CVE-2022-27239: Buffer Overflow
First published: Wed Apr 27 2022(Updated: )
In cifs-utils through 6.14, a stack-based buffer overflow when parsing the mount.cifs ip= command-line argument could lead to local attackers gaining root privileges.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| debian/cifs-utils | <=2:6.11-3.1<=2:6.8-2<=2:6.14-1 | 2:6.14-1.1 2:6.11-3.1+deb11u1 2:6.8-2+deb10u1 |
| debian/cifs-utils | 2:6.8-2+deb10u1 2:6.11-3.1+deb11u1 2:7.0-2 | |
| Samba | <6.15 | |
| Debian | =9.0 | |
| Debian | =10.0 | |
| Debian | =11.0 | |
| SUSE CaaS Platform | =4.0 | |
| SUSE Enterprise Storage | =6.0 | |
| SUSE Enterprise Storage | =7.0 | |
| SUSE Linux Enterprise Point of Service | =11.0-sp3 | |
| suse linux enterprise storage | =7.1 | |
| suse manager proxy | =4.1 | |
| suse manager proxy | =4.2 | |
| suse manager proxy | =4.3 | |
| suse manager retail branch server | =4.1 | |
| suse manager retail branch server | =4.2 | |
| suse manager retail branch server | =4.3 | |
| SUSE Manager Server | =4.1 | |
| SUSE Manager Server | =4.2 | |
| SUSE Manager Server | =4.3 | |
| openSUSE OpenStack Cloud | =8.0 | |
| openSUSE OpenStack Cloud | =9.0 | |
| Dell Crowbar | =8.0 | |
| Dell Crowbar | =9.0 | |
| SUSE Linux Enterprise Desktop with Beagle | =15-sp3 | |
| SUSE Linux Enterprise Desktop with Beagle | =15-sp4 | |
| SUSE Linux Enterprise High Performance Computing | =12.0-sp5 | |
| SUSE Linux Enterprise High Performance Computing | =15.0 | |
| SUSE Linux Enterprise High Performance Computing | =15.0-sp1 | |
| SUSE Linux Enterprise High Performance Computing | =15.0-sp1 | |
| SUSE Linux Enterprise High Performance Computing | =15.0-sp2 | |
| SUSE Linux Enterprise High Performance Computing | =15.0-sp2 | |
| SUSE Linux Enterprise High Performance Computing | =15.0-sp3 | |
| SUSE Linux Enterprise High Performance Computing | =15.0-sp4 | |
| suse linux enterprise micro | =5.2 | |
| suse linux enterprise micro rancher | =5.2 | |
| SUSE Linux Enterprise Real Time Extension | =15.0-sp2 | |
| SUSE Linux Enterprise Server | =11-sp3 | |
| SUSE Linux Enterprise Server | =11-sp4 | |
| SUSE Linux Enterprise Server | =12-sp2 | |
| suse linux enterprise server sap | =12-sp3 | |
| SUSE Linux Enterprise Server | =12-sp3 | |
| SUSE Linux Enterprise Server | =12-sp3 | |
| SUSE Linux Enterprise Server | =12-sp3 | |
| suse linux enterprise server sap | =12-sp4 | |
| SUSE Linux Enterprise Server | =12-sp4 | |
| SUSE Linux Enterprise Server | =12-sp4 | |
| suse linux enterprise server sap | =12-sp5 | |
| suse linux enterprise server sap | =15 | |
| SUSE Linux Enterprise Server | =15 | |
| SUSE Linux Enterprise Server | =15 | |
| SUSE Linux Enterprise Server | =15-sp1 | |
| SUSE Linux Enterprise Server | =15-sp1 | |
| SUSE Linux Enterprise Server | =15-sp2 | |
| SUSE Linux Enterprise Server | =15-sp2 | |
| SUSE Linux Enterprise Server | =15-sp3 | |
| SUSE Linux Enterprise Server | =15-sp4 | |
| SUSE Linux Enterprise Software Development Kit | =12-sp5 | |
| HP Helion OpenStack | =8.0 | |
| Fedora | =34 | |
| Fedora | =35 | |
| Fedora | =36 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://security-tracker.debian.org/tracker/CVE-2022-27239
- https://security-tracker.debian.org/tracker/CVE-2022-29869
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27239
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29869
- https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1010818
- https://bugzilla.samba.org/show_bug.cgi?id=15025
- https://bugzilla.suse.com/show_bug.cgi?id=1197216
- https://github.com/piastry/cifs-utils/pull/7
- https://git.samba.org/cifs-utils.git/?p=cifs-utils.git;a=commit;h=007c07fd91b6d42f8bd45187cf78ebb06801139d
- http://wiki.robotz.com/index.php/Linux_CIFS_Utils_and_Samba
- https://github.com/piastry/cifs-utils/pull/7/commits/955fb147e97a6a74e1aaa65766de91e2c1479765
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QIYZ4L6SLSYJQ446VJAO2VGAESURQNSP/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HXKZLJYJJEC3TIBFLXUORRMZUKG5W676/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5WBOLMANBYJILXQKRRK7OCR774PXJAYY/
- https://lists.debian.org/debian-lts-announce/2022/05/msg00020.html
- https://www.debian.org/security/2022/dsa-5157
- https://security.gentoo.org/glsa/202311-05
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5WBOLMANBYJILXQKRRK7OCR774PXJAYY/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HXKZLJYJJEC3TIBFLXUORRMZUKG5W676/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QIYZ4L6SLSYJQ446VJAO2VGAESURQNSP/
Frequently Asked Questions
What is the severity of CVE-2022-27239?
