CVE-2022-27239
Published Apr 27, 2022
Last updated a year ago
Overview
- Description
- In cifs-utils through 6.14, a stack-based buffer overflow when parsing the mount.cifs ip= command-line argument could lead to local attackers gaining root privileges.
- Source
- cve@mitre.org
- NVD status
- Modified
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 7.8
- Impact score
- 5.9
- Exploitability score
- 1.8
- Vector string
- CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
- Severity
- HIGH
CVSS 2.0
- Type
- Primary
- Base score
- 7.2
- Impact score
- 10
- Exploitability score
- 3.9
- Vector string
- AV:L/AC:L/Au:N/C:C/I:C/A:C
Weaknesses
- nvd@nist.gov
- CWE-787
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:samba:cifs-utils:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A994C1D7-9394-43A0-976B-246980F5E77E",
"versionEndExcluding": "6.15"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252"
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73"
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FA6FEEC2-9F11-4643-8827-749718254FED"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:suse:caas_platform:4.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5AB27A2D-549C-450E-A09E-B3316895F052"
},
{
"criteria": "cpe:2.3:a:suse:enterprise_storage:6.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3B20D44D-F87E-4692-8E04-695683F1ECE6"
},
{
"criteria": "cpe:2.3:a:suse:enterprise_storage:7.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F7305944-AC9C-47A3-AADF-71A8B24830D1"
},
{
"criteria": "cpe:2.3:a:suse:linux_enterprise_point_of_service:11.0:sp3:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "694479D9-16C8-4B60-A4D3-975D9E0A7F53"
},
{
"criteria": "cpe:2.3:a:suse:linux_enterprise_storage:7.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B264EB20-49EA-4819-A92B-0748AEFFAC68"
},
{
"criteria": "cpe:2.3:a:suse:manager_proxy:4.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9910C73A-3BCD-4F56-8C7D-79CB289640A2"
},
{
"criteria": "cpe:2.3:a:suse:manager_proxy:4.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B0156BFA-9E83-43E6-9C73-9711AD054B5A"
},
{
"criteria": "cpe:2.3:a:suse:manager_proxy:4.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CAC2D0A4-56F8-4ED6-91E2-78434A016C5F"
},
{
"criteria": "cpe:2.3:a:suse:manager_retail_branch_server:4.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "450A3B3F-F26D-4EAB-BF5D-4C906C4A99DD"
},
{
"criteria": "cpe:2.3:a:suse:manager_retail_branch_server:4.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BD5BDD59-5008-4DDC-B805-BB6B7DE8E1A6"
},
{
"criteria": "cpe:2.3:a:suse:manager_retail_branch_server:4.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A69D3CCD-6590-46EF-9D3F-E903AB78E3BA"
},
{
"criteria": "cpe:2.3:a:suse:manager_server:4.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B5810E98-7BF5-42E2-9DE9-661049ABE367"
},
{
"criteria": "cpe:2.3:a:suse:manager_server:4.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0E46DEFD-659D-4D8F-BCD8-6B8A022F8FB0"
},
{
"criteria": "cpe:2.3:a:suse:manager_server:4.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A1532304-0EA2-4816-B481-C87C7386DC88"
},
{
"criteria": "cpe:2.3:a:suse:openstack_cloud:8.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1C3BEB21-4080-4258-B95C-562D717AED0B"
},
{
"criteria": "cpe:2.3:a:suse:openstack_cloud:9.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "83F8A7D8-FD3E-4C36-AB2A-A61449BF38C5"
},
{
"criteria": "cpe:2.3:a:suse:openstack_cloud_crowbar:8.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1675CBE5-44D3-4326-AE8B-EEB9E25D783A"
},
{
"criteria": "cpe:2.3:a:suse:openstack_cloud_crowbar:9.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B631400C-0A5A-45A3-9DFA-B419E83D324E"
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:15:sp3:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "ACB76FF0-B939-42E9-842B-171E929F317D"
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:15:sp4:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F648F64B-C3F2-4B14-906D-E48345303F0E"
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_high_performance_computing:12.0:sp5:*:*:-:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F8C8AD43-557D-4285-BA46-9C5785F53229"
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_high_performance_computing:15.0:-:*:*:ltss:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6CFA8943-A151-4E16-962D-75F1CB0C3C41"
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_high_performance_computing:15.0:sp1:*:*:espos:*:*:*",
