/CVE-2022-27239/"
}
],
"title": "Security update for cifs-utils",
"tracking": {
"current_release_date": "2022-04-27T08:00:29Z",
"generator": {
"date": "2022-04-27T08:00:29Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2022:1429-1",
"initial_release_date": "2022-04-27T08:00:29Z",
"revision_history": [
{
"date": "2022-04-27T08:00:29Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "cifs-utils-6.9-13.20.1.aarch64",
"product": {
"name": "cifs-utils-6.9-13.20.1.aarch64",
"product_id": "cifs-utils-6.9-13.20.1.aarch64"
}
},
{
"category": "product_version",
"name": "cifs-utils-devel-6.9-13.20.1.aarch64",
"product": {
"name": "cifs-utils-devel-6.9-13.20.1.aarch64",
"product_id": "cifs-utils-devel-6.9-13.20.1.aarch64"
}
},
{
"category": "product_version",
"name": "pam_cifscreds-6.9-13.20.1.aarch64",
"product": {
"name": "pam_cifscreds-6.9-13.20.1.aarch64",
"product_id": "pam_cifscreds-6.9-13.20.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "cifs-utils-6.9-13.20.1.i586",
"product": {
"name": "cifs-utils-6.9-13.20.1.i586",
"product_id": "cifs-utils-6.9-13.20.1.i586"
}
},
{
"category": "product_version",
"name": "cifs-utils-devel-6.9-13.20.1.i586",
"product": {
"name": "cifs-utils-devel-6.9-13.20.1.i586",
"product_id": "cifs-utils-devel-6.9-13.20.1.i586"
}
},
{
"category": "product_version",
"name": "pam_cifscreds-6.9-13.20.1.i586",
"product": {
"name": "pam_cifscreds-6.9-13.20.1.i586",
"product_id": "pam_cifscreds-6.9-13.20.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "cifs-utils-6.9-13.20.1.ppc64le",
"product": {
"name": "cifs-utils-6.9-13.20.1.ppc64le",
"product_id": "cifs-utils-6.9-13.20.1.ppc64le"
}
},
{
"category": "product_version",
"name": "cifs-utils-devel-6.9-13.20.1.ppc64le",
"product": {
"name": "cifs-utils-devel-6.9-13.20.1.ppc64le",
"product_id": "cifs-utils-devel-6.9-13.20.1.ppc64le"
}
},
{
"category": "product_version",
"name": "pam_cifscreds-6.9-13.20.1.ppc64le",
"product": {
"name": "pam_cifscreds-6.9-13.20.1.ppc64le",
"product_id": "pam_cifscreds-6.9-13.20.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "cifs-utils-6.9-13.20.1.s390",
"product": {
"name": "cifs-utils-6.9-13.20.1.s390",
"product_id": "cifs-utils-6.9-13.20.1.s390"
}
},
{
"category": "product_version",
"name": "cifs-utils-devel-6.9-13.20.1.s390",
"product": {
"name": "cifs-utils-devel-6.9-13.20.1.s390",
"product_id": "cifs-utils-devel-6.9-13.20.1.s390"
}
},
{
"category": "product_version",
"name": "pam_cifscreds-6.9-13.20.1.s390",
"product": {
"name": "pam_cifscreds-6.9-13.20.1.s390",
"product_id": "pam_cifscreds-6.9-13.20.1.s390"
}
}
],
"category": "architecture",
"name": "s390"
},
{
"branches": [
{
"category": "product_version",
"name": "cifs-utils-6.9-13.20.1.s390x",
"product": {
"name": "cifs-utils-6.9-13.20.1.s390x",
"product_id": "cifs-utils-6.9-13.20.1.s390x"
}
},
{
"category": "product_version",
"name": "cifs-utils-devel-6.9-13.20.1.s390x",
"product": {
"name": "cifs-utils-devel-6.9-13.20.1.s390x",
"product_id": "cifs-utils-devel-6.9-13.20.1.s390x"
}
},
{
"category": "product_version",
"name": "pam_cifscreds-6.9-13.20.1.s390x",
"product": {
"name": "pam_cifscreds-6.9-13.20.1.s390x",
"product_id": "pam_cifscreds-6.9-13.20.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "cifs-utils-6.9-13.20.1.x86_64",
"product": {
"name": "cifs-utils-6.9-13.20.1.x86_64",
"product_id": "cifs-utils-6.9-13.20.1.x86_64"
}
},
{
"category": "product_version",
"name": "cifs-utils-devel-6.9-13.20.1.x86_64",
"product": {
"name": "cifs-utils-devel-6.9-13.20.1.x86_64",
"product_id": "cifs-utils-devel-6.9-13.20.1.x86_64"
}
},
{
"category": "product_version",
"name": "pam_cifscreds-6.9-13.20.1.x86_64",
"product": {
"name": "pam_cifscreds-6.9-13.20.1.x86_64",
"product_id": "pam_cifscreds-6.9-13.20.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE OpenStack Cloud 9",
"product": {
"name": "SUSE OpenStack Cloud 9",
"product_id": "SUSE OpenStack Cloud 9",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-openstack-cloud:9"
}
}
},
{
"category": "product_name",
"name": "SUSE OpenStack Cloud Crowbar 9",
"product": {
"name": "SUSE OpenStack Cloud Crowbar 9",
"product_id": "SUSE OpenStack Cloud Crowbar 9",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-openstack-cloud-crowbar:9"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:12:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Software Development Kit 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Software Development Kit 12 SP5",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-sdk:12:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP4-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:12:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:12:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:12:sp5"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-6.9-13.20.1.x86_64 as component of SUSE OpenStack Cloud 9",
"product_id": "SUSE OpenStack Cloud 9:cifs-utils-6.9-13.20.1.x86_64"
},
"product_reference": "cifs-utils-6.9-13.20.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-6.9-13.20.1.x86_64 as component of SUSE OpenStack Cloud Crowbar 9",
"product_id": "SUSE OpenStack Cloud Crowbar 9:cifs-utils-6.9-13.20.1.x86_64"
},
"product_reference": "cifs-utils-6.9-13.20.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud Crowbar 9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-6.9-13.20.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:cifs-utils-6.9-13.20.1.ppc64le"
},
"product_reference": "cifs-utils-6.9-13.20.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-6.9-13.20.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:cifs-utils-6.9-13.20.1.x86_64"
},
"product_reference": "cifs-utils-6.9-13.20.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-devel-6.9-13.20.1.aarch64 as component of SUSE Linux Enterprise Software Development Kit 12 SP5",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP5:cifs-utils-devel-6.9-13.20.1.aarch64"
},
"product_reference": "cifs-utils-devel-6.9-13.20.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-devel-6.9-13.20.1.ppc64le as component of SUSE Linux Enterprise Software Development Kit 12 SP5",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP5:cifs-utils-devel-6.9-13.20.1.ppc64le"
},
"product_reference": "cifs-utils-devel-6.9-13.20.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-devel-6.9-13.20.1.s390x as component of SUSE Linux Enterprise Software Development Kit 12 SP5",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP5:cifs-utils-devel-6.9-13.20.1.s390x"
},
"product_reference": "cifs-utils-devel-6.9-13.20.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-devel-6.9-13.20.1.x86_64 as component of SUSE Linux Enterprise Software Development Kit 12 SP5",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP5:cifs-utils-devel-6.9-13.20.1.x86_64"
},
"product_reference": "cifs-utils-devel-6.9-13.20.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-6.9-13.20.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS:cifs-utils-6.9-13.20.1.aarch64"
},
"product_reference": "cifs-utils-6.9-13.20.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-6.9-13.20.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS:cifs-utils-6.9-13.20.1.ppc64le"
},
"product_reference": "cifs-utils-6.9-13.20.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-6.9-13.20.1.s390x as component of SUSE Linux Enterprise Server 12 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS:cifs-utils-6.9-13.20.1.s390x"
},
"product_reference": "cifs-utils-6.9-13.20.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-6.9-13.20.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS:cifs-utils-6.9-13.20.1.x86_64"
},
"product_reference": "cifs-utils-6.9-13.20.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-6.9-13.20.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:cifs-utils-6.9-13.20.1.aarch64"
},
"product_reference": "cifs-utils-6.9-13.20.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-6.9-13.20.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:cifs-utils-6.9-13.20.1.ppc64le"
},
"product_reference": "cifs-utils-6.9-13.20.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-6.9-13.20.1.s390x as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:cifs-utils-6.9-13.20.1.s390x"
},
"product_reference": "cifs-utils-6.9-13.20.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-6.9-13.20.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:cifs-utils-6.9-13.20.1.x86_64"
},
"product_reference": "cifs-utils-6.9-13.20.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-6.9-13.20.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:cifs-utils-6.9-13.20.1.aarch64"
},
"product_reference": "cifs-utils-6.9-13.20.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-6.9-13.20.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:cifs-utils-6.9-13.20.1.ppc64le"
},
"product_reference": "cifs-utils-6.9-13.20.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-6.9-13.20.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:cifs-utils-6.9-13.20.1.s390x"
},
"product_reference": "cifs-utils-6.9-13.20.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-6.9-13.20.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:cifs-utils-6.9-13.20.1.x86_64"
},
"product_reference": "cifs-utils-6.9-13.20.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-27239",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-27239"
}
],
"notes": [
{
"category": "general",
"text": "In cifs-utils through 6.14, a stack-based buffer overflow when parsing the mount.cifs ip= command-line argument could lead to local attackers gaining root privileges.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP4-LTSS:cifs-utils-6.9-13.20.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:cifs-utils-6.9-13.20.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:cifs-utils-6.9-13.20.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:cifs-utils-6.9-13.20.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cifs-utils-6.9-13.20.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cifs-utils-6.9-13.20.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cifs-utils-6.9-13.20.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cifs-utils-6.9-13.20.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:cifs-utils-6.9-13.20.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:cifs-utils-6.9-13.20.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:cifs-utils-6.9-13.20.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:cifs-utils-6.9-13.20.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:cifs-utils-6.9-13.20.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:cifs-utils-6.9-13.20.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:cifs-utils-devel-6.9-13.20.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:cifs-utils-devel-6.9-13.20.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:cifs-utils-devel-6.9-13.20.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:cifs-utils-devel-6.9-13.20.1.x86_64",
"SUSE OpenStack Cloud 9:cifs-utils-6.9-13.20.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:cifs-utils-6.9-13.20.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-27239",
"url": "https://www.suse.com/security/cve/CVE-2022-27239"
},
{
"category": "external",
"summary": "SUSE Bug 1197216 for CVE-2022-27239",
"url": "https://bugzilla.suse.com/1197216"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP4-LTSS:cifs-utils-6.9-13.20.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:cifs-utils-6.9-13.20.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:cifs-utils-6.9-13.20.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:cifs-utils-6.9-13.20.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cifs-utils-6.9-13.20.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cifs-utils-6.9-13.20.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cifs-utils-6.9-13.20.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cifs-utils-6.9-13.20.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:cifs-utils-6.9-13.20.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:cifs-utils-6.9-13.20.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:cifs-utils-6.9-13.20.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:cifs-utils-6.9-13.20.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:cifs-utils-6.9-13.20.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:cifs-utils-6.9-13.20.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:cifs-utils-devel-6.9-13.20.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:cifs-utils-devel-6.9-13.20.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:cifs-utils-devel-6.9-13.20.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:cifs-utils-devel-6.9-13.20.1.x86_64",
"SUSE OpenStack Cloud 9:cifs-utils-6.9-13.20.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:cifs-utils-6.9-13.20.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP4-LTSS:cifs-utils-6.9-13.20.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:cifs-utils-6.9-13.20.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:cifs-utils-6.9-13.20.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:cifs-utils-6.9-13.20.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cifs-utils-6.9-13.20.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cifs-utils-6.9-13.20.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cifs-utils-6.9-13.20.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cifs-utils-6.9-13.20.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:cifs-utils-6.9-13.20.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:cifs-utils-6.9-13.20.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:cifs-utils-6.9-13.20.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:cifs-utils-6.9-13.20.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:cifs-utils-6.9-13.20.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:cifs-utils-6.9-13.20.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:cifs-utils-devel-6.9-13.20.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:cifs-utils-devel-6.9-13.20.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:cifs-utils-devel-6.9-13.20.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:cifs-utils-devel-6.9-13.20.1.x86_64",
"SUSE OpenStack Cloud 9:cifs-utils-6.9-13.20.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:cifs-utils-6.9-13.20.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-04-27T08:00:29Z",
"details": "moderate"
}
],
"title": "CVE-2022-27239"
}
]
}
SUSE-SU-2022:2378-1
Vulnerability from csaf_suse - Published: 2022-07-13 08:27 - Updated: 2022-07-13 08:27Summary
Security update for cifs-utils
Severity
Important
Notes
Title of the patch: Security update for cifs-utils
Description of the patch: This update for cifs-utils fixes the following issues:
- CVE-2022-27239: Fixed a buffer overflow in the command line ip option (bsc#1197216).
