OESA-2022-1626
- Source
- https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2022-1626
- Import Source
- https://repo.openeuler.org/security/data/osv/OESA-2022-1626.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/OESA-2022-1626
- Upstream
- Published
- 2022-05-11T11:03:43Z
- Modified
- 2025-08-12T05:13:18.454791Z
- Summary
- cifs-utils security update
- Details
-
The in-kernel CIFS filesystem is generally the preferred method for mounting SMB/CIFS shares on Linux. The in-kernel CIFS filesystem relies on a set of user-space tools. That package of tools is called cifs-utils.Although not really part of Samba proper, these tools were originally part of the Samba package. For several reasons, shipping these tools as part of Samba was problematic and it was deemed better to split them off into their own package.
Security Fix(es):
cifs-utils through 6.14, with verbose logging, can cause an information leak when a file contains = (equal sign) characters but is not a valid credentials file.(CVE-2022-29869)
In cifs-utils through 6.14, a stack-based buffer overflow when parsing the mount.cifs ip= command-line argument could lead to local attackers gaining root privileges.(CVE-2022-27239)
- Database specific
{ "severity": "Medium" }- References
Affected packages
openEuler:20.03-LTS-SP1 / cifs-utils
Package
- Name
- cifs-utils
- Purl
- pkg:rpm/openEuler/cifs-utils&distro=openEuler-20.03-LTS-SP1
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed6.10-5.oe1
Ecosystem specific
{
"src": [
"cifs-utils-6.10-5.oe1.src.rpm"
],
"x86_64": [
"cifs-utils-6.10-5.oe1.x86_64.rpm",
"cifs-utils-debuginfo-6.10-5.oe1.x86_64.rpm",
"cifs-utils-debugsource-6.10-5.oe1.x86_64.rpm",
"cifs-utils-devel-6.10-5.oe1.x86_64.rpm",
"cifs-utils-help-6.10-5.oe1.x86_64.rpm"
],
"aarch64": [
"cifs-utils-6.10-5.oe1.aarch64.rpm",
"cifs-utils-debuginfo-6.10-5.oe1.aarch64.rpm",
"cifs-utils-debugsource-6.10-5.oe1.aarch64.rpm",
"cifs-utils-devel-6.10-5.oe1.aarch64.rpm",
"cifs-utils-help-6.10-5.oe1.aarch64.rpm"
]
}
openEuler:20.03-LTS-SP3 / cifs-utils
Package
- Name
- cifs-utils
- Purl
- pkg:rpm/openEuler/cifs-utils&distro=openEuler-20.03-LTS-SP3
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed6.10-5.oe1
Ecosystem specific
{
"src": [
"cifs-utils-6.10-5.oe1.src.rpm"
],
"x86_64": [
"cifs-utils-6.10-5.oe1.x86_64.rpm",
"cifs-utils-debuginfo-6.10-5.oe1.x86_64.rpm",
"cifs-utils-debugsource-6.10-5.oe1.x86_64.rpm",
"cifs-utils-devel-6.10-5.oe1.x86_64.rpm",
"cifs-utils-help-6.10-5.oe1.x86_64.rpm"
],
"aarch64": [
"cifs-utils-6.10-5.oe1.aarch64.rpm",
"cifs-utils-debuginfo-6.10-5.oe1.aarch64.rpm",
"cifs-utils-debugsource-6.10-5.oe1.aarch64.rpm",
"cifs-utils-devel-6.10-5.oe1.aarch64.rpm",
"cifs-utils-help-6.10-5.oe1.aarch64.rpm"
]
}
openEuler:22.03-LTS / cifs-utils
Package
- Name
- cifs-utils
- Purl
- pkg:rpm/openEuler/cifs-utils&distro=openEuler-22.03-LTS
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed6.14-3.oe2203
Ecosystem specific
{
"src": [
"cifs-utils-6.14-3.oe2203.src.rpm"
],
"x86_64": [
"cifs-utils-6.14-3.oe2203.x86_64.rpm",
"cifs-utils-debuginfo-6.14-3.oe2203.x86_64.rpm",
"cifs-utils-debugsource-6.14-3.oe2203.x86_64.rpm",
"cifs-utils-devel-6.14-3.oe2203.x86_64.rpm",
"cifs-utils-help-6.14-3.oe2203.x86_64.rpm"
],
"aarch64": [
"cifs-utils-6.14-3.oe2203.aarch64.rpm",
"cifs-utils-debuginfo-6.14-3.oe2203.aarch64.rpm",
"cifs-utils-debugsource-6.14-3.oe2203.aarch64.rpm",
"cifs-utils-devel-6.14-3.oe2203.aarch64.rpm",
"cifs-utils-help-6.14-3.oe2203.aarch64.rpm"
]
}