Vulnerability Name: CVE-2022-27239 (CCN-225275) Assigned: 2022-04-27 Published: 2022-04-27 Updated: 2022-10-05 Summary: In cifs-utils through 6.14, a stack-based buffer overflow when parsing the mount.cifs ip= command-line argument could lead to local attackers gaining root privileges. CVSS v3 Severity: 7.8 High (CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H )6.8 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C )Exploitability Metrics: Attack Vector (AV): LocalAttack Complexity (AC): LowPrivileges Required (PR): LowUser Interaction (UI): NoneScope: Scope (S): UnchangedImpact Metrics: Confidentiality (C): HighIntegrity (I): HighAvailibility (A): High
8.4 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H )7.3 High (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C )Exploitability Metrics: Attack Vector (AV): LocalAttack Complexity (AC): LowPrivileges Required (PR): NoneUser Interaction (UI): NoneScope: Scope (S): UnchangedImpact Metrics: Confidentiality (C): HighIntegrity (I): HighAvailibility (A): High
CVSS v2 Severity: 7.2 High (CVSS v2 Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C )Exploitability Metrics: Access Vector (AV): LocalAccess Complexity (AC): LowAuthentication (Au): NoneImpact Metrics: Confidentiality (C): CompleteIntegrity (I): CompleteAvailibility (A): Complete
7.2 High (CCN CVSS v2 Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C )Exploitability Metrics: Access Vector (AV): LocalAccess Complexity (AC): LowAthentication (Au): NoneImpact Metrics: Confidentiality (C): CompleteIntegrity (I): CompleteAvailibility (A): Complete
Vulnerability Type: CWE-787 Vulnerability Consequences: Gain Privileges References: Source: MITRE Type: CNACVE-2022-27239 Source: MISC Type: Third Party Advisoryhttp://wiki.robotz.com/index.php/Linux_CIFS_Utils_and_Samba Source: MISC Type: Issue Tracking, Permissions Required, Vendor Advisoryhttps://bugzilla.samba.org/show_bug.cgi?id=15025 Source: CCN Type: Bugzilla - Bug 1197216(CVE-2022-27239) VUL-0: CVE-2022-27239: cifs-utils: buffer overflow in commandline ip= handling Source: MISC Type: Issue Tracking, Patch, Third Party Advisoryhttps://bugzilla.suse.com/show_bug.cgi?id=1197216 Source: XF Type: UNKNOWNcifsutils-cve202227239-bo(225275) Source: CCN Type: cifs-utils GIT Repositorymount.cifs: two bug fixes #7 Source: MISC Type: Issue Tracking, Patch, Third Party Advisoryhttps://github.com/piastry/cifs-utils/pull/7 Source: MISC Type: Patch, Third Party Advisoryhttps://github.com/piastry/cifs-utils/pull/7/commits/955fb147e97a6a74e1aaa65766de91e2c1479765 Source: MLIST Type: Mailing List, Third Party Advisory[debian-lts-announce] 20220516 [SECURITY] [DLA 3009-1] cifs-utils security update Source: FEDORA Type: Mailing List, Third Party AdvisoryFEDORA-2022-34de4f833d Source: FEDORA Type: Mailing List, Third Party AdvisoryFEDORA-2022-7fda04ab5a Source: FEDORA Type: Mailing List, Third Party AdvisoryFEDORA-2022-eb2d3ca94d Source: CCN Type: oss-sec Mailing List, Wed, 27 Apr 2022 09:45:54 +0200CVE-2022-27239: cifs-utils mount.cifs