CVE-2022-46174

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2022-46174

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-46174.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2022-46174

Aliases

GHSA-4fv8-w65m-3932

Related

Published

2022-12-28T07:15:08Z

Modified

2025-01-08T14:30:24.268624Z

Severity

4.2 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L CVSS Calculator

Summary

[none]

Details

efs-utils is a set of Utilities for Amazon Elastic File System (EFS). A potential race condition issue exists within the Amazon EFS mount helper in efs-utils versions v1.34.3 and below. When using TLS to mount file systems, the mount helper allocates a local port for stunnel to receive NFS connections prior to applying the TLS tunnel. In affected versions, concurrent mount operations can allocate the same local port, leading to either failed mount operations or an inappropriate mapping from an EFS customer’s local mount points to that customer’s EFS file systems. This issue is patched in version v1.34.4. There is no recommended work around. We recommend affected users update the installed version of efs-utils to v1.34.4 or later.

References

Affected packages

Git / github.com/aws/efs-utils

Affected ranges

Type: GIT
Repo: https://github.com/aws/efs-utils
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

f3a8f88167d55caa2f78aeb72d4dc1987a9ed62d

Fixed

f3a8f88167d55caa2f78aeb72d4dc1987a9ed62d

Type: GIT
Repo: https://github.com/kubernetes-sigs/aws-efs-csi-driver
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

d6fc5f55f5992b6272e991055356307906da624e

Affected versions

helm-chart-aws-efs-csi-driver-1.*

helm-chart-aws-efs-csi-driver-1.0.0

helm-chart-aws-efs-csi-driver-2.*

helm-chart-aws-efs-csi-driver-2.2.2

helm-chart-aws-efs-csi-driver-2.2.4

helm-chart-aws-efs-csi-driver-2.2.5

helm-chart-aws-efs-csi-driver-2.2.7

helm-chart-aws-efs-csi-driver-2.2.8

v0.*

v0.1.0

v0.1.0-rc0

v0.2.0

v0.2.0-rc0

v0.3.0

v0.3.0-rc0

v1.*

v1.0

v1.0.0

v1.10

v1.11

v1.12

v1.13

v1.14

v1.17

v1.18

v1.19

v1.2

v1.20

v1.21

v1.22

v1.23

v1.24

v1.25-1

v1.25-2

v1.25-3

v1.26.2

v1.26.3

v1.27.1

v1.28.1

v1.28.2

v1.29.1

v1.29.1-mac

v1.3

v1.30.1

v1.30.2

v1.31.1

v1.31.2

v1.31.3

v1.32.1

v1.32.2

v1.33.1

v1.33.2

v1.33.3

v1.33.4

v1.34.1

v1.34.2

v1.34.3

v1.4

v1.4.0

v1.4.1

v1.4.2

v1.4.3

v1.4.4

v1.4.5

v1.4.6

v1.4.7

v1.5

v1.6

v1.7