CVE-2022-29869

Debian Bug report logs - #1010818 cifs-utils: CVE-2022-27239 CVE-2022-29869 Package: src:cifs-utils; Maintainer for src:cifs-utils is Debian Samba Maintainers <pkg-samba-maint@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Tue, 10 May 2022 19:33:02 UTC Severity: grave Tags: patc ...

Several security issues were fixed in cifs-utils ...

Jeffrey Bencteux reported two vulnerabilities in cifs-utils, the Common Internet File System utilities, which can result in escalation of privileges (CVE-2022-27239) or an information leak (CVE-2022-29869) For the oldstable distribution (buster), these problems have been fixed in version 2:68-2+deb10u1 For the stable distribution (bullseye), the ...

A stack-based buffer overflow issue was found in pifs-utils Parsing the mountcifs ip command-line argument can lead to local attackers gaining root privileges (CVE-2022-27239) A flaw was found in cifs-utils When verbose logging is enabled, invalid credentials file lines may be dumped to stderr This may lead to information disclosure in particu ...

cifs-utils through 614, with verbose logging, can cause an information leak when a file contains = (equal sign) characters but is not a valid credentials file ...

A stack-based buffer overflow issue was found in pifs-utils Parsing the mountcifs ip command-line argument can lead to local attackers gaining root privileges (CVE-2022-27239) A flaw was found in cifs-utils When verbose logging is enabled, invalid credentials file lines may be dumped to stderr This may lead to information disclosure in particu ...

A stack-based buffer overflow issue was found in pifs-utils Parsing the mountcifs ip command-line argument can lead to local attackers gaining root privileges (CVE-2022-27239) A flaw was found in cifs-utils When verbose logging is enabled, invalid credentials file lines may be dumped to stderr This may lead to information disclosure in particu ...