Patchnames: SUSE-2022-2378,SUSE-SLE-Module-Basesystem-15-SP4-2022-2378,openSUSE-SLE-15.4-2022-2378
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
6.7 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
References
| URL | Category | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for cifs-utils",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for cifs-utils fixes the following issues:\n\n- CVE-2022-27239: Fixed a buffer overflow in the command line ip option (bsc#1197216).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2022-2378,SUSE-SLE-Module-Basesystem-15-SP4-2022-2378,openSUSE-SLE-15.4-2022-2378",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2022_2378-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2022:2378-1",
"url": "https://www.suse.com/support/update/announcement/2022/suse-su-20222378-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2022:2378-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2022-July/011538.html"
},
{
"category": "self",
"summary": "SUSE Bug 1197216",
"url": "https://bugzilla.suse.com/1197216"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-27239 page",
"url": "https://www.suse.com/security/cve/CVE-2022-27239/"
}
],
"title": "Security update for cifs-utils",
"tracking": {
"current_release_date": "2022-07-13T08:27:10Z",
"generator": {
"date": "2022-07-13T08:27:10Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2022:2378-1",
"initial_release_date": "2022-07-13T08:27:10Z",
"revision_history": [
{
"date": "2022-07-13T08:27:10Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "cifs-utils-6.15-150400.3.6.1.aarch64",
"product": {
"name": "cifs-utils-6.15-150400.3.6.1.aarch64",
"product_id": "cifs-utils-6.15-150400.3.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "cifs-utils-devel-6.15-150400.3.6.1.aarch64",
"product": {
"name": "cifs-utils-devel-6.15-150400.3.6.1.aarch64",
"product_id": "cifs-utils-devel-6.15-150400.3.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "pam_cifscreds-6.15-150400.3.6.1.aarch64",
"product": {
"name": "pam_cifscreds-6.15-150400.3.6.1.aarch64",
"product_id": "pam_cifscreds-6.15-150400.3.6.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "cifs-utils-6.15-150400.3.6.1.i586",
"product": {
"name": "cifs-utils-6.15-150400.3.6.1.i586",
"product_id": "cifs-utils-6.15-150400.3.6.1.i586"
}
},
{
"category": "product_version",
"name": "cifs-utils-devel-6.15-150400.3.6.1.i586",
"product": {
"name": "cifs-utils-devel-6.15-150400.3.6.1.i586",
"product_id": "cifs-utils-devel-6.15-150400.3.6.1.i586"
}
},
{
"category": "product_version",
"name": "pam_cifscreds-6.15-150400.3.6.1.i586",
"product": {
"name": "pam_cifscreds-6.15-150400.3.6.1.i586",
"product_id": "pam_cifscreds-6.15-150400.3.6.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "cifs-utils-6.15-150400.3.6.1.ppc64le",
"product": {
"name": "cifs-utils-6.15-150400.3.6.1.ppc64le",
"product_id": "cifs-utils-6.15-150400.3.6.1.ppc64le"
}
},
{
"category": "product_version",
"name": "cifs-utils-devel-6.15-150400.3.6.1.ppc64le",
"product": {
"name": "cifs-utils-devel-6.15-150400.3.6.1.ppc64le",
"product_id": "cifs-utils-devel-6.15-150400.3.6.1.ppc64le"
}
},
{
"category": "product_version",
"name": "pam_cifscreds-6.15-150400.3.6.1.ppc64le",
"product": {
"name": "pam_cifscreds-6.15-150400.3.6.1.ppc64le",
"product_id": "pam_cifscreds-6.15-150400.3.6.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "cifs-utils-6.15-150400.3.6.1.s390x",
"product": {
"name": "cifs-utils-6.15-150400.3.6.1.s390x",
"product_id": "cifs-utils-6.15-150400.3.6.1.s390x"
}
},
{
"category": "product_version",
"name": "cifs-utils-devel-6.15-150400.3.6.1.s390x",
"product": {
"name": "cifs-utils-devel-6.15-150400.3.6.1.s390x",
"product_id": "cifs-utils-devel-6.15-150400.3.6.1.s390x"
}
},
{
"category": "product_version",
"name": "pam_cifscreds-6.15-150400.3.6.1.s390x",
"product": {
"name": "pam_cifscreds-6.15-150400.3.6.1.s390x",
"product_id": "pam_cifscreds-6.15-150400.3.6.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "cifs-utils-6.15-150400.3.6.1.x86_64",
"product": {
"name": "cifs-utils-6.15-150400.3.6.1.x86_64",
"product_id": "cifs-utils-6.15-150400.3.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "cifs-utils-devel-6.15-150400.3.6.1.x86_64",
"product": {
"name": "cifs-utils-devel-6.15-150400.3.6.1.x86_64",
"product_id": "cifs-utils-devel-6.15-150400.3.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "pam_cifscreds-6.15-150400.3.6.1.x86_64",
"product": {
"name": "pam_cifscreds-6.15-150400.3.6.1.x86_64",
"product_id": "pam_cifscreds-6.15-150400.3.6.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Basesystem 15 SP4",
"product": {
"name": "SUSE Linux Enterprise Module for Basesystem 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-basesystem:15:sp4"
}
}
},
{
"category": "product_name",
"name": "openSUSE Leap 15.4",
"product": {
"name": "openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.4"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-6.15-150400.3.6.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP4:cifs-utils-6.15-150400.3.6.1.aarch64"
},
"product_reference": "cifs-utils-6.15-150400.3.6.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-6.15-150400.3.6.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP4:cifs-utils-6.15-150400.3.6.1.ppc64le"
},
"product_reference": "cifs-utils-6.15-150400.3.6.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-6.15-150400.3.6.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP4:cifs-utils-6.15-150400.3.6.1.s390x"
},
"product_reference": "cifs-utils-6.15-150400.3.6.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-6.15-150400.3.6.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP4:cifs-utils-6.15-150400.3.6.1.x86_64"
},
"product_reference": "cifs-utils-6.15-150400.3.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-devel-6.15-150400.3.6.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP4:cifs-utils-devel-6.15-150400.3.6.1.aarch64"
},
"product_reference": "cifs-utils-devel-6.15-150400.3.6.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-devel-6.15-150400.3.6.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP4:cifs-utils-devel-6.15-150400.3.6.1.ppc64le"
},
"product_reference": "cifs-utils-devel-6.15-150400.3.6.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-devel-6.15-150400.3.6.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP4:cifs-utils-devel-6.15-150400.3.6.1.s390x"
},
"product_reference": "cifs-utils-devel-6.15-150400.3.6.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-devel-6.15-150400.3.6.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP4:cifs-utils-devel-6.15-150400.3.6.1.x86_64"
},
"product_reference": "cifs-utils-devel-6.15-150400.3.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-6.15-150400.3.6.1.aarch64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:cifs-utils-6.15-150400.3.6.1.aarch64"
},
"product_reference": "cifs-utils-6.15-150400.3.6.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-6.15-150400.3.6.1.ppc64le as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:cifs-utils-6.15-150400.3.6.1.ppc64le"
},
"product_reference": "cifs-utils-6.15-150400.3.6.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-6.15-150400.3.6.1.s390x as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:cifs-utils-6.15-150400.3.6.1.s390x"
},
"product_reference": "cifs-utils-6.15-150400.3.6.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-6.15-150400.3.6.1.x86_64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:cifs-utils-6.15-150400.3.6.1.x86_64"
},
"product_reference": "cifs-utils-6.15-150400.3.6.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-devel-6.15-150400.3.6.1.aarch64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:cifs-utils-devel-6.15-150400.3.6.1.aarch64"
},
"product_reference": "cifs-utils-devel-6.15-150400.3.6.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-devel-6.15-150400.3.6.1.ppc64le as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:cifs-utils-devel-6.15-150400.3.6.1.ppc64le"
},
"product_reference": "cifs-utils-devel-6.15-150400.3.6.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-devel-6.15-150400.3.6.1.s390x as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:cifs-utils-devel-6.15-150400.3.6.1.s390x"
},
"product_reference": "cifs-utils-devel-6.15-150400.3.6.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-devel-6.15-150400.3.6.1.x86_64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:cifs-utils-devel-6.15-150400.3.6.1.x86_64"
},
"product_reference": "cifs-utils-devel-6.15-150400.3.6.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam_cifscreds-6.15-150400.3.6.1.aarch64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:pam_cifscreds-6.15-150400.3.6.1.aarch64"
},
"product_reference": "pam_cifscreds-6.15-150400.3.6.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam_cifscreds-6.15-150400.3.6.1.ppc64le as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:pam_cifscreds-6.15-150400.3.6.1.ppc64le"
},
"product_reference": "pam_cifscreds-6.15-150400.3.6.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam_cifscreds-6.15-150400.3.6.1.s390x as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:pam_cifscreds-6.15-150400.3.6.1.s390x"
},
"product_reference": "pam_cifscreds-6.15-150400.3.6.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam_cifscreds-6.15-150400.3.6.1.x86_64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:pam_cifscreds-6.15-150400.3.6.1.x86_64"
},
"product_reference": "pam_cifscreds-6.15-150400.3.6.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-27239",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-27239"
}
],
"notes": [
{
"category": "general",
"text": "In cifs-utils through 6.14, a stack-based buffer overflow when parsing the mount.cifs ip= command-line argument could lead to local attackers gaining root privileges.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Basesystem 15 SP4:cifs-utils-6.15-150400.3.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:cifs-utils-6.15-150400.3.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:cifs-utils-6.15-150400.3.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:cifs-utils-6.15-150400.3.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:cifs-utils-devel-6.15-150400.3.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:cifs-utils-devel-6.15-150400.3.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:cifs-utils-devel-6.15-150400.3.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:cifs-utils-devel-6.15-150400.3.6.1.x86_64",
"openSUSE Leap 15.4:cifs-utils-6.15-150400.3.6.1.aarch64",
"openSUSE Leap 15.4:cifs-utils-6.15-150400.3.6.1.ppc64le",
"openSUSE Leap 15.4:cifs-utils-6.15-150400.3.6.1.s390x",
"openSUSE Leap 15.4:cifs-utils-6.15-150400.3.6.1.x86_64",
"openSUSE Leap 15.4:cifs-utils-devel-6.15-150400.3.6.1.aarch64",
"openSUSE Leap 15.4:cifs-utils-devel-6.15-150400.3.6.1.ppc64le",
"openSUSE Leap 15.4:cifs-utils-devel-6.15-150400.3.6.1.s390x",
"openSUSE Leap 15.4:cifs-utils-devel-6.15-150400.3.6.1.x86_64",
"openSUSE Leap 15.4:pam_cifscreds-6.15-150400.3.6.1.aarch64",
"openSUSE Leap 15.4:pam_cifscreds-6.15-150400.3.6.1.ppc64le",
"openSUSE Leap 15.4:pam_cifscreds-6.15-150400.3.6.1.s390x",
"openSUSE Leap 15.4:pam_cifscreds-6.15-150400.3.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-27239",
"url": "https://www.suse.com/security/cve/CVE-2022-27239"
},
{
"category": "external",
"summary": "SUSE Bug 1197216 for CVE-2022-27239",
"url": "https://bugzilla.suse.com/1197216"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Basesystem 15 SP4:cifs-utils-6.15-150400.3.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:cifs-utils-6.15-150400.3.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:cifs-utils-6.15-150400.3.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:cifs-utils-6.15-150400.3.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:cifs-utils-devel-6.15-150400.3.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:cifs-utils-devel-6.15-150400.3.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:cifs-utils-devel-6.15-150400.3.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:cifs-utils-devel-6.15-150400.3.6.1.x86_64",
"openSUSE Leap 15.4:cifs-utils-6.15-150400.3.6.1.aarch64",
"openSUSE Leap 15.4:cifs-utils-6.15-150400.3.6.1.ppc64le",
"openSUSE Leap 15.4:cifs-utils-6.15-150400.3.6.1.s390x",
"openSUSE Leap 15.4:cifs-utils-6.15-150400.3.6.1.x86_64",
"openSUSE Leap 15.4:cifs-utils-devel-6.15-150400.3.6.1.aarch64",
"openSUSE Leap 15.4:cifs-utils-devel-6.15-150400.3.6.1.ppc64le",
"openSUSE Leap 15.4:cifs-utils-devel-6.15-150400.3.6.1.s390x",
"openSUSE Leap 15.4:cifs-utils-devel-6.15-150400.3.6.1.x86_64",
"openSUSE Leap 15.4:pam_cifscreds-6.15-150400.3.6.1.aarch64",
"openSUSE Leap 15.4:pam_cifscreds-6.15-150400.3.6.1.ppc64le",
"openSUSE Leap 15.4:pam_cifscreds-6.15-150400.3.6.1.s390x",
"openSUSE Leap 15.4:pam_cifscreds-6.15-150400.3.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Basesystem 15 SP4:cifs-utils-6.15-150400.3.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:cifs-utils-6.15-150400.3.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:cifs-utils-6.15-150400.3.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:cifs-utils-6.15-150400.3.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:cifs-utils-devel-6.15-150400.3.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:cifs-utils-devel-6.15-150400.3.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:cifs-utils-devel-6.15-150400.3.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:cifs-utils-devel-6.15-150400.3.6.1.x86_64",
"openSUSE Leap 15.4:cifs-utils-6.15-150400.3.6.1.aarch64",
"openSUSE Leap 15.4:cifs-utils-6.15-150400.3.6.1.ppc64le",
"openSUSE Leap 15.4:cifs-utils-6.15-150400.3.6.1.s390x",
"openSUSE Leap 15.4:cifs-utils-6.15-150400.3.6.1.x86_64",
"openSUSE Leap 15.4:cifs-utils-devel-6.15-150400.3.6.1.aarch64",
"openSUSE Leap 15.4:cifs-utils-devel-6.15-150400.3.6.1.ppc64le",
"openSUSE Leap 15.4:cifs-utils-devel-6.15-150400.3.6.1.s390x",
"openSUSE Leap 15.4:cifs-utils-devel-6.15-150400.3.6.1.x86_64",
"openSUSE Leap 15.4:pam_cifscreds-6.15-150400.3.6.1.aarch64",
"openSUSE Leap 15.4:pam_cifscreds-6.15-150400.3.6.1.ppc64le",
"openSUSE Leap 15.4:pam_cifscreds-6.15-150400.3.6.1.s390x",
"openSUSE Leap 15.4:pam_cifscreds-6.15-150400.3.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-07-13T08:27:10Z",
"details": "moderate"
}
],
"title": "CVE-2022-27239"
}
]
}
GSD-2022-27239
Vulnerability from gsd - Updated: 2023-12-13 01:19Details
In cifs-utils through 6.14, a stack-based buffer overflow when parsing the mount.cifs ip= command-line argument could lead to local attackers gaining root privileges.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2022-27239",
"description": "In cifs-utils through 6.14, a stack-based buffer overflow when parsing the mount.cifs ip= command-line argument could lead to local attackers gaining root privileges.",
"id": "GSD-2022-27239",
"references": [
"https://www.suse.com/security/cve/CVE-2022-27239.html",
"https://www.debian.org/security/2022/dsa-5157",
"https://advisories.mageia.org/CVE-2022-27239.html",
"https://ubuntu.com/security/CVE-2022-27239",
