FEDORA-2022-eb2d3ca94d
Packages in this update:
cifs-utils-6.15-1.fc36
Update description:
This is a security release to address the following bugs:
CVE-2022-27239: mount.cifs: fix length check for ip option parsing
CVE-2022-29869: mount.cifs: fix verbose messages on option parsing
Description
CVE-2022-27239:
In cifs-utils through 6.14, a stack-based buffer overflow when parsing the mount.cifs ip= command-line argument could lead to local attackers gaining root privileges.
CVE-2022-29869:
cifs-utils through 6.14, with verbose logging, can cause an information leak when a file contains = (equal sign) characters but is
not a valid credentials file.
Both issues were originally reported and fixed by Jeffrey Bencteux.
More Stories
USN-7022-1: Linux kernel vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This...
chromium-129.0.6668.58-1.fc39
FEDORA-2024-3d29b1647b Packages in this update: chromium-129.0.6668.58-1.fc39 Update description: update to 129.0.6668.58 * High CVE-2024-8904: Type Confusion in V8 * Medium...
chromium-129.0.6668.58-1.el9
FEDORA-EPEL-2024-034e4b1091 Packages in this update: chromium-129.0.6668.58-1.el9 Update description: update to 129.0.6668.58 * High CVE-2024-8904: Type Confusion in V8 * Medium...
chromium-129.0.6668.58-1.fc40
FEDORA-2024-d273b23c67 Packages in this update: chromium-129.0.6668.58-1.fc40 Update description: update to 129.0.6668.58 * High CVE-2024-8904: Type Confusion in V8 * Medium...
USN-7021-1: Linux kernel vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This...
USN-7020-1: Linux kernel vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This...