buffer overflow in ip parameter Source: DEBIAN Type: Third Party AdvisoryDSA-5157 Source: CCN Type: Mend Vulnerability DatabaseCVE-2022-27239 Vulnerable Configuration: Configuration 1 :cpe:/a:samba:cifs-utils:*:*:*:*:*:*:*:* (Version < 6.15)Configuration 2 :cpe:/o:debian:debian_linux:9.0:*:*:*:*:*:*:* OR cpe:/o:debian:debian_linux:10.0:*:*:*:*:*:*:* OR cpe:/o:debian:debian_linux:11.0:*:*:*:*:*:*:* Configuration 3 :cpe:/o:suse:linux_enterprise_server:11:sp4:*:*:ltss:*:*:* OR cpe:/a:suse:openstack_cloud:8.0:*:*:*:*:*:*:* OR cpe:/o:suse:linux_enterprise_server:15:*:*:*:*:sap:*:* OR cpe:/o:suse:linux_enterprise_software_development_kit:12:sp5:*:*:*:*:*:* OR cpe:/a:suse:openstack_cloud_crowbar:8.0:*:*:*:*:*:*:* OR cpe:/a:suse:openstack_cloud_crowbar:9.0:*:*:*:*:*:*:* OR cpe:/a:suse:openstack_cloud:9.0:*:*:*:*:*:*:* OR cpe:/o:suse:linux_enterprise_server:12:sp3:*:*:ltss:*:*:* OR cpe:/o:suse:linux_enterprise_server:12:sp3:*:*:*:sap:*:* OR cpe:/o:suse:linux_enterprise_server:11:sp3:*:*:*:-:*:* OR cpe:/a:suse:manager_server:4.1:*:*:*:*:*:*:* OR cpe:/o:suse:linux_enterprise_server:12:sp5:*:*:*:sap:*:* OR cpe:/o:suse:linux_enterprise_desktop:15:sp3:*:*:*:*:*:* OR cpe:/o:suse:linux_enterprise_server:15:sp3:*:*:*:*:*:* OR cpe:/o:suse:linux_enterprise_server:15:sp4:*:*:*:*:*:* OR cpe:/o:suse:linux_enterprise_desktop:15:sp4:*:*:*:*:*:* OR cpe:/a:suse:enterprise_storage:7.0:*:*:*:*:*:*:* OR cpe:/a:suse:caas_platform:4.0:*:*:*:*:*:*:* OR cpe:/a:suse:enterprise_storage:6.0:*:*:*:*:*:*:* OR cpe:/a:suse:manager_proxy:4.1:*:*:*:*:*:*:* OR cpe:/o:suse:linux_enterprise_server:15:-:*:*:espos:*:*:* OR cpe:/o:suse:linux_enterprise_server:15:-:*:*:ltss:*:*:* OR cpe:/o:suse:linux_enterprise_server:15:sp1:*:*:ltss:*:*:* OR cpe:/o:suse:linux_enterprise_server:15:sp2:*:*:ltss:*:*:* OR cpe:/o:suse:linux_enterprise_high_performance_computing:12.0:sp5:*:*:-:*:*:* OR cpe:/o:suse:linux_enterprise_high_performance_computing:15.0:-:*:*:ltss:*:*:* OR cpe:/o:suse:linux_enterprise_high_performance_computing:15.0:sp1:*:*:espos:*:*:* OR cpe:/o:suse:linux_enterprise_high_performance_computing:15.0:sp1:*:*:ltss:*:*:* OR cpe:/o:suse:linux_enterprise_high_performance_computing:15.0:sp2:*:*:espos:*:*:* OR cpe:/o:suse:linux_enterprise_high_performance_computing:15.0:sp2:*:*:ltss:*:*:* OR cpe:/o:suse:linux_enterprise_high_performance_computing:15.0:sp3:*:*:-:*:*:* OR cpe:/o:suse:linux_enterprise_high_performance_computing:15.0:sp4:*:*:-:*:*:* OR cpe:/o:suse:linux_enterprise_server:12:sp4:*:*:espos:*:*:* OR cpe:/o:suse:linux_enterprise_server:12:sp4:*:*:ltss:*:*:* OR cpe:/o:suse:linux_enterprise_server:12:sp3:*:*:espos:*:*:* OR cpe:/o:suse:linux_enterprise_real_time:15.0:sp2:*:*:*:*:*:* OR cpe:/a:suse:linux_enterprise_point_of_service:11.0:sp3:*:*:*:*:*:* OR cpe:/o:suse:linux_enterprise_micro:5.2:*:*:*:*:rancher:*:* OR cpe:/o:suse:linux_enterprise_micro:5.2:*:*:*:*:-:*:* OR cpe:/o:suse:linux_enterprise_server:12:sp2:*:*:business_critical_linux:-:*:* OR cpe:/o:suse:linux_enterprise_server:12:sp3:*:*:business_critical_linux:-:*:* OR