"https://alas.aws.amazon.com/cve/html/CVE-2022-27239.html"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2022-27239"
],
"details": "In cifs-utils through 6.14, a stack-based buffer overflow when parsing the mount.cifs ip= command-line argument could lead to local attackers gaining root privileges.",
"id": "GSD-2022-27239",
"modified": "2023-12-13T01:19:41.092105Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2022-27239",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In cifs-utils through 6.14, a stack-based buffer overflow when parsing the mount.cifs ip= command-line argument could lead to local attackers gaining root privileges."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.suse.com/show_bug.cgi?id=1197216",
"refsource": "MISC",
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1197216"
},
{
"name": "http://wiki.robotz.com/index.php/Linux_CIFS_Utils_and_Samba",
"refsource": "MISC",
"url": "http://wiki.robotz.com/index.php/Linux_CIFS_Utils_and_Samba"
},
{
"name": "https://github.com/piastry/cifs-utils/pull/7/commits/955fb147e97a6a74e1aaa65766de91e2c1479765",
"refsource": "MISC",
"url": "https://github.com/piastry/cifs-utils/pull/7/commits/955fb147e97a6a74e1aaa65766de91e2c1479765"
},
{
"name": "https://bugzilla.samba.org/show_bug.cgi?id=15025",
"refsource": "MISC",
"url": "https://bugzilla.samba.org/show_bug.cgi?id=15025"
},
{
"name": "https://github.com/piastry/cifs-utils/pull/7",
"refsource": "MISC",
"url": "https://github.com/piastry/cifs-utils/pull/7"
},
{
"name": "FEDORA-2022-eb2d3ca94d",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QIYZ4L6SLSYJQ446VJAO2VGAESURQNSP/"
},
{
"name": "FEDORA-2022-7fda04ab5a",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HXKZLJYJJEC3TIBFLXUORRMZUKG5W676/"
},
{
"name": "FEDORA-2022-34de4f833d",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5WBOLMANBYJILXQKRRK7OCR774PXJAYY/"
},
{
"name": "[debian-lts-announce] 20220516 [SECURITY] [DLA 3009-1] cifs-utils security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2022/05/msg00020.html"
},
{
"name": "DSA-5157",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2022/dsa-5157"
},
{
"name": "GLSA-202311-05",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/202311-05"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:samba:cifs-utils:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "6.15",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_server:11:sp4:*:*:ltss:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:suse:openstack_cloud:8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_server:15:*:*:*:*:sap:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:sp5:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:suse:openstack_cloud_crowbar:8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:suse:openstack_cloud_crowbar:9.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:suse:openstack_cloud:9.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_server:12:sp3:*:*:ltss:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_server:12:sp3:*:*:*:sap:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:-:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:suse:manager_server:4.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_server:12:sp5:*:*:*:sap:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_desktop:15:sp3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_server:15:sp3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_server:15:sp4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_desktop:15:sp4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:suse:enterprise_storage:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:suse:caas_platform:4.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:suse:enterprise_storage:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:suse:manager_proxy:4.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_server:15:-:*:*:espos:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_server:15:-:*:*:ltss:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_server:15:sp1:*:*:ltss:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_server:15:sp2:*:*:ltss:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_high_performance_computing:12.0:sp5:*:*:-:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_high_performance_computing:15.0:-:*:*:ltss:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_high_performance_computing:15.0:sp1:*:*:espos:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_high_performance_computing:15.0:sp1:*:*:ltss:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_high_performance_computing:15.0:sp2:*:*:espos:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_high_performance_computing:15.0:sp2:*:*:ltss:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_high_performance_computing:15.0:sp3:*:*:-:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_high_performance_computing:15.0:sp4:*:*:-:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_server:12:sp4:*:*:espos:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_server:12:sp4:*:*:ltss:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_server:12:sp3:*:*:espos:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_real_time:15.0:sp2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:suse:linux_enterprise_point_of_service:11.0:sp3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_micro:5.2:*:*:*:*:rancher:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_micro:5.2:*:*:*:*:-:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_server:12:sp2:*:*:business_critical_linux:-:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_server:12:sp3:*:*:business_critical_linux:-:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_server:15:sp1:*:*:business_critical_linux:-:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_server:15:sp2:*:*:business_critical_linux:-:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_server:12:sp4:*:*:-:sap:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:suse:manager_retail_branch_server:4.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:suse:manager_retail_branch_server:4.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:suse:manager_retail_branch_server:4.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:suse:manager_server:4.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:suse:manager_server:4.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:suse:manager_proxy:4.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:suse:manager_proxy:4.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:suse:linux_enterprise_storage:7.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:hp:helion_openstack:8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2022-27239"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "In cifs-utils through 6.14, a stack-based buffer overflow when parsing the mount.cifs ip= command-line argument could lead to local attackers gaining root privileges."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://wiki.robotz.com/index.php/Linux_CIFS_Utils_and_Samba",
"refsource": "MISC",
"tags": [
"Third Party Advisory"
],
"url": "http://wiki.robotz.com/index.php/Linux_CIFS_Utils_and_Samba"
},
{
"name": "https://bugzilla.samba.org/show_bug.cgi?id=15025",
"refsource": "MISC",
"tags": [
"Issue Tracking",
"Permissions Required",
"Vendor Advisory"
],
"url": "https://bugzilla.samba.org/show_bug.cgi?id=15025"
},
{
"name": "https://bugzilla.suse.com/show_bug.cgi?id=1197216",
"refsource": "MISC",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1197216"
},
{
"name": "https://github.com/piastry/cifs-utils/pull/7",
"refsource": "MISC",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/piastry/cifs-utils/pull/7"
},
{
"name": "https://github.com/piastry/cifs-utils/pull/7/commits/955fb147e97a6a74e1aaa65766de91e2c1479765",
"refsource": "MISC",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/piastry/cifs-utils/pull/7/commits/955fb147e97a6a74e1aaa65766de91e2c1479765"
},
{
"name": "[debian-lts-announce] 20220516 [SECURITY] [DLA 3009-1] cifs-utils security update",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/05/msg00020.html"
},
{
"name": "DSA-5157",
"refsource": "DEBIAN",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2022/dsa-5157"
},
{
"name": "FEDORA-2022-eb2d3ca94d",
"refsource": "",
"tags": [],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QIYZ4L6SLSYJQ446VJAO2VGAESURQNSP/"
},
{
"name": "FEDORA-2022-7fda04ab5a",
"refsource": "",
"tags": [],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HXKZLJYJJEC3TIBFLXUORRMZUKG5W676/"
},
{
"name": "FEDORA-2022-34de4f833d",
"refsource": "",
"tags": [],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5WBOLMANBYJILXQKRRK7OCR774PXJAYY/"
},
{
"name": "GLSA-202311-05",
"refsource": "",
"tags": [],
"url": "https://security.gentoo.org/glsa/202311-05"
}
]
}
},
"impact": {
"baseMetricV2": {
"acInsufInfo": false,
"cvssV2": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"userInteractionRequired": false
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
},
"lastModifiedDate": "2023-11-24T15:15Z",
"publishedDate": "2022-04-27T14:15Z"
}
}
}
GHSA-MHC8-VV44-HH59
Vulnerability from github – Published: 2022-04-28 00:00 – Updated: 2022-05-07 00:01
VLAI?
Details
In cifs-utils through 6.14, a stack-based buffer overflow when parsing the mount.cifs ip= command-line argument could lead to local attackers gaining root privileges.
Severity ?
7.8 (High)
{
"affected": [],
"aliases": [
"CVE-2022-27239"
],
"database_specific": {
"cwe_ids": [
"CWE-787"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-04-27T14:15:00Z",
"severity": "HIGH"
},
"details": "In cifs-utils through 6.14, a stack-based buffer overflow when parsing the mount.cifs ip= command-line argument could lead to local attackers gaining root privileges.",
"id": "GHSA-mhc8-vv44-hh59",
"modified": "2022-05-07T00:01:05Z",
"published": "2022-04-28T00:00:33Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-27239"
},
{
"type": "WEB",
"url": "https://github.com/piastry/cifs-utils/pull/7"
},
{
"type": "WEB",
"url": "https://github.com/piastry/cifs-utils/pull/7/commits/955fb147e97a6a74e1aaa65766de91e2c1479765"
},
{
"type": "WEB",
"url": "https://bugzilla.samba.org/show_bug.cgi?id=15025"
},
{
"type": "WEB",
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1197216"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2022/05/msg00020.html"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5WBOLMANBYJILXQKRRK7OCR774PXJAYY"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HXKZLJYJJEC3TIBFLXUORRMZUKG5W676"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QIYZ4L6SLSYJQ446VJAO2VGAESURQNSP"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5WBOLMANBYJILXQKRRK7OCR774PXJAYY"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HXKZLJYJJEC3TIBFLXUORRMZUKG5W676"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QIYZ4L6SLSYJQ446VJAO2VGAESURQNSP"
},
{
"type": "WEB",
"url": "https://security.gentoo.org/glsa/202311-05"
},
{
"type": "WEB",
"url": "https://www.debian.org/security/2022/dsa-5157"
},
{
"type": "WEB",
"url": "http://wiki.robotz.com/index.php/Linux_CIFS_Utils_and_Samba"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
FKIE_CVE-2022-27239
Vulnerability from fkie_nvd - Published: 2022-04-27 14:15 - Updated: 2024-11-21 06:55
Severity ?
Summary
In cifs-utils through 6.14, a stack-based buffer overflow when parsing the mount.cifs ip= command-line argument could lead to local attackers gaining root privileges.
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | http://wiki.robotz.com/index.php/Linux_CIFS_Utils_and_Samba | Third Party Advisory | |
| cve@mitre.org | https://bugzilla.samba.org/show_bug.cgi?id=15025 | Issue Tracking, Permissions Required, Vendor Advisory | |
| cve@mitre.org | https://bugzilla.suse.com/show_bug.cgi?id=1197216 | Issue Tracking, Patch, Third Party Advisory | |
| cve@mitre.org | https://github.com/piastry/cifs-utils/pull/7 | Issue Tracking, Patch, Third Party Advisory | |
| cve@mitre.org | https://github.com/piastry/cifs-utils/pull/7/commits/955fb147e97a6a74e1aaa65766de91e2c1479765 | Patch, Third Party Advisory | |
| cve@mitre.org | https://lists.debian.org/debian-lts-announce/2022/05/msg00020.html | Mailing List, Third Party Advisory | |
| cve@mitre.org | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5WBOLMANBYJILXQKRRK7OCR774PXJAYY/ | ||
| cve@mitre.org | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HXKZLJYJJEC3TIBFLXUORRMZUKG5W676/ | ||
| cve@mitre.org | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QIYZ4L6SLSYJQ446VJAO2VGAESURQNSP/ | ||
| cve@mitre.org | https://security.gentoo.org/glsa/202311-05 | ||
| cve@mitre.org | https://www.debian.org/security/2022/dsa-5157 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://wiki.robotz.com/index.php/Linux_CIFS_Utils_and_Samba | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.samba.org/show_bug.cgi?id=15025 | Issue Tracking, Permissions Required, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.suse.com/show_bug.cgi?id=1197216 | Issue Tracking, Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/piastry/cifs-utils/pull/7 | Issue Tracking, Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/piastry/cifs-utils/pull/7/commits/955fb147e97a6a74e1aaa65766de91e2c1479765 | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.debian.org/debian-lts-announce/2022/05/msg00020.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5WBOLMANBYJILXQKRRK7OCR774PXJAYY/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HXKZLJYJJEC3TIBFLXUORRMZUKG5W676/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QIYZ4L6SLSYJQ446VJAO2VGAESURQNSP/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/202311-05 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://www.debian.org/security/2022/dsa-5157 | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| samba | cifs-utils | * | |
| debian | debian_linux | 9.0 | |
| debian | debian_linux | 10.0 | |
| debian | debian_linux | 11.0 | |
| suse | caas_platform | 4.0 | |
| suse | enterprise_storage | 6.0 | |
| suse | enterprise_storage | 7.0 | |
| suse | linux_enterprise_point_of_service | 11.0 | |
| suse | linux_enterprise_storage | 7.1 | |
| suse | manager_proxy | 4.1 | |
| suse | manager_proxy | 4.2 | |
| suse | manager_proxy | 4.3 | |
| suse | manager_retail_branch_server | 4.1 | |
| suse | manager_retail_branch_server | 4.2 | |
| suse | manager_retail_branch_server | 4.3 | |
| suse | manager_server | 4.1 | |
| suse | manager_server | 4.2 | |
| suse | manager_server | 4.3 | |
| suse | openstack_cloud | 8.0 | |
| suse | openstack_cloud | 9.0 | |
| suse | openstack_cloud_crowbar | 8.0 | |
| suse | openstack_cloud_crowbar | 9.0 | |
| suse | linux_enterprise_desktop | 15 | |
| suse | linux_enterprise_desktop | 15 | |
| suse | linux_enterprise_high_performance_computing | 12.0 | |
| suse | linux_enterprise_high_performance_computing | 15.0 | |
| suse | linux_enterprise_high_performance_computing | 15.0 | |
| suse | linux_enterprise_high_performance_computing | 15.0 | |
| suse | linux_enterprise_high_performance_computing | 15.0 | |
| suse | linux_enterprise_high_performance_computing | 15.0 | |
| suse | linux_enterprise_high_performance_computing | 15.0 | |
| suse | linux_enterprise_high_performance_computing | 15.0 | |