CVE-2022-27239 is classified as a high severity vulnerability due to the potential for local attackers to gain root privileges.
How do I fix CVE-2022-27239?
To fix CVE-2022-27239, update cifs-utils to version 6.15 or later.
Who is affected by CVE-2022-27239?
CVE-2022-27239 affects versions of cifs-utils prior to 6.15 across various Debian and SUSE Linux distributions.
What types of attacks can exploit CVE-2022-27239?
CVE-2022-27239 can be exploited by local attackers through a stack-based buffer overflow when parsing the mount.cifs ip= command-line argument.
What is the impact of CVE-2022-27239 on systems?
The impact of CVE-2022-27239 is that it allows local attackers to execute arbitrary code with elevated privileges.
- collector/debian-bugs
- alias/CVE-2022-27239
- collector/security-tracker-debian
- agent/type
- agent/event
- agent/first-publish-date
- agent/remedy
- agent/weakness
- agent/severity
- agent/references
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/source
- agent/author
- collector/nvd-api
- agent/software-canonical-lookup-request
- collector/nvd-index
- agent/softwarecombine
- agent/tags
- package-manager/debian
- vendor/samba
- canonical/samba
- vendor/debian
- canonical/debian
- version/debian/9.0
- version/debian/10.0
- version/debian/11.0
- vendor/suse
- canonical/suse caas platform
- version/suse caas platform/4.0
- canonical/suse enterprise storage
- version/suse enterprise storage/6.0
- version/suse enterprise storage/7.0
- canonical/suse linux enterprise point of service
- version/suse linux enterprise point of service/11.0-sp3
- canonical/suse linux enterprise storage
- version/suse linux enterprise storage/7.1
- canonical/suse manager proxy
- version/suse manager proxy/4.1
- version/suse manager proxy/4.2
- version/suse manager proxy/4.3
- canonical/suse manager retail branch server
- version/suse manager retail branch server/4.1
- version/suse manager retail branch server/4.2
- version/suse manager retail branch server/4.3
- canonical/suse manager server
- version/suse manager server/4.1
- version/suse manager server/4.2
- version/suse manager server/4.3
- canonical/opensuse openstack cloud
- version/opensuse openstack cloud/8.0
- version/opensuse openstack cloud/9.0
- canonical/dell crowbar
- version/dell crowbar/8.0
- version/dell crowbar/9.0
- canonical/suse linux enterprise desktop with beagle
- version/suse linux enterprise desktop with beagle/15-sp3
- version/suse linux enterprise desktop with beagle/15-sp4
- canonical/suse linux enterprise high performance computing
- version/suse linux enterprise high performance computing/12.0-sp5
- version/suse linux enterprise high performance computing/15.0
- version/suse linux enterprise high performance computing/15.0-sp1
- version/suse linux enterprise high performance computing/15.0-sp2
- version/suse linux enterprise high performance computing/15.0-sp3
- version/suse linux enterprise high performance computing/15.0-sp4
- canonical/suse linux enterprise micro
- version/suse linux enterprise micro/5.2
- canonical/suse linux enterprise micro rancher
- version/suse linux enterprise micro rancher/5.2
- canonical/suse linux enterprise real time extension
- version/suse linux enterprise real time extension/15.0-sp2
- canonical/suse linux enterprise server
- version/suse linux enterprise server/11-sp3
- version/suse linux enterprise server/11-sp4
- version/suse linux enterprise server/12-sp2
- canonical/suse linux enterprise server sap
- version/suse linux enterprise server sap/12-sp3
- version/suse linux enterprise server/12-sp3
- version/suse linux enterprise server sap/12-sp4
- version/suse linux enterprise server/12-sp4
- version/suse linux enterprise server sap/12-sp5
- version/suse linux enterprise server sap/15
- version/suse linux enterprise server/15
- version/suse linux enterprise server/15-sp1
- version/suse linux enterprise server/15-sp2
- version/suse linux enterprise server/15-sp3
- version/suse linux enterprise server/15-sp4
- canonical/suse linux enterprise software development kit
- version/suse linux enterprise software development kit/12-sp5
- vendor/hp
- canonical/hp helion openstack
- version/hp helion openstack/8.0
- vendor/fedoraproject
- canonical/fedora
- version/fedora/34
- version/fedora/35
- version/fedora/36