CVE-2022-27239

Опубликовано: 27 апр. 2022

Источник: debian

EPSS Низкий

Описание

In cifs-utils through 6.14, a stack-based buffer overflow when parsing the mount.cifs ip= command-line argument could lead to local attackers gaining root privileges.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
cifs-utils	fixed	2:6.14-1.1		package

Примечания

https://bugzilla.samba.org/show_bug.cgi?id=15025
https://bugzilla.suse.com/show_bug.cgi?id=1197216
https://github.com/piastry/cifs-utils/pull/7
https://git.samba.org/cifs-utils.git/?p=cifs-utils.git;a=commit;h=007c07fd91b6d42f8bd45187cf78ebb06801139d (cifs-utils-6.15)

EPSS

Процентиль: 14%

0.00045

Низкий

Связанные уязвимости

CVE-2022-27239

CVSS3: 7.8

ubuntu

больше 3 лет назад

In cifs-utils through 6.14, a stack-based buffer overflow when parsing the mount.cifs ip= command-line argument could lead to local attackers gaining root privileges.

CVE-2022-27239

CVSS3: 7

redhat

больше 3 лет назад

In cifs-utils through 6.14, a stack-based buffer overflow when parsing the mount.cifs ip= command-line argument could lead to local attackers gaining root privileges.

CVE-2022-27239

CVSS3: 7.8

nvd

больше 3 лет назад

In cifs-utils through 6.14, a stack-based buffer overflow when parsing the mount.cifs ip= command-line argument could lead to local attackers gaining root privileges.

CVE-2022-27239

CVSS3: 7.8

msrc

больше 3 лет назад

Описание отсутствует

SUSE-SU-2022:2378-1

suse-cvrf

больше 3 лет назад

Security update for cifs-utils

EPSS

Процентиль: 14%

0.00045

Низкий