Read Time:36 Second

FEDORA-2022-7fda04ab5a

Packages in this update:

cifs-utils-6.15-1.fc35

Update description:

This is a security release to address the following bugs:

CVE-2022-27239: mount.cifs: fix length check for ip option parsing
CVE-2022-29869: mount.cifs: fix verbose messages on option parsing

Description

CVE-2022-27239:

In cifs-utils through 6.14, a stack-based buffer overflow when parsing the mount.cifs ip= command-line argument could lead to local attackers gaining root privileges.

CVE-2022-29869:

cifs-utils through 6.14, with verbose logging, can cause an information leak when a file contains = (equal sign) characters but is
not a valid credentials file.

Both issues were originally reported and fixed by Jeffrey Bencteux.

More Stories

pgbouncer-1.24.1-1.el9

FEDORA-EPEL-2025-be9d8a1131 Packages in this update: pgbouncer-1.24.1-1.el9 Update description: Update to 1.24.1, fixes CVE-2025-2291. Read More

pgbouncer-1.24.1-2.el8

FEDORA-EPEL-2025-f59a1a28d0 Packages in this update: pgbouncer-1.24.1-2.el8 Update description: Update to 1.24.1, fixes CVE-2025-2291. Read More

pgbouncer-1.24.1-2.fc40

FEDORA-2025-31397c2b6c Packages in this update: pgbouncer-1.24.1-2.fc40 Update description: Update to 1.24.1, fixes CVE-2025-2291. Read More

pgbouncer-1.24.1-2.fc42

FEDORA-2025-25e04398c7 Packages in this update: pgbouncer-1.24.1-2.fc42 Update description: Update to 1.24.1, fixes CVE-2025-2291. Read More

pgbouncer-1.24.1-2.el10_1

FEDORA-EPEL-2025-c1249be8e7 Packages in this update: pgbouncer-1.24.1-2.el10_1 Update description: Update to 1.24.1, fixes CVE-2025-2291. Read More

pgbouncer-1.24.1-2.fc41

FEDORA-2025-d919f11f99 Packages in this update: pgbouncer-1.24.1-2.fc41 Update description: Update to 1.24.1, fixes CVE-2025-2291. Read More