| suse | linux_enterprise_micro | 5.2 | |
| suse | linux_enterprise_micro | 5.2 | |
| suse | linux_enterprise_real_time | 15.0 | |
| suse | linux_enterprise_server | 11 | |
| suse | linux_enterprise_server | 11 | |
| suse | linux_enterprise_server | 12 | |
| suse | linux_enterprise_server | 12 | |
| suse | linux_enterprise_server | 12 | |
| suse | linux_enterprise_server | 12 | |
| suse | linux_enterprise_server | 12 | |
| suse | linux_enterprise_server | 12 | |
| suse | linux_enterprise_server | 12 | |
| suse | linux_enterprise_server | 12 | |
| suse | linux_enterprise_server | 12 | |
| suse | linux_enterprise_server | 15 | |
| suse | linux_enterprise_server | 15 | |
| suse | linux_enterprise_server | 15 | |
| suse | linux_enterprise_server | 15 | |
| suse | linux_enterprise_server | 15 | |
| suse | linux_enterprise_server | 15 | |
| suse | linux_enterprise_server | 15 | |
| suse | linux_enterprise_server | 15 | |
| suse | linux_enterprise_server | 15 | |
| suse | linux_enterprise_software_development_kit | 12 | |
| hp | helion_openstack | 8.0 | |
| fedoraproject | fedora | 34 | |
| fedoraproject | fedora | 35 | |
| fedoraproject | fedora | 36 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:samba:cifs-utils:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A994C1D7-9394-43A0-976B-246980F5E77E",
"versionEndExcluding": "6.15",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FA6FEEC2-9F11-4643-8827-749718254FED",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:suse:caas_platform:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5AB27A2D-549C-450E-A09E-B3316895F052",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:suse:enterprise_storage:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3B20D44D-F87E-4692-8E04-695683F1ECE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:suse:enterprise_storage:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F7305944-AC9C-47A3-AADF-71A8B24830D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:suse:linux_enterprise_point_of_service:11.0:sp3:*:*:*:*:*:*",
"matchCriteriaId": "694479D9-16C8-4B60-A4D3-975D9E0A7F53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:suse:linux_enterprise_storage:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B264EB20-49EA-4819-A92B-0748AEFFAC68",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:suse:manager_proxy:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9910C73A-3BCD-4F56-8C7D-79CB289640A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:suse:manager_proxy:4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B0156BFA-9E83-43E6-9C73-9711AD054B5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:suse:manager_proxy:4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "CAC2D0A4-56F8-4ED6-91E2-78434A016C5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:suse:manager_retail_branch_server:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "450A3B3F-F26D-4EAB-BF5D-4C906C4A99DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:suse:manager_retail_branch_server:4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "BD5BDD59-5008-4DDC-B805-BB6B7DE8E1A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:suse:manager_retail_branch_server:4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "A69D3CCD-6590-46EF-9D3F-E903AB78E3BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:suse:manager_server:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B5810E98-7BF5-42E2-9DE9-661049ABE367",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:suse:manager_server:4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0E46DEFD-659D-4D8F-BCD8-6B8A022F8FB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:suse:manager_server:4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "A1532304-0EA2-4816-B481-C87C7386DC88",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:suse:openstack_cloud:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1C3BEB21-4080-4258-B95C-562D717AED0B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:suse:openstack_cloud:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "83F8A7D8-FD3E-4C36-AB2A-A61449BF38C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:suse:openstack_cloud_crowbar:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1675CBE5-44D3-4326-AE8B-EEB9E25D783A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:suse:openstack_cloud_crowbar:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B631400C-0A5A-45A3-9DFA-B419E83D324E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:15:sp3:*:*:*:*:*:*",
"matchCriteriaId": "ACB76FF0-B939-42E9-842B-171E929F317D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:15:sp4:*:*:*:*:*:*",
"matchCriteriaId": "F648F64B-C3F2-4B14-906D-E48345303F0E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_high_performance_computing:12.0:sp5:*:*:-:*:*:*",
"matchCriteriaId": "F8C8AD43-557D-4285-BA46-9C5785F53229",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_high_performance_computing:15.0:-:*:*:ltss:*:*:*",
"matchCriteriaId": "6CFA8943-A151-4E16-962D-75F1CB0C3C41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_high_performance_computing:15.0:sp1:*:*:espos:*:*:*",
"matchCriteriaId": "89C89474-3F7A-499E-8E7C-25952584A68C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_high_performance_computing:15.0:sp1:*:*:ltss:*:*:*",
"matchCriteriaId": "CA2E84A0-A9ED-411B-9963-647D8A95D3D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_high_performance_computing:15.0:sp2:*:*:espos:*:*:*",
"matchCriteriaId": "455B5F70-FDA0-4AE3-9C62-F0BC8E6C3D85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_high_performance_computing:15.0:sp2:*:*:ltss:*:*:*",
"matchCriteriaId": "A0E17861-F7C2-479B-B687-42419ADED014",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_high_performance_computing:15.0:sp3:*:*:-:*:*:*",
"matchCriteriaId": "75A0B727-33A9-416B-9E83-5103ABE856B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_high_performance_computing:15.0:sp4:*:*:-:*:*:*",
"matchCriteriaId": "D0E679A3-3EAC-4603-BD89-E04EE26845B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_micro:5.2:*:*:*:*:-:*:*",
"matchCriteriaId": "EACDFD9B-C423-4FD1-B9AA-0D6D7D93CB36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_micro:5.2:*:*:*:*:rancher:*:*",
"matchCriteriaId": "825D86FE-87DA-4389-8097-D7CF34718CB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_real_time:15.0:sp2:*:*:*:*:*:*",
"matchCriteriaId": "4B0AC584-5E26-4ACE-BC19-9E69A302F238",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:-:*:*",
"matchCriteriaId": "E534C201-BCC5-473C-AAA7-AAB97CEB5437",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp4:*:*:ltss:*:*:*",
"matchCriteriaId": "7B84C8D3-0B59-40DC-881D-D016A422E8CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:12:sp2:*:*:business_critical_linux:-:*:*",
"matchCriteriaId": "93A9AC01-6C1F-4025-BD7C-E02C4E3D0CD0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:12:sp3:*:*:*:sap:*:*",
"matchCriteriaId": "16729D9C-DC05-41BD-9B32-682983190CE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:12:sp3:*:*:business_critical_linux:-:*:*",
"matchCriteriaId": "EA9DC756-8E39-4AB6-B9D4-2A4100FF8D04",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:12:sp3:*:*:espos:*:*:*",
"matchCriteriaId": "77F1991E-E0D6-4BDE-BDF0-D34D6E67AAD4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:12:sp3:*:*:ltss:*:*:*",
"matchCriteriaId": "C6622CD4-DF4B-4064-BAEB-5E382C4B05C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:12:sp4:*:*:-:sap:*:*",
"matchCriteriaId": "E279968E-C62B-4888-899A-2BF57E8F8692",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:12:sp4:*:*:espos:*:*:*",
"matchCriteriaId": "65709414-EAE0-4EA7-9C5F-EBDA80FF2A9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:12:sp4:*:*:ltss:*:*:*",
"matchCriteriaId": "7E05EE7E-993C-4107-9A15-EBE0D2268239",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:12:sp5:*:*:*:sap:*:*",
"matchCriteriaId": "471E110C-10CC-4C36-BDE1-BBB27EF5C6EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:15:*:*:*:*:sap:*:*",
"matchCriteriaId": "C665A768-DBDA-4197-9159-A2791E98A84F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:15:-:*:*:espos:*:*:*",
"matchCriteriaId": "88FFABAC-A728-4172-9A1E-2B84E82219D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:15:-:*:*:ltss:*:*:*",
"matchCriteriaId": "B1065E14-69B3-4643-ACF7-3C14BF07C783",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:15:sp1:*:*:business_critical_linux:-:*:*",
"matchCriteriaId": "26FDBC27-D993-4A93-BC70-753FA21F4C11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:15:sp1:*:*:ltss:*:*:*",
"matchCriteriaId": "55A521F2-51C3-4356-A8D6-BD5A1BD60C85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:15:sp2:*:*:business_critical_linux:-:*:*",
"matchCriteriaId": "A256B5D1-49D2-4363-AAD6-30FD32F0D132",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:15:sp2:*:*:ltss:*:*:*",
"matchCriteriaId": "6E1420DB-3DF2-4A95-B703-913D67727295",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:15:sp3:*:*:*:*:*:*",
"matchCriteriaId": "6C2EACE6-C127-4B13-8002-8EEBEE8D549B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:15:sp4:*:*:*:*:*:*",
"matchCriteriaId": "72FDB554-E771-42DA-8B9E-DB5CB545A660",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:sp5:*:*:*:*:*:*",
"matchCriteriaId": "6C734CEC-64F2-4129-B52E-C81884B3AC9A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:helion_openstack:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "541BB602-443D-4D8E-A46F-5EC4A9702E17",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*",
"matchCriteriaId": "A930E247-0B43-43CB-98FF-6CE7B8189835",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
"matchCriteriaId": "80E516C0-98A4-4ADE-B69F-66A772E2BAAA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*",
"matchCriteriaId": "5C675112-476C-4D7C-BCB9-A2FB2D0BC9FD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In cifs-utils through 6.14, a stack-based buffer overflow when parsing the mount.cifs ip= command-line argument could lead to local attackers gaining root privileges."
},
{
"lang": "es",
"value": "En cifs-utils versiones hasta 6.14, un desbordamiento del b\u00fafer en la regi\u00f3n stack de la memoria cuando es analizado el argumento de l\u00ednea de comandos mount.cifs ip= podr\u00eda conllevar a que atacantes locales obtuvieran privilegios de root"
}
],
"id": "CVE-2022-27239",
"lastModified": "2024-11-21T06:55:28.487",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-04-27T14:15:09.203",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://wiki.robotz.com/index.php/Linux_CIFS_Utils_and_Samba"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Permissions Required",
"Vendor Advisory"
],
"url": "https://bugzilla.samba.org/show_bug.cgi?id=15025"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1197216"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/piastry/cifs-utils/pull/7"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/piastry/cifs-utils/pull/7/commits/955fb147e97a6a74e1aaa65766de91e2c1479765"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/05/msg00020.html"
},
{
"source": "cve@mitre.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5WBOLMANBYJILXQKRRK7OCR774PXJAYY/"
},
{
"source": "cve@mitre.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HXKZLJYJJEC3TIBFLXUORRMZUKG5W676/"
},
{
"source": "cve@mitre.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QIYZ4L6SLSYJQ446VJAO2VGAESURQNSP/"
},
{
"source": "cve@mitre.org",
"url": "https://security.gentoo.org/glsa/202311-05"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2022/dsa-5157"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://wiki.robotz.com/index.php/Linux_CIFS_Utils_and_Samba"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Permissions Required",
"Vendor Advisory"
],
"url": "https://bugzilla.samba.org/show_bug.cgi?id=15025"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1197216"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/piastry/cifs-utils/pull/7"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/piastry/cifs-utils/pull/7/commits/955fb147e97a6a74e1aaa65766de91e2c1479765"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/05/msg00020.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5WBOLMANBYJILXQKRRK7OCR774PXJAYY/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HXKZLJYJJEC3TIBFLXUORRMZUKG5W676/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QIYZ4L6SLSYJQ446VJAO2VGAESURQNSP/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/202311-05"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2022/dsa-5157"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
MSRC_CVE-2022-27239
Vulnerability from csaf_microsoft - Published: 2022-04-02 00:00 - Updated: 2022-05-11 00:00Summary
In cifs-utils through 6.14 a stack-based buffer overflow when parsing the mount.cifs ip= command-line argument could lead to local attackers gaining root privileges.
Notes
Additional Resources: To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle
Disclaimer: The information provided in the Microsoft Knowledge Base is provided \"as is\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.
7.8 (High)
Vendor Fix
6.8-6:Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade
https://learn.microsoft.com/en-us/azure/azure-lin…
Vendor Fix
6.14-2:Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade
https://learn.microsoft.com/en-us/azure/azure-lin…
References
| URL | Category | |
|---|---|---|
{
"document": {
"category": "csaf_vex",
"csaf_version": "2.0",
"distribution": {
"text": "Public",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en-US",
"notes": [
{
"category": "general",
"text": "To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle",
"title": "Additional Resources"
},
{
"category": "legal_disclaimer",
"text": "The information provided in the Microsoft Knowledge Base is provided \\\"as is\\\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.",
"title": "Disclaimer"
}
],
"publisher": {
"category": "vendor",
"contact_details": "secure@microsoft.com",
"name": "Microsoft Security Response Center",
"namespace": "https://msrc.microsoft.com"
},
"references": [
{
"category": "self",
"summary": "CVE-2022-27239 In cifs-utils through 6.14 a stack-based buffer overflow when parsing the mount.cifs ip= command-line argument could lead to local attackers gaining root privileges. - VEX",
"url": "https://msrc.microsoft.com/csaf/vex/2022/msrc_cve-2022-27239.json"
},
{
"category": "external",
"summary": "Microsoft Support Lifecycle",
"url": "https://support.microsoft.com/lifecycle"
},
{
"category": "external",
"summary": "Common Vulnerability Scoring System",
"url": "https://www.first.org/cvss"
}
],
"title": "In cifs-utils through 6.14 a stack-based buffer overflow when parsing the mount.cifs ip= command-line argument could lead to local attackers gaining root privileges.",
"tracking": {
"current_release_date": "2022-05-11T00:00:00.000Z",
"generator": {
"date": "2025-10-19T23:28:52.831Z",
"engine": {
"name": "MSRC Generator",
"version": "1.0"
}
},
"id": "msrc_CVE-2022-27239",
"initial_release_date": "2022-04-02T00:00:00.000Z",
"revision_history": [
{
"date": "2022-05-07T00:00:00.000Z",
"legacy_version": "1",
"number": "1",
"summary": "Information published."