"vulnerable": true,
"matchCriteriaId": "89C89474-3F7A-499E-8E7C-25952584A68C"
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_high_performance_computing:15.0:sp1:*:*:ltss:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CA2E84A0-A9ED-411B-9963-647D8A95D3D5"
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_high_performance_computing:15.0:sp2:*:*:espos:*:*:*",
"vulnerable": true,
"matchCriteriaId": "455B5F70-FDA0-4AE3-9C62-F0BC8E6C3D85"
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_high_performance_computing:15.0:sp2:*:*:ltss:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A0E17861-F7C2-479B-B687-42419ADED014"
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_high_performance_computing:15.0:sp3:*:*:-:*:*:*",
"vulnerable": true,
"matchCriteriaId": "75A0B727-33A9-416B-9E83-5103ABE856B4"
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_high_performance_computing:15.0:sp4:*:*:-:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D0E679A3-3EAC-4603-BD89-E04EE26845B2"
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_micro:5.2:*:*:*:*:-:*:*",
"vulnerable": true,
"matchCriteriaId": "EACDFD9B-C423-4FD1-B9AA-0D6D7D93CB36"
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_micro:5.2:*:*:*:*:rancher:*:*",
"vulnerable": true,
"matchCriteriaId": "825D86FE-87DA-4389-8097-D7CF34718CB2"
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_real_time:15.0:sp2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4B0AC584-5E26-4ACE-BC19-9E69A302F238"
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:-:*:*",
"vulnerable": true,
"matchCriteriaId": "E534C201-BCC5-473C-AAA7-AAB97CEB5437"
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp4:*:*:ltss:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7B84C8D3-0B59-40DC-881D-D016A422E8CC"
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:12:sp2:*:*:business_critical_linux:-:*:*",
"vulnerable": true,
"matchCriteriaId": "93A9AC01-6C1F-4025-BD7C-E02C4E3D0CD0"
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:12:sp3:*:*:*:sap:*:*",
"vulnerable": true,
"matchCriteriaId": "16729D9C-DC05-41BD-9B32-682983190CE0"
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:12:sp3:*:*:business_critical_linux:-:*:*",
"vulnerable": true,
"matchCriteriaId": "EA9DC756-8E39-4AB6-B9D4-2A4100FF8D04"
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:12:sp3:*:*:espos:*:*:*",
"vulnerable": true,
"matchCriteriaId": "77F1991E-E0D6-4BDE-BDF0-D34D6E67AAD4"
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:12:sp3:*:*:ltss:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C6622CD4-DF4B-4064-BAEB-5E382C4B05C8"
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:12:sp4:*:*:-:sap:*:*",
"vulnerable": true,
"matchCriteriaId": "E279968E-C62B-4888-899A-2BF57E8F8692"
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:12:sp4:*:*:espos:*:*:*",
"vulnerable": true,
"matchCriteriaId": "65709414-EAE0-4EA7-9C5F-EBDA80FF2A9D"
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:12:sp4:*:*:ltss:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7E05EE7E-993C-4107-9A15-EBE0D2268239"
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:12:sp5:*:*:*:sap:*:*",
"vulnerable": true,
"matchCriteriaId": "471E110C-10CC-4C36-BDE1-BBB27EF5C6EA"
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:15:*:*:*:*:sap:*:*",
"vulnerable": true,
"matchCriteriaId": "C665A768-DBDA-4197-9159-A2791E98A84F"
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:15:-:*:*:espos:*:*:*",
"vulnerable": true,
"matchCriteriaId": "88FFABAC-A728-4172-9A1E-2B84E82219D4"
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:15:-:*:*:ltss:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B1065E14-69B3-4643-ACF7-3C14BF07C783"
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:15:sp1:*:*:business_critical_linux:-:*:*",
"vulnerable": true,
"matchCriteriaId": "26FDBC27-D993-4A93-BC70-753FA21F4C11"
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:15:sp1:*:*:ltss:*:*:*",
"vulnerable": true,
"matchCriteriaId": "55A521F2-51C3-4356-A8D6-BD5A1BD60C85"
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:15:sp2:*:*:business_critical_linux:-:*:*",
"vulnerable": true,
"matchCriteriaId": "A256B5D1-49D2-4363-AAD6-30FD32F0D132"
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:15:sp2:*:*:ltss:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6E1420DB-3DF2-4A95-B703-913D67727295"
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:15:sp3:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6C2EