CVE-2022-27239

Related Files

Gentoo Linux Security Advisory 202311-05

Posted Nov 25, 2023

Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202311-5 - Multiple vulnerabilities have been discovered in LinuxCIFS utils, the worst of which can lead to local root privilege escalation. Versions greater than or equal to 6.15 are affected.

tags | advisory, local, root, vulnerability

systems | linux, gentoo

advisories | CVE-2022-27239, CVE-2022-29869

SHA-256 | 2df3a244ab0a653e6ab0651e00d597833f4a9040f9e8b554d3af1aa0e1eab561

Download | Favorite | View

Debian Security Advisory 5157-1

Posted Jun 28, 2022

Authored by Debian | Site debian.org

Debian Linux Security Advisory 5157-1 - Jeffrey Bencteux reported two vulnerabilities in cifs-utils, the Common Internet File System utilities, which can result in escalation of privileges (CVE-2022-27239) or an information leak (CVE-2022-29869).

tags | advisory, vulnerability

systems | linux, debian

advisories | CVE-2022-27239, CVE-2022-29869

SHA-256 | e9e99e95a503b8fd17bc9925f7fa0a417a022dff508cb9dbbc61b6e4de1d414e

Download | Favorite | View

Ubuntu Security Notice USN-5459-1

Posted Jun 3, 2022

Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5459-1 - Aurélien Aptel discovered that cifs-utils invoked a shell when requesting a password. In certain environments, a local attacker could possibly use this issue to escalate privileges. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. It was discovered that cifs-utils incorrectly used host credentials when mounting a krb5 CIFS file system from within a container. An attacker inside a container could possibly use this issue to obtain access to sensitive information. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS.

tags | advisory, shell, local

systems | linux, ubuntu

advisories | CVE-2020-14342, CVE-2021-20208, CVE-2022-27239, CVE-2022-29869

SHA-256 | 2742ad8c53c8d4078d2663f3a6a291fda0c5b7a8aaddb41246e402f6bb7d11f1

Download | Favorite | View