},
{
"date": "2022-05-11T00:00:00.000Z",
"legacy_version": "1.1",
"number": "2",
"summary": "Added cifs-utils to CBL-Mariner 1.0"
}
],
"status": "final",
"version": "2"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "1.0",
"product": {
"name": "CBL Mariner 1.0",
"product_id": "16820"
}
},
{
"category": "product_version",
"name": "2.0",
"product": {
"name": "CBL Mariner 2.0",
"product_id": "17086"
}
}
],
"category": "product_name",
"name": "Azure Linux"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003ccm1 cifs-utils 6.8-6",
"product": {
"name": "\u003ccm1 cifs-utils 6.8-6",
"product_id": "2"
}
},
{
"category": "product_version",
"name": "cm1 cifs-utils 6.8-6",
"product": {
"name": "cm1 cifs-utils 6.8-6",
"product_id": "18733"
}
},
{
"category": "product_version_range",
"name": "\u003ccbl2 cifs-utils 6.14-2",
"product": {
"name": "\u003ccbl2 cifs-utils 6.14-2",
"product_id": "1"
}
},
{
"category": "product_version",
"name": "cbl2 cifs-utils 6.14-2",
"product": {
"name": "cbl2 cifs-utils 6.14-2",
"product_id": "18734"
}
}
],
"category": "product_name",
"name": "cifs-utils"
}
],
"category": "vendor",
"name": "Microsoft"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003ccm1 cifs-utils 6.8-6 as a component of CBL Mariner 1.0",
"product_id": "16820-2"
},
"product_reference": "2",
"relates_to_product_reference": "16820"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cm1 cifs-utils 6.8-6 as a component of CBL Mariner 1.0",
"product_id": "18733-16820"
},
"product_reference": "18733",
"relates_to_product_reference": "16820"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003ccbl2 cifs-utils 6.14-2 as a component of CBL Mariner 2.0",
"product_id": "17086-1"
},
"product_reference": "1",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cbl2 cifs-utils 6.14-2 as a component of CBL Mariner 2.0",
"product_id": "18734-17086"
},
"product_reference": "18734",
"relates_to_product_reference": "17086"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-27239",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "general",
"text": "mitre",
"title": "Assigning CNA"
}
],
"product_status": {
"fixed": [
"18733-16820",
"18734-17086"
],
"known_affected": [
"16820-2",
"17086-1"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2022-27239 In cifs-utils through 6.14 a stack-based buffer overflow when parsing the mount.cifs ip= command-line argument could lead to local attackers gaining root privileges. - VEX",
"url": "https://msrc.microsoft.com/csaf/vex/2022/msrc_cve-2022-27239.json"
}
],
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-07T00:00:00.000Z",
"details": "6.8-6:Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade",
"product_ids": [
"16820-2"
],
"url": "https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade"
},
{
"category": "vendor_fix",
"date": "2022-05-07T00:00:00.000Z",
"details": "6.14-2:Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade",
"product_ids": [
"17086-1"
],
"url": "https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalsScore": 0.0,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"16820-2",
"17086-1"
]
}
],
"title": "In cifs-utils through 6.14 a stack-based buffer overflow when parsing the mount.cifs ip= command-line argument could lead to local attackers gaining root privileges."
}
]
}
RHBA-2023:3052
Vulnerability from csaf_redhat - Published: 2023-05-16 08:22 - Updated: 2025-11-21 17:23Summary
Red Hat Bug Fix Advisory: cifs-utils bug fix and enhancement update
Severity
Moderate
Notes
Topic: An update for cifs-utils is now available for Red Hat Enterprise Linux 8.
Details: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.8 Release Notes linked from the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A stack-based buffer overflow issue was found in cifs-utils. Parsing the mount.cifs ip command-line argument can lead to local attackers gaining root privileges.
7.0 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHBA-2023:3052
References
| URL | Category | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for cifs-utils is now available for Red Hat Enterprise Linux 8.",
"title": "Topic"
},
{
"category": "general",
"text": "For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.8 Release Notes linked from the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHBA-2023:3052",
"url": "https://access.redhat.com/errata/RHBA-2023:3052"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.8_release_notes/index",
"url": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.8_release_notes/index"
},
{
"category": "external",
"summary": "2163373",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2163373"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhba-2023_3052.json"
}
],
"title": "Red Hat Bug Fix Advisory: cifs-utils bug fix and enhancement update",
"tracking": {
"current_release_date": "2025-11-21T17:23:22+00:00",
"generator": {
"date": "2025-11-21T17:23:22+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.12"
}
},
"id": "RHBA-2023:3052",
"initial_release_date": "2023-05-16T08:22:54+00:00",
"revision_history": [
{
"date": "2023-05-16T08:22:54+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-05-16T08:22:54+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-11-21T17:23:22+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux BaseOS (v. 8)",
"product": {
"name": "Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.8.0.GA",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:8::baseos"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux CRB (v. 8)",
"product": {
"name": "Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.8.0.GA",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:8::crb"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "cifs-utils-devel-0:7.0-1.el8.aarch64",
"product": {
"name": "cifs-utils-devel-0:7.0-1.el8.aarch64",
"product_id": "cifs-utils-devel-0:7.0-1.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cifs-utils-devel@7.0-1.el8?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "cifs-utils-debugsource-0:7.0-1.el8.aarch64",
"product": {
"name": "cifs-utils-debugsource-0:7.0-1.el8.aarch64",
"product_id": "cifs-utils-debugsource-0:7.0-1.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cifs-utils-debugsource@7.0-1.el8?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "cifs-utils-debuginfo-0:7.0-1.el8.aarch64",
"product": {
"name": "cifs-utils-debuginfo-0:7.0-1.el8.aarch64",
"product_id": "cifs-utils-debuginfo-0:7.0-1.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cifs-utils-debuginfo@7.0-1.el8?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "pam_cifscreds-debuginfo-0:7.0-1.el8.aarch64",
"product": {
"name": "pam_cifscreds-debuginfo-0:7.0-1.el8.aarch64",
"product_id": "pam_cifscreds-debuginfo-0:7.0-1.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam_cifscreds-debuginfo@7.0-1.el8?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "cifs-utils-0:7.0-1.el8.aarch64",
"product": {
"name": "cifs-utils-0:7.0-1.el8.aarch64",
"product_id": "cifs-utils-0:7.0-1.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cifs-utils@7.0-1.el8?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "pam_cifscreds-0:7.0-1.el8.aarch64",
"product": {
"name": "pam_cifscreds-0:7.0-1.el8.aarch64",
"product_id": "pam_cifscreds-0:7.0-1.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam_cifscreds@7.0-1.el8?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "cifs-utils-devel-0:7.0-1.el8.ppc64le",
"product": {
"name": "cifs-utils-devel-0:7.0-1.el8.ppc64le",
"product_id": "cifs-utils-devel-0:7.0-1.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cifs-utils-devel@7.0-1.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "cifs-utils-debugsource-0:7.0-1.el8.ppc64le",
"product": {
"name": "cifs-utils-debugsource-0:7.0-1.el8.ppc64le",
"product_id": "cifs-utils-debugsource-0:7.0-1.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cifs-utils-debugsource@7.0-1.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "cifs-utils-debuginfo-0:7.0-1.el8.ppc64le",
"product": {
"name": "cifs-utils-debuginfo-0:7.0-1.el8.ppc64le",
"product_id": "cifs-utils-debuginfo-0:7.0-1.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cifs-utils-debuginfo@7.0-1.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "pam_cifscreds-debuginfo-0:7.0-1.el8.ppc64le",
"product": {
"name": "pam_cifscreds-debuginfo-0:7.0-1.el8.ppc64le",
"product_id": "pam_cifscreds-debuginfo-0:7.0-1.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam_cifscreds-debuginfo@7.0-1.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "cifs-utils-0:7.0-1.el8.ppc64le",
"product": {
"name": "cifs-utils-0:7.0-1.el8.ppc64le",
"product_id": "cifs-utils-0:7.0-1.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cifs-utils@7.0-1.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "pam_cifscreds-0:7.0-1.el8.ppc64le",
"product": {
"name": "pam_cifscreds-0:7.0-1.el8.ppc64le",
"product_id": "pam_cifscreds-0:7.0-1.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam_cifscreds@7.0-1.el8?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "cifs-utils-devel-0:7.0-1.el8.i686",
"product": {
"name": "cifs-utils-devel-0:7.0-1.el8.i686",
"product_id": "cifs-utils-devel-0:7.0-1.el8.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cifs-utils-devel@7.0-1.el8?arch=i686"
}
}
},
{
"category": "product_version",
"name": "cifs-utils-debugsource-0:7.0-1.el8.i686",
"product": {
"name": "cifs-utils-debugsource-0:7.0-1.el8.i686",
"product_id": "cifs-utils-debugsource-0:7.0-1.el8.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cifs-utils-debugsource@7.0-1.el8?arch=i686"
}
}
},
{
"category": "product_version",
"name": "cifs-utils-debuginfo-0:7.0-1.el8.i686",
"product": {
"name": "cifs-utils-debuginfo-0:7.0-1.el8.i686",
"product_id": "cifs-utils-debuginfo-0:7.0-1.el8.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cifs-utils-debuginfo@7.0-1.el8?arch=i686"
}
}
},
{
"category": "product_version",
"name": "pam_cifscreds-debuginfo-0:7.0-1.el8.i686",
"product": {
"name": "pam_cifscreds-debuginfo-0:7.0-1.el8.i686",
"product_id": "pam_cifscreds-debuginfo-0:7.0-1.el8.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam_cifscreds-debuginfo@7.0-1.el8?arch=i686"
}
}
}
],
"category": "architecture",
"name": "i686"
},
{
"branches": [
{
"category": "product_version",
"name": "cifs-utils-devel-0:7.0-1.el8.x86_64",
"product": {
"name": "cifs-utils-devel-0:7.0-1.el8.x86_64",
"product_id": "cifs-utils-devel-0:7.0-1.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cifs-utils-devel@7.0-1.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "cifs-utils-debugsource-0:7.0-1.el8.x86_64",
"product": {
"name": "cifs-utils-debugsource-0:7.0-1.el8.x86_64",
"product_id": "cifs-utils-debugsource-0:7.0-1.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cifs-utils-debugsource@7.0-1.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "cifs-utils-debuginfo-0:7.0-1.el8.x86_64",
"product": {
"name": "cifs-utils-debuginfo-0:7.0-1.el8.x86_64",
"product_id": "cifs-utils-debuginfo-0:7.0-1.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cifs-utils-debuginfo@7.0-1.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "pam_cifscreds-debuginfo-0:7.0-1.el8.x86_64",
"product": {
"name": "pam_cifscreds-debuginfo-0:7.0-1.el8.x86_64",
"product_id": "pam_cifscreds-debuginfo-0:7.0-1.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam_cifscreds-debuginfo@7.0-1.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "cifs-utils-0:7.0-1.el8.x86_64",
"product": {
"name": "cifs-utils-0:7.0-1.el8.x86_64",
"product_id": "cifs-utils-0:7.0-1.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cifs-utils@7.0-1.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "pam_cifscreds-0:7.0-1.el8.x86_64",
"product": {
"name": "pam_cifscreds-0:7.0-1.el8.x86_64",
"product_id": "pam_cifscreds-0:7.0-1.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam_cifscreds@7.0-1.el8?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "cifs-utils-devel-0:7.0-1.el8.s390x",
"product": {
"name": "cifs-utils-devel-0:7.0-1.el8.s390x",
"product_id": "cifs-utils-devel-0:7.0-1.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cifs-utils-devel@7.0-1.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "cifs-utils-debugsource-0:7.0-1.el8.s390x",
"product": {
"name": "cifs-utils-debugsource-0:7.0-1.el8.s390x",
"product_id": "cifs-utils-debugsource-0:7.0-1.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cifs-utils-debugsource@7.0-1.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "cifs-utils-debuginfo-0:7.0-1.el8.s390x",
"product": {
"name": "cifs-utils-debuginfo-0:7.0-1.el8.s390x",
"product_id": "cifs-utils-debuginfo-0:7.0-1.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cifs-utils-debuginfo@7.0-1.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "pam_cifscreds-debuginfo-0:7.0-1.el8.s390x",
"product": {
"name": "pam_cifscreds-debuginfo-0:7.0-1.el8.s390x",
"product_id": "pam_cifscreds-debuginfo-0:7.0-1.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam_cifscreds-debuginfo@7.0-1.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "cifs-utils-0:7.0-1.el8.s390x",
"product": {
"name": "cifs-utils-0:7.0-1.el8.s390x",
"product_id": "cifs-utils-0:7.0-1.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cifs-utils@7.0-1.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "pam_cifscreds-0:7.0-1.el8.s390x",
"product": {
"name": "pam_cifscreds-0:7.0-1.el8.s390x",
"product_id": "pam_cifscreds-0:7.0-1.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pam_cifscreds@7.0-1.el8?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "cifs-utils-0:7.0-1.el8.src",
"product": {
"name": "cifs-utils-0:7.0-1.el8.src",
"product_id": "cifs-utils-0:7.0-1.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cifs-utils@7.0-1.el8?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-0:7.0-1.el8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.8.0.GA:cifs-utils-0:7.0-1.el8.aarch64"
},
"product_reference": "cifs-utils-0:7.0-1.el8.aarch64",
"relates_to_product_reference": "BaseOS-8.8.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-0:7.0-1.el8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.8.0.GA:cifs-utils-0:7.0-1.el8.ppc64le"
},
"product_reference": "cifs-utils-0:7.0-1.el8.ppc64le",
"relates_to_product_reference": "BaseOS-8.8.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-0:7.0-1.el8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.8.0.GA:cifs-utils-0:7.0-1.el8.s390x"
},
"product_reference": "cifs-utils-0:7.0-1.el8.s390x",
"relates_to_product_reference": "BaseOS-8.8.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-0:7.0-1.el8.src as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.8.0.GA:cifs-utils-0:7.0-1.el8.src"
},
"product_reference": "cifs-utils-0:7.0-1.el8.src",
"relates_to_product_reference": "BaseOS-8.8.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-0:7.0-1.el8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.8.0.GA:cifs-utils-0:7.0-1.el8.x86_64"
},
"product_reference": "cifs-utils-0:7.0-1.el8.x86_64",
"relates_to_product_reference": "BaseOS-8.8.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-debuginfo-0:7.0-1.el8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.8.0.GA:cifs-utils-debuginfo-0:7.0-1.el8.aarch64"
},
"product_reference": "cifs-utils-debuginfo-0:7.0-1.el8.aarch64",
"relates_to_product_reference": "BaseOS-8.8.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-debuginfo-0:7.0-1.el8.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.8.0.GA:cifs-utils-debuginfo-0:7.0-1.el8.i686"
},
"product_reference": "cifs-utils-debuginfo-0:7.0-1.el8.i686",
"relates_to_product_reference": "BaseOS-8.8.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-debuginfo-0:7.0-1.el8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.8.0.GA:cifs-utils-debuginfo-0:7.0-1.el8.ppc64le"
},
"product_reference": "cifs-utils-debuginfo-0:7.0-1.el8.ppc64le",
"relates_to_product_reference": "BaseOS-8.8.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-debuginfo-0:7.0-1.el8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.8.0.GA:cifs-utils-debuginfo-0:7.0-1.el8.s390x"
},
"product_reference": "cifs-utils-debuginfo-0:7.0-1.el8.s390x",
"relates_to_product_reference": "BaseOS-8.8.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-debuginfo-0:7.0-1.el8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.8.0.GA:cifs-utils-debuginfo-0:7.0-1.el8.x86_64"
},
"product_reference": "cifs-utils-debuginfo-0:7.0-1.el8.x86_64",
"relates_to_product_reference": "BaseOS-8.8.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-debugsource-0:7.0-1.el8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.8.0.GA:cifs-utils-debugsource-0:7.0-1.el8.aarch64"
},
"product_reference": "cifs-utils-debugsource-0:7.0-1.el8.aarch64",
"relates_to_product_reference": "BaseOS-8.8.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-debugsource-0:7.0-1.el8.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.8.0.GA:cifs-utils-debugsource-0:7.0-1.el8.i686"
},
"product_reference": "cifs-utils-debugsource-0:7.0-1.el8.i686",
"relates_to_product_reference": "BaseOS-8.8.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-debugsource-0:7.0-1.el8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.8.0.GA:cifs-utils-debugsource-0:7.0-1.el8.ppc64le"
},
"product_reference": "cifs-utils-debugsource-0:7.0-1.el8.ppc64le",
"relates_to_product_reference": "BaseOS-8.8.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-debugsource-0:7.0-1.el8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.8.0.GA:cifs-utils-debugsource-0:7.0-1.el8.s390x"
},
"product_reference": "cifs-utils-debugsource-0:7.0-1.el8.s390x",
"relates_to_product_reference": "BaseOS-8.8.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-debugsource-0:7.0-1.el8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.8.0.GA:cifs-utils-debugsource-0:7.0-1.el8.x86_64"
},
"product_reference": "cifs-utils-debugsource-0:7.0-1.el8.x86_64",
"relates_to_product_reference": "BaseOS-8.8.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-devel-0:7.0-1.el8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.8.0.GA:cifs-utils-devel-0:7.0-1.el8.aarch64"
},
"product_reference": "cifs-utils-devel-0:7.0-1.el8.aarch64",
"relates_to_product_reference": "BaseOS-8.8.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-devel-0:7.0-1.el8.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.8.0.GA:cifs-utils-devel-0:7.0-1.el8.i686"
},
"product_reference": "cifs-utils-devel-0:7.0-1.el8.i686",
"relates_to_product_reference": "BaseOS-8.8.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-devel-0:7.0-1.el8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.8.0.GA:cifs-utils-devel-0:7.0-1.el8.ppc64le"
},
"product_reference": "cifs-utils-devel-0:7.0-1.el8.ppc64le",
"relates_to_product_reference": "BaseOS-8.8.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-devel-0:7.0-1.el8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.8.0.GA:cifs-utils-devel-0:7.0-1.el8.s390x"
},
"product_reference": "cifs-utils-devel-0:7.0-1.el8.s390x",
"relates_to_product_reference": "BaseOS-8.8.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-devel-0:7.0-1.el8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.8.0.GA:cifs-utils-devel-0:7.0-1.el8.x86_64"
},
"product_reference": "cifs-utils-devel-0:7.0-1.el8.x86_64",
"relates_to_product_reference": "BaseOS-8.8.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam_cifscreds-0:7.0-1.el8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.8.0.GA:pam_cifscreds-0:7.0-1.el8.aarch64"
},
"product_reference": "pam_cifscreds-0:7.0-1.el8.aarch64",
"relates_to_product_reference": "BaseOS-8.8.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam_cifscreds-0:7.0-1.el8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.8.0.GA:pam_cifscreds-0:7.0-1.el8.ppc64le"
},
"product_reference": "pam_cifscreds-0:7.0-1.el8.ppc64le",
"relates_to_product_reference": "BaseOS-8.8.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam_cifscreds-0:7.0-1.el8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.8.0.GA:pam_cifscreds-0:7.0-1.el8.s390x"
},
"product_reference": "pam_cifscreds-0:7.0-1.el8.s390x",
"relates_to_product_reference": "BaseOS-8.8.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam_cifscreds-0:7.0-1.el8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.8.0.GA:pam_cifscreds-0:7.0-1.el8.x86_64"
},
"product_reference": "pam_cifscreds-0:7.0-1.el8.x86_64",
"relates_to_product_reference": "BaseOS-8.8.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam_cifscreds-debuginfo-0:7.0-1.el8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.8.0.GA:pam_cifscreds-debuginfo-0:7.0-1.el8.aarch64"
},
"product_reference": "pam_cifscreds-debuginfo-0:7.0-1.el8.aarch64",
"relates_to_product_reference": "BaseOS-8.8.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam_cifscreds-debuginfo-0:7.0-1.el8.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.8.0.GA:pam_cifscreds-debuginfo-0:7.0-1.el8.i686"
},
"product_reference": "pam_cifscreds-debuginfo-0:7.0-1.el8.i686",
"relates_to_product_reference": "BaseOS-8.8.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam_cifscreds-debuginfo-0:7.0-1.el8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.8.0.GA:pam_cifscreds-debuginfo-0:7.0-1.el8.ppc64le"
},
"product_reference": "pam_cifscreds-debuginfo-0:7.0-1.el8.ppc64le",
"relates_to_product_reference": "BaseOS-8.8.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam_cifscreds-debuginfo-0:7.0-1.el8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.8.0.GA:pam_cifscreds-debuginfo-0:7.0-1.el8.s390x"
},
"product_reference": "pam_cifscreds-debuginfo-0:7.0-1.el8.s390x",
"relates_to_product_reference": "BaseOS-8.8.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam_cifscreds-debuginfo-0:7.0-1.el8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.8.0.GA:pam_cifscreds-debuginfo-0:7.0-1.el8.x86_64"
},
"product_reference": "pam_cifscreds-debuginfo-0:7.0-1.el8.x86_64",
"relates_to_product_reference": "BaseOS-8.8.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-0:7.0-1.el8.aarch64 as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.8.0.GA:cifs-utils-0:7.0-1.el8.aarch64"
},
"product_reference": "cifs-utils-0:7.0-1.el8.aarch64",
"relates_to_product_reference": "CRB-8.8.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-0:7.0-1.el8.ppc64le as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.8.0.GA:cifs-utils-0:7.0-1.el8.ppc64le"
},
"product_reference": "cifs-utils-0:7.0-1.el8.ppc64le",
"relates_to_product_reference": "CRB-8.8.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-0:7.0-1.el8.s390x as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.8.0.GA:cifs-utils-0:7.0-1.el8.s390x"
},
"product_reference": "cifs-utils-0:7.0-1.el8.s390x",
"relates_to_product_reference": "CRB-8.8.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-0:7.0-1.el8.src as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.8.0.GA:cifs-utils-0:7.0-1.el8.src"
},
"product_reference": "cifs-utils-0:7.0-1.el8.src",
"relates_to_product_reference": "CRB-8.8.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-0:7.0-1.el8.x86_64 as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.8.0.GA:cifs-utils-0:7.0-1.el8.x86_64"
},
"product_reference": "cifs-utils-0:7.0-1.el8.x86_64",
"relates_to_product_reference": "CRB-8.8.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-debuginfo-0:7.0-1.el8.aarch64 as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.8.0.GA:cifs-utils-debuginfo-0:7.0-1.el8.aarch64"
},
"product_reference": "cifs-utils-debuginfo-0:7.0-1.el8.aarch64",
"relates_to_product_reference": "CRB-8.8.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-debuginfo-0:7.0-1.el8.i686 as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.8.0.GA:cifs-utils-debuginfo-0:7.0-1.el8.i686"
},
"product_reference": "cifs-utils-debuginfo-0:7.0-1.el8.i686",
"relates_to_product_reference": "CRB-8.8.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-debuginfo-0:7.0-1.el8.ppc64le as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.8.0.GA:cifs-utils-debuginfo-0:7.0-1.el8.ppc64le"
},
"product_reference": "cifs-utils-debuginfo-0:7.0-1.el8.ppc64le",
"relates_to_product_reference": "CRB-8.8.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-debuginfo-0:7.0-1.el8.s390x as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.8.0.GA:cifs-utils-debuginfo-0:7.0-1.el8.s390x"
},
"product_reference": "cifs-utils-debuginfo-0:7.0-1.el8.s390x",
"relates_to_product_reference": "CRB-8.8.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-debuginfo-0:7.0-1.el8.x86_64 as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.8.0.GA:cifs-utils-debuginfo-0:7.0-1.el8.x86_64"
},
"product_reference": "cifs-utils-debuginfo-0:7.0-1.el8.x86_64",
"relates_to_product_reference": "CRB-8.8.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-debugsource-0:7.0-1.el8.aarch64 as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.8.0.GA:cifs-utils-debugsource-0:7.0-1.el8.aarch64"
