ELA-614-1 cifs-utils security update

Debian 9924 Published by

A cifs-utils security update has been released for Debian GNU/Linux 8 Extended LTS to address a couple of vulnerabilities.



ELA-614-1 cifs-utils security update

Package cifs-utils
Version 2:6.4-1+deb8u1
Related CVEs CVE-2022-27239 CVE-2022-29869

A couple of vulnerabilities were found in src:cifs-utils, a Common Internet File System utilities, and are as follows:

CVE-2022-27239

In cifs-utils, a stack-based buffer overflow when parsing the
mount.cifs ip= command-line argument could lead to local attackers
gaining root privileges.

CVE-2022-29869

cifs-utils, with verbose logging, can cause an information leak
when a file contains = (equal sign) characters but is not a valid
credentials file.
For Debian 8 jessie, these problems have been fixed in version 2:6.4-1+deb8u1.

We recommend that you upgrade your cifs-utils packages.

Further information about Extended LTS security advisories can be found at: https://deb.freexian.com/extended-lts/

  ELA-614-1 cifs-utils security update

USN-5422-1: libxml2 vulnerabilities

RHSA-2022:2253-01: Important: pcs security update

Windows

Linux

macOS

Community

  • dhamu
    Hello Phil, I have a Linux Tutorial website that curre ...
  • StephanX
    Hi friends, i am new in the Linux universe but i try to ...
  • Philipp
    I would try the XanMod kernel: https://xanmod.orgĀ  I ...