cpe:/o:suse:linux_enterprise_server:15:sp1:*:*:business_critical_linux:-:*:* OR cpe:/o:suse:linux_enterprise_server:15:sp2:*:*:business_critical_linux:-:*:* OR cpe:/o:suse:linux_enterprise_server:12:sp4:*:*:-:sap:*:* OR cpe:/a:suse:manager_retail_branch_server:4.2:*:*:*:*:*:*:* OR cpe:/a:suse:manager_retail_branch_server:4.1:*:*:*:*:*:*:* OR cpe:/a:suse:manager_retail_branch_server:4.3:*:*:*:*:*:*:* OR cpe:/a:suse:manager_server:4.2:*:*:*:*:*:*:* OR cpe:/a:suse:manager_server:4.3:*:*:*:*:*:*:* OR cpe:/a:suse:manager_proxy:4.2:*:*:*:*:*:*:* OR cpe:/a:suse:manager_proxy:4.3:*:*:*:*:*:*:* OR cpe:/a:suse:linux_enterprise_storage:7.1:*:*:*:*:*:*:* Configuration 4 :cpe:/a:hp:helion_openstack:8.0:*:*:*:*:*:*:* Configuration 5 :cpe:/o:fedoraproject:fedora:34:*:*:*:*:*:*:* OR cpe:/o:fedoraproject:fedora:35:*:*:*:*:*:*:* OR cpe:/o:fedoraproject:fedora:36:*:*:*:*:*:*:* Denotes that component is vulnerable Oval Definitions BACK
samba cifs-utils *
debian debian linux 9.0
debian debian linux 10.0
debian debian linux 11.0
suse linux enterprise server 11 sp4
suse openstack cloud 8.0
suse linux enterprise server 15
suse linux enterprise software development kit 12 sp5
suse openstack cloud crowbar 8.0
suse openstack cloud crowbar 9.0
suse openstack cloud 9.0
suse linux enterprise server 12 sp3
suse linux enterprise server 12 sp3
suse linux enterprise server 11 sp3
suse manager server 4.1
suse linux enterprise server 12 sp5
suse linux enterprise desktop 15 sp3
suse linux enterprise server 15 sp3
suse linux enterprise server 15 sp4
suse linux enterprise desktop 15 sp4
suse enterprise storage 7.0
suse caas platform 4.0
suse enterprise storage 6.0
suse manager proxy 4.1
suse linux enterprise server 15 -
suse linux enterprise server 15 -
suse linux enterprise server 15 sp1
suse linux enterprise server 15 sp2
suse linux enterprise high performance computing 12.0 sp5
suse linux enterprise high performance computing 15.0 -
suse linux enterprise high performance computing 15.0 sp1
suse linux enterprise high performance computing 15.0 sp1
suse linux enterprise high performance computing 15.0 sp2
suse linux enterprise high performance computing 15.0 sp2
suse linux enterprise high performance computing 15.0 sp3
suse linux enterprise high performance computing 15.0 sp4
suse linux enterprise server 12 sp4
suse linux enterprise server 12 sp4
suse linux enterprise server 12 sp3
suse linux enterprise real time 15.0 sp2
suse linux enterprise point of service 11.0 sp3
suse linux enterprise micro 5.2
suse linux enterprise micro 5.2
suse linux enterprise server 12 sp2
suse linux enterprise server 12 sp3
suse linux enterprise server 15 sp1
suse linux enterprise server 15 sp2
suse linux enterprise server 12 sp4
suse manager retail branch server 4.2
suse manager retail branch server 4.1
suse manager retail branch server 4.3
suse manager server 4.2
suse manager server 4.3
suse manager proxy 4.2
suse manager proxy 4.3
suse linux enterprise storage 7.1
hp helion openstack 8.0
fedoraproject fedora 34
fedoraproject fedora 35
fedoraproject fedora 36