},
"product_reference": "cifs-utils-debugsource-0:7.0-1.el8.aarch64",
"relates_to_product_reference": "CRB-8.8.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-debugsource-0:7.0-1.el8.i686 as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.8.0.GA:cifs-utils-debugsource-0:7.0-1.el8.i686"
},
"product_reference": "cifs-utils-debugsource-0:7.0-1.el8.i686",
"relates_to_product_reference": "CRB-8.8.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-debugsource-0:7.0-1.el8.ppc64le as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.8.0.GA:cifs-utils-debugsource-0:7.0-1.el8.ppc64le"
},
"product_reference": "cifs-utils-debugsource-0:7.0-1.el8.ppc64le",
"relates_to_product_reference": "CRB-8.8.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-debugsource-0:7.0-1.el8.s390x as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.8.0.GA:cifs-utils-debugsource-0:7.0-1.el8.s390x"
},
"product_reference": "cifs-utils-debugsource-0:7.0-1.el8.s390x",
"relates_to_product_reference": "CRB-8.8.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-debugsource-0:7.0-1.el8.x86_64 as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.8.0.GA:cifs-utils-debugsource-0:7.0-1.el8.x86_64"
},
"product_reference": "cifs-utils-debugsource-0:7.0-1.el8.x86_64",
"relates_to_product_reference": "CRB-8.8.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-devel-0:7.0-1.el8.aarch64 as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.8.0.GA:cifs-utils-devel-0:7.0-1.el8.aarch64"
},
"product_reference": "cifs-utils-devel-0:7.0-1.el8.aarch64",
"relates_to_product_reference": "CRB-8.8.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-devel-0:7.0-1.el8.i686 as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.8.0.GA:cifs-utils-devel-0:7.0-1.el8.i686"
},
"product_reference": "cifs-utils-devel-0:7.0-1.el8.i686",
"relates_to_product_reference": "CRB-8.8.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-devel-0:7.0-1.el8.ppc64le as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.8.0.GA:cifs-utils-devel-0:7.0-1.el8.ppc64le"
},
"product_reference": "cifs-utils-devel-0:7.0-1.el8.ppc64le",
"relates_to_product_reference": "CRB-8.8.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-devel-0:7.0-1.el8.s390x as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.8.0.GA:cifs-utils-devel-0:7.0-1.el8.s390x"
},
"product_reference": "cifs-utils-devel-0:7.0-1.el8.s390x",
"relates_to_product_reference": "CRB-8.8.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-devel-0:7.0-1.el8.x86_64 as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.8.0.GA:cifs-utils-devel-0:7.0-1.el8.x86_64"
},
"product_reference": "cifs-utils-devel-0:7.0-1.el8.x86_64",
"relates_to_product_reference": "CRB-8.8.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam_cifscreds-0:7.0-1.el8.aarch64 as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.8.0.GA:pam_cifscreds-0:7.0-1.el8.aarch64"
},
"product_reference": "pam_cifscreds-0:7.0-1.el8.aarch64",
"relates_to_product_reference": "CRB-8.8.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam_cifscreds-0:7.0-1.el8.ppc64le as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.8.0.GA:pam_cifscreds-0:7.0-1.el8.ppc64le"
},
"product_reference": "pam_cifscreds-0:7.0-1.el8.ppc64le",
"relates_to_product_reference": "CRB-8.8.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam_cifscreds-0:7.0-1.el8.s390x as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.8.0.GA:pam_cifscreds-0:7.0-1.el8.s390x"
},
"product_reference": "pam_cifscreds-0:7.0-1.el8.s390x",
"relates_to_product_reference": "CRB-8.8.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam_cifscreds-0:7.0-1.el8.x86_64 as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.8.0.GA:pam_cifscreds-0:7.0-1.el8.x86_64"
},
"product_reference": "pam_cifscreds-0:7.0-1.el8.x86_64",
"relates_to_product_reference": "CRB-8.8.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam_cifscreds-debuginfo-0:7.0-1.el8.aarch64 as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.8.0.GA:pam_cifscreds-debuginfo-0:7.0-1.el8.aarch64"
},
"product_reference": "pam_cifscreds-debuginfo-0:7.0-1.el8.aarch64",
"relates_to_product_reference": "CRB-8.8.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam_cifscreds-debuginfo-0:7.0-1.el8.i686 as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.8.0.GA:pam_cifscreds-debuginfo-0:7.0-1.el8.i686"
},
"product_reference": "pam_cifscreds-debuginfo-0:7.0-1.el8.i686",
"relates_to_product_reference": "CRB-8.8.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam_cifscreds-debuginfo-0:7.0-1.el8.ppc64le as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.8.0.GA:pam_cifscreds-debuginfo-0:7.0-1.el8.ppc64le"
},
"product_reference": "pam_cifscreds-debuginfo-0:7.0-1.el8.ppc64le",
"relates_to_product_reference": "CRB-8.8.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam_cifscreds-debuginfo-0:7.0-1.el8.s390x as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.8.0.GA:pam_cifscreds-debuginfo-0:7.0-1.el8.s390x"
},
"product_reference": "pam_cifscreds-debuginfo-0:7.0-1.el8.s390x",
"relates_to_product_reference": "CRB-8.8.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam_cifscreds-debuginfo-0:7.0-1.el8.x86_64 as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.8.0.GA:pam_cifscreds-debuginfo-0:7.0-1.el8.x86_64"
},
"product_reference": "pam_cifscreds-debuginfo-0:7.0-1.el8.x86_64",
"relates_to_product_reference": "CRB-8.8.0.GA"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-27239",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-05-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2081040"
}
],
"notes": [
{
"category": "description",
"text": "A stack-based buffer overflow issue was found in cifs-utils. Parsing the mount.cifs ip command-line argument can lead to local attackers gaining root privileges.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "cifs-utils: stack-based buffer overflow mount.cifs may lead to local privilege escalation to root",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The mount.cifs binary file is shipped without setuid privileges as default which prevents an attacker to gain root privileges hence lowering the flaw impact.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"BaseOS-8.8.0.GA:cifs-utils-0:7.0-1.el8.aarch64",
"BaseOS-8.8.0.GA:cifs-utils-0:7.0-1.el8.ppc64le",
"BaseOS-8.8.0.GA:cifs-utils-0:7.0-1.el8.s390x",
"BaseOS-8.8.0.GA:cifs-utils-0:7.0-1.el8.src",
"BaseOS-8.8.0.GA:cifs-utils-0:7.0-1.el8.x86_64",
"BaseOS-8.8.0.GA:cifs-utils-debuginfo-0:7.0-1.el8.aarch64",
"BaseOS-8.8.0.GA:cifs-utils-debuginfo-0:7.0-1.el8.i686",
"BaseOS-8.8.0.GA:cifs-utils-debuginfo-0:7.0-1.el8.ppc64le",
"BaseOS-8.8.0.GA:cifs-utils-debuginfo-0:7.0-1.el8.s390x",
"BaseOS-8.8.0.GA:cifs-utils-debuginfo-0:7.0-1.el8.x86_64",
"BaseOS-8.8.0.GA:cifs-utils-debugsource-0:7.0-1.el8.aarch64",
"BaseOS-8.8.0.GA:cifs-utils-debugsource-0:7.0-1.el8.i686",
"BaseOS-8.8.0.GA:cifs-utils-debugsource-0:7.0-1.el8.ppc64le",
"BaseOS-8.8.0.GA:cifs-utils-debugsource-0:7.0-1.el8.s390x",
"BaseOS-8.8.0.GA:cifs-utils-debugsource-0:7.0-1.el8.x86_64",
"BaseOS-8.8.0.GA:cifs-utils-devel-0:7.0-1.el8.aarch64",
"BaseOS-8.8.0.GA:cifs-utils-devel-0:7.0-1.el8.i686",
"BaseOS-8.8.0.GA:cifs-utils-devel-0:7.0-1.el8.ppc64le",
"BaseOS-8.8.0.GA:cifs-utils-devel-0:7.0-1.el8.s390x",
"BaseOS-8.8.0.GA:cifs-utils-devel-0:7.0-1.el8.x86_64",
"BaseOS-8.8.0.GA:pam_cifscreds-0:7.0-1.el8.aarch64",
"BaseOS-8.8.0.GA:pam_cifscreds-0:7.0-1.el8.ppc64le",
"BaseOS-8.8.0.GA:pam_cifscreds-0:7.0-1.el8.s390x",
"BaseOS-8.8.0.GA:pam_cifscreds-0:7.0-1.el8.x86_64",
"BaseOS-8.8.0.GA:pam_cifscreds-debuginfo-0:7.0-1.el8.aarch64",
"BaseOS-8.8.0.GA:pam_cifscreds-debuginfo-0:7.0-1.el8.i686",
"BaseOS-8.8.0.GA:pam_cifscreds-debuginfo-0:7.0-1.el8.ppc64le",
"BaseOS-8.8.0.GA:pam_cifscreds-debuginfo-0:7.0-1.el8.s390x",
"BaseOS-8.8.0.GA:pam_cifscreds-debuginfo-0:7.0-1.el8.x86_64",
"CRB-8.8.0.GA:cifs-utils-0:7.0-1.el8.aarch64",
"CRB-8.8.0.GA:cifs-utils-0:7.0-1.el8.ppc64le",
"CRB-8.8.0.GA:cifs-utils-0:7.0-1.el8.s390x",
"CRB-8.8.0.GA:cifs-utils-0:7.0-1.el8.src",
"CRB-8.8.0.GA:cifs-utils-0:7.0-1.el8.x86_64",
"CRB-8.8.0.GA:cifs-utils-debuginfo-0:7.0-1.el8.aarch64",
"CRB-8.8.0.GA:cifs-utils-debuginfo-0:7.0-1.el8.i686",
"CRB-8.8.0.GA:cifs-utils-debuginfo-0:7.0-1.el8.ppc64le",
"CRB-8.8.0.GA:cifs-utils-debuginfo-0:7.0-1.el8.s390x",
"CRB-8.8.0.GA:cifs-utils-debuginfo-0:7.0-1.el8.x86_64",
"CRB-8.8.0.GA:cifs-utils-debugsource-0:7.0-1.el8.aarch64",
"CRB-8.8.0.GA:cifs-utils-debugsource-0:7.0-1.el8.i686",
"CRB-8.8.0.GA:cifs-utils-debugsource-0:7.0-1.el8.ppc64le",
"CRB-8.8.0.GA:cifs-utils-debugsource-0:7.0-1.el8.s390x",
"CRB-8.8.0.GA:cifs-utils-debugsource-0:7.0-1.el8.x86_64",
"CRB-8.8.0.GA:cifs-utils-devel-0:7.0-1.el8.aarch64",
"CRB-8.8.0.GA:cifs-utils-devel-0:7.0-1.el8.i686",
"CRB-8.8.0.GA:cifs-utils-devel-0:7.0-1.el8.ppc64le",
"CRB-8.8.0.GA:cifs-utils-devel-0:7.0-1.el8.s390x",
"CRB-8.8.0.GA:cifs-utils-devel-0:7.0-1.el8.x86_64",
"CRB-8.8.0.GA:pam_cifscreds-0:7.0-1.el8.aarch64",
"CRB-8.8.0.GA:pam_cifscreds-0:7.0-1.el8.ppc64le",
"CRB-8.8.0.GA:pam_cifscreds-0:7.0-1.el8.s390x",
"CRB-8.8.0.GA:pam_cifscreds-0:7.0-1.el8.x86_64",
"CRB-8.8.0.GA:pam_cifscreds-debuginfo-0:7.0-1.el8.aarch64",
"CRB-8.8.0.GA:pam_cifscreds-debuginfo-0:7.0-1.el8.i686",
"CRB-8.8.0.GA:pam_cifscreds-debuginfo-0:7.0-1.el8.ppc64le",
"CRB-8.8.0.GA:pam_cifscreds-debuginfo-0:7.0-1.el8.s390x",
"CRB-8.8.0.GA:pam_cifscreds-debuginfo-0:7.0-1.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-27239"
},
{
"category": "external",
"summary": "RHBZ#2081040",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2081040"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-27239",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27239"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-27239",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-27239"
}
],
"release_date": "2022-04-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-16T08:22:54+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"BaseOS-8.8.0.GA:cifs-utils-0:7.0-1.el8.aarch64",
"BaseOS-8.8.0.GA:cifs-utils-0:7.0-1.el8.ppc64le",
"BaseOS-8.8.0.GA:cifs-utils-0:7.0-1.el8.s390x",
"BaseOS-8.8.0.GA:cifs-utils-0:7.0-1.el8.src",
"BaseOS-8.8.0.GA:cifs-utils-0:7.0-1.el8.x86_64",
"BaseOS-8.8.0.GA:cifs-utils-debuginfo-0:7.0-1.el8.aarch64",
"BaseOS-8.8.0.GA:cifs-utils-debuginfo-0:7.0-1.el8.i686",
"BaseOS-8.8.0.GA:cifs-utils-debuginfo-0:7.0-1.el8.ppc64le",
"BaseOS-8.8.0.GA:cifs-utils-debuginfo-0:7.0-1.el8.s390x",
"BaseOS-8.8.0.GA:cifs-utils-debuginfo-0:7.0-1.el8.x86_64",
"BaseOS-8.8.0.GA:cifs-utils-debugsource-0:7.0-1.el8.aarch64",
"BaseOS-8.8.0.GA:cifs-utils-debugsource-0:7.0-1.el8.i686",
"BaseOS-8.8.0.GA:cifs-utils-debugsource-0:7.0-1.el8.ppc64le",
"BaseOS-8.8.0.GA:cifs-utils-debugsource-0:7.0-1.el8.s390x",
"BaseOS-8.8.0.GA:cifs-utils-debugsource-0:7.0-1.el8.x86_64",
"BaseOS-8.8.0.GA:cifs-utils-devel-0:7.0-1.el8.aarch64",
"BaseOS-8.8.0.GA:cifs-utils-devel-0:7.0-1.el8.i686",
"BaseOS-8.8.0.GA:cifs-utils-devel-0:7.0-1.el8.ppc64le",
"BaseOS-8.8.0.GA:cifs-utils-devel-0:7.0-1.el8.s390x",
"BaseOS-8.8.0.GA:cifs-utils-devel-0:7.0-1.el8.x86_64",
"BaseOS-8.8.0.GA:pam_cifscreds-0:7.0-1.el8.aarch64",
"BaseOS-8.8.0.GA:pam_cifscreds-0:7.0-1.el8.ppc64le",
"BaseOS-8.8.0.GA:pam_cifscreds-0:7.0-1.el8.s390x",
"BaseOS-8.8.0.GA:pam_cifscreds-0:7.0-1.el8.x86_64",
"BaseOS-8.8.0.GA:pam_cifscreds-debuginfo-0:7.0-1.el8.aarch64",
"BaseOS-8.8.0.GA:pam_cifscreds-debuginfo-0:7.0-1.el8.i686",
"BaseOS-8.8.0.GA:pam_cifscreds-debuginfo-0:7.0-1.el8.ppc64le",
"BaseOS-8.8.0.GA:pam_cifscreds-debuginfo-0:7.0-1.el8.s390x",
"BaseOS-8.8.0.GA:pam_cifscreds-debuginfo-0:7.0-1.el8.x86_64",
"CRB-8.8.0.GA:cifs-utils-0:7.0-1.el8.aarch64",
"CRB-8.8.0.GA:cifs-utils-0:7.0-1.el8.ppc64le",
"CRB-8.8.0.GA:cifs-utils-0:7.0-1.el8.s390x",
"CRB-8.8.0.GA:cifs-utils-0:7.0-1.el8.src",
"CRB-8.8.0.GA:cifs-utils-0:7.0-1.el8.x86_64",
"CRB-8.8.0.GA:cifs-utils-debuginfo-0:7.0-1.el8.aarch64",
"CRB-8.8.0.GA:cifs-utils-debuginfo-0:7.0-1.el8.i686",
"CRB-8.8.0.GA:cifs-utils-debuginfo-0:7.0-1.el8.ppc64le",
"CRB-8.8.0.GA:cifs-utils-debuginfo-0:7.0-1.el8.s390x",
"CRB-8.8.0.GA:cifs-utils-debuginfo-0:7.0-1.el8.x86_64",
"CRB-8.8.0.GA:cifs-utils-debugsource-0:7.0-1.el8.aarch64",
"CRB-8.8.0.GA:cifs-utils-debugsource-0:7.0-1.el8.i686",
"CRB-8.8.0.GA:cifs-utils-debugsource-0:7.0-1.el8.ppc64le",
"CRB-8.8.0.GA:cifs-utils-debugsource-0:7.0-1.el8.s390x",
"CRB-8.8.0.GA:cifs-utils-debugsource-0:7.0-1.el8.x86_64",
"CRB-8.8.0.GA:cifs-utils-devel-0:7.0-1.el8.aarch64",
"CRB-8.8.0.GA:cifs-utils-devel-0:7.0-1.el8.i686",
"CRB-8.8.0.GA:cifs-utils-devel-0:7.0-1.el8.ppc64le",
"CRB-8.8.0.GA:cifs-utils-devel-0:7.0-1.el8.s390x",
"CRB-8.8.0.GA:cifs-utils-devel-0:7.0-1.el8.x86_64",
"CRB-8.8.0.GA:pam_cifscreds-0:7.0-1.el8.aarch64",
"CRB-8.8.0.GA:pam_cifscreds-0:7.0-1.el8.ppc64le",
"CRB-8.8.0.GA:pam_cifscreds-0:7.0-1.el8.s390x",
"CRB-8.8.0.GA:pam_cifscreds-0:7.0-1.el8.x86_64",
"CRB-8.8.0.GA:pam_cifscreds-debuginfo-0:7.0-1.el8.aarch64",
"CRB-8.8.0.GA:pam_cifscreds-debuginfo-0:7.0-1.el8.i686",
"CRB-8.8.0.GA:pam_cifscreds-debuginfo-0:7.0-1.el8.ppc64le",
"CRB-8.8.0.GA:pam_cifscreds-debuginfo-0:7.0-1.el8.s390x",
"CRB-8.8.0.GA:pam_cifscreds-debuginfo-0:7.0-1.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2023:3052"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"BaseOS-8.8.0.GA:cifs-utils-0:7.0-1.el8.aarch64",
"BaseOS-8.8.0.GA:cifs-utils-0:7.0-1.el8.ppc64le",
"BaseOS-8.8.0.GA:cifs-utils-0:7.0-1.el8.s390x",
"BaseOS-8.8.0.GA:cifs-utils-0:7.0-1.el8.src",
"BaseOS-8.8.0.GA:cifs-utils-0:7.0-1.el8.x86_64",
"BaseOS-8.8.0.GA:cifs-utils-debuginfo-0:7.0-1.el8.aarch64",
"BaseOS-8.8.0.GA:cifs-utils-debuginfo-0:7.0-1.el8.i686",
"BaseOS-8.8.0.GA:cifs-utils-debuginfo-0:7.0-1.el8.ppc64le",
"BaseOS-8.8.0.GA:cifs-utils-debuginfo-0:7.0-1.el8.s390x",
"BaseOS-8.8.0.GA:cifs-utils-debuginfo-0:7.0-1.el8.x86_64",
"BaseOS-8.8.0.GA:cifs-utils-debugsource-0:7.0-1.el8.aarch64",
"BaseOS-8.8.0.GA:cifs-utils-debugsource-0:7.0-1.el8.i686",
"BaseOS-8.8.0.GA:cifs-utils-debugsource-0:7.0-1.el8.ppc64le",
"BaseOS-8.8.0.GA:cifs-utils-debugsource-0:7.0-1.el8.s390x",
"BaseOS-8.8.0.GA:cifs-utils-debugsource-0:7.0-1.el8.x86_64",
"BaseOS-8.8.0.GA:cifs-utils-devel-0:7.0-1.el8.aarch64",
"BaseOS-8.8.0.GA:cifs-utils-devel-0:7.0-1.el8.i686",
"BaseOS-8.8.0.GA:cifs-utils-devel-0:7.0-1.el8.ppc64le",
"BaseOS-8.8.0.GA:cifs-utils-devel-0:7.0-1.el8.s390x",
"BaseOS-8.8.0.GA:cifs-utils-devel-0:7.0-1.el8.x86_64",
"BaseOS-8.8.0.GA:pam_cifscreds-0:7.0-1.el8.aarch64",
"BaseOS-8.8.0.GA:pam_cifscreds-0:7.0-1.el8.ppc64le",
"BaseOS-8.8.0.GA:pam_cifscreds-0:7.0-1.el8.s390x",
"BaseOS-8.8.0.GA:pam_cifscreds-0:7.0-1.el8.x86_64",
"BaseOS-8.8.0.GA:pam_cifscreds-debuginfo-0:7.0-1.el8.aarch64",
"BaseOS-8.8.0.GA:pam_cifscreds-debuginfo-0:7.0-1.el8.i686",
"BaseOS-8.8.0.GA:pam_cifscreds-debuginfo-0:7.0-1.el8.ppc64le",
"BaseOS-8.8.0.GA:pam_cifscreds-debuginfo-0:7.0-1.el8.s390x",
"BaseOS-8.8.0.GA:pam_cifscreds-debuginfo-0:7.0-1.el8.x86_64",
"CRB-8.8.0.GA:cifs-utils-0:7.0-1.el8.aarch64",
"CRB-8.8.0.GA:cifs-utils-0:7.0-1.el8.ppc64le",
"CRB-8.8.0.GA:cifs-utils-0:7.0-1.el8.s390x",
"CRB-8.8.0.GA:cifs-utils-0:7.0-1.el8.src",
"CRB-8.8.0.GA:cifs-utils-0:7.0-1.el8.x86_64",
"CRB-8.8.0.GA:cifs-utils-debuginfo-0:7.0-1.el8.aarch64",
"CRB-8.8.0.GA:cifs-utils-debuginfo-0:7.0-1.el8.i686",
"CRB-8.8.0.GA:cifs-utils-debuginfo-0:7.0-1.el8.ppc64le",
"CRB-8.8.0.GA:cifs-utils-debuginfo-0:7.0-1.el8.s390x",
"CRB-8.8.0.GA:cifs-utils-debuginfo-0:7.0-1.el8.x86_64",
"CRB-8.8.0.GA:cifs-utils-debugsource-0:7.0-1.el8.aarch64",
"CRB-8.8.0.GA:cifs-utils-debugsource-0:7.0-1.el8.i686",
"CRB-8.8.0.GA:cifs-utils-debugsource-0:7.0-1.el8.ppc64le",
"CRB-8.8.0.GA:cifs-utils-debugsource-0:7.0-1.el8.s390x",
"CRB-8.8.0.GA:cifs-utils-debugsource-0:7.0-1.el8.x86_64",
"CRB-8.8.0.GA:cifs-utils-devel-0:7.0-1.el8.aarch64",
"CRB-8.8.0.GA:cifs-utils-devel-0:7.0-1.el8.i686",
"CRB-8.8.0.GA:cifs-utils-devel-0:7.0-1.el8.ppc64le",
"CRB-8.8.0.GA:cifs-utils-devel-0:7.0-1.el8.s390x",
"CRB-8.8.0.GA:cifs-utils-devel-0:7.0-1.el8.x86_64",
"CRB-8.8.0.GA:pam_cifscreds-0:7.0-1.el8.aarch64",
"CRB-8.8.0.GA:pam_cifscreds-0:7.0-1.el8.ppc64le",
"CRB-8.8.0.GA:pam_cifscreds-0:7.0-1.el8.s390x",
"CRB-8.8.0.GA:pam_cifscreds-0:7.0-1.el8.x86_64",
"CRB-8.8.0.GA:pam_cifscreds-debuginfo-0:7.0-1.el8.aarch64",
"CRB-8.8.0.GA:pam_cifscreds-debuginfo-0:7.0-1.el8.i686",
"CRB-8.8.0.GA:pam_cifscreds-debuginfo-0:7.0-1.el8.ppc64le",
"CRB-8.8.0.GA:pam_cifscreds-debuginfo-0:7.0-1.el8.s390x",
"CRB-8.8.0.GA:pam_cifscreds-debuginfo-0:7.0-1.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "cifs-utils: stack-based buffer overflow mount.cifs may lead to local privilege escalation to root"
}
]
}
OPENSUSE-SU-2024:12087-1
Vulnerability from csaf_opensuse - Published: 2024-06-15 00:00 - Updated: 2024-06-15 00:00Summary
cifs-utils-6.15-1.1 on GA media
Severity
Moderate
Notes
Title of the patch: cifs-utils-6.15-1.1 on GA media
Description of the patch: These are all security issues fixed in the cifs-utils-6.15-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames: openSUSE-Tumbleweed-2024-12087
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
6.7 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
References
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "cifs-utils-6.15-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the cifs-utils-6.15-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2024-12087",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_12087-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-27239 page",
"url": "https://www.suse.com/security/cve/CVE-2022-27239/"
}
],
"title": "cifs-utils-6.15-1.1 on GA media",
"tracking": {
"current_release_date": "2024-06-15T00:00:00Z",
"generator": {
"date": "2024-06-15T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2024:12087-1",
"initial_release_date": "2024-06-15T00:00:00Z",
"revision_history": [
{
"date": "2024-06-15T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "cifs-utils-6.15-1.1.aarch64",
"product": {
"name": "cifs-utils-6.15-1.1.aarch64",
"product_id": "cifs-utils-6.15-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "cifs-utils-devel-6.15-1.1.aarch64",
"product": {
"name": "cifs-utils-devel-6.15-1.1.aarch64",
"product_id": "cifs-utils-devel-6.15-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "pam_cifscreds-6.15-1.1.aarch64",
"product": {
"name": "pam_cifscreds-6.15-1.1.aarch64",
"product_id": "pam_cifscreds-6.15-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "cifs-utils-6.15-1.1.ppc64le",
"product": {
"name": "cifs-utils-6.15-1.1.ppc64le",
"product_id": "cifs-utils-6.15-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "cifs-utils-devel-6.15-1.1.ppc64le",
"product": {
"name": "cifs-utils-devel-6.15-1.1.ppc64le",
"product_id": "cifs-utils-devel-6.15-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "pam_cifscreds-6.15-1.1.ppc64le",
"product": {
"name": "pam_cifscreds-6.15-1.1.ppc64le",
"product_id": "pam_cifscreds-6.15-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "cifs-utils-6.15-1.1.s390x",
"product": {
"name": "cifs-utils-6.15-1.1.s390x",
"product_id": "cifs-utils-6.15-1.1.s390x"
}
},
{
"category": "product_version",
"name": "cifs-utils-devel-6.15-1.1.s390x",
"product": {
"name": "cifs-utils-devel-6.15-1.1.s390x",
"product_id": "cifs-utils-devel-6.15-1.1.s390x"
}
},
{
"category": "product_version",
"name": "pam_cifscreds-6.15-1.1.s390x",
"product": {
"name": "pam_cifscreds-6.15-1.1.s390x",
"product_id": "pam_cifscreds-6.15-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "cifs-utils-6.15-1.1.x86_64",
"product": {
"name": "cifs-utils-6.15-1.1.x86_64",
"product_id": "cifs-utils-6.15-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "cifs-utils-devel-6.15-1.1.x86_64",
"product": {
"name": "cifs-utils-devel-6.15-1.1.x86_64",
"product_id": "cifs-utils-devel-6.15-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "pam_cifscreds-6.15-1.1.x86_64",
"product": {
"name": "pam_cifscreds-6.15-1.1.x86_64",
"product_id": "pam_cifscreds-6.15-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-6.15-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:cifs-utils-6.15-1.1.aarch64"
},
"product_reference": "cifs-utils-6.15-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-6.15-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:cifs-utils-6.15-1.1.ppc64le"
},
"product_reference": "cifs-utils-6.15-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-6.15-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:cifs-utils-6.15-1.1.s390x"
},
"product_reference": "cifs-utils-6.15-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-6.15-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:cifs-utils-6.15-1.1.x86_64"
},
"product_reference": "cifs-utils-6.15-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-devel-6.15-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:cifs-utils-devel-6.15-1.1.aarch64"
},
"product_reference": "cifs-utils-devel-6.15-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-devel-6.15-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:cifs-utils-devel-6.15-1.1.ppc64le"
},
"product_reference": "cifs-utils-devel-6.15-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-devel-6.15-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:cifs-utils-devel-6.15-1.1.s390x"
},
"product_reference": "cifs-utils-devel-6.15-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cifs-utils-devel-6.15-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:cifs-utils-devel-6.15-1.1.x86_64"
},
"product_reference": "cifs-utils-devel-6.15-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam_cifscreds-6.15-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:pam_cifscreds-6.15-1.1.aarch64"
},
"product_reference": "pam_cifscreds-6.15-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam_cifscreds-6.15-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:pam_cifscreds-6.15-1.1.ppc64le"
},
"product_reference": "pam_cifscreds-6.15-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam_cifscreds-6.15-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:pam_cifscreds-6.15-1.1.s390x"
},
"product_reference": "pam_cifscreds-6.15-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pam_cifscreds-6.15-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:pam_cifscreds-6.15-1.1.x86_64"
},
"product_reference": "pam_cifscreds-6.15-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-27239",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-27239"
}
],
"notes": [
{
"category": "general",
"text": "In cifs-utils through 6.14, a stack-based buffer overflow when parsing the mount.cifs ip= command-line argument could lead to local attackers gaining root privileges.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:cifs-utils-6.15-1.1.aarch64",
"openSUSE Tumbleweed:cifs-utils-6.15-1.1.ppc64le",
"openSUSE Tumbleweed:cifs-utils-6.15-1.1.s390x",
"openSUSE Tumbleweed:cifs-utils-6.15-1.1.x86_64",
"openSUSE Tumbleweed:cifs-utils-devel-6.15-1.1.aarch64",
"openSUSE Tumbleweed:cifs-utils-devel-6.15-1.1.ppc64le",
"openSUSE Tumbleweed:cifs-utils-devel-6.15-1.1.s390x",
"openSUSE Tumbleweed:cifs-utils-devel-6.15-1.1.x86_64",
"openSUSE Tumbleweed:pam_cifscreds-6.15-1.1.aarch64",
"openSUSE Tumbleweed:pam_cifscreds-6.15-1.1.ppc64le",
"openSUSE Tumbleweed:pam_cifscreds-6.15-1.1.s390x",
"openSUSE Tumbleweed:pam_cifscreds-6.15-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-27239",
"url": "https://www.suse.com/security/cve/CVE-2022-27239"
},
{
"category": "external",
"summary": "SUSE Bug 1197216 for CVE-2022-27239",
"url": "https://bugzilla.suse.com/1197216"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:cifs-utils-6.15-1.1.aarch64",
"openSUSE Tumbleweed:cifs-utils-6.15-1.1.ppc64le",
"openSUSE Tumbleweed:cifs-utils-6.15-1.1.s390x",
"openSUSE Tumbleweed:cifs-utils-6.15-1.1.x86_64",
"openSUSE Tumbleweed:cifs-utils-devel-6.15-1.1.aarch64",
"openSUSE Tumbleweed:cifs-utils-devel-6.15-1.1.ppc64le",
"openSUSE Tumbleweed:cifs-utils-devel-6.15-1.1.s390x",
"openSUSE Tumbleweed:cifs-utils-devel-6.15-1.1.x86_64",
"openSUSE Tumbleweed:pam_cifscreds-6.15-1.1.aarch64",
"openSUSE Tumbleweed:pam_cifscreds-6.15-1.1.ppc64le",
"openSUSE Tumbleweed:pam_cifscreds-6.15-1.1.s390x",
"openSUSE Tumbleweed:pam_cifscreds-6.15-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:cifs-utils-6.15-1.1.aarch64",
"openSUSE Tumbleweed:cifs-utils-6.15-1.1.ppc64le",
"openSUSE Tumbleweed:cifs-utils-6.15-1.1.s390x",
"openSUSE Tumbleweed:cifs-utils-6.15-1.1.x86_64",
"openSUSE Tumbleweed:cifs-utils-devel-6.15-1.1.aarch64",
"openSUSE Tumbleweed:cifs-utils-devel-6.15-1.1.ppc64le",
"openSUSE Tumbleweed:cifs-utils-devel-6.15-1.1.s390x",
"openSUSE Tumbleweed:cifs-utils-devel-6.15-1.1.x86_64",
"openSUSE Tumbleweed:pam_cifscreds-6.15-1.1.aarch64",
"openSUSE Tumbleweed:pam_cifscreds-6.15-1.1.ppc64le",
"openSUSE Tumbleweed:pam_cifscreds-6.15-1.1.s390x",
"openSUSE Tumbleweed:pam_cifscreds-6.15-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2022-27239"
}
]
}
Loading…
Show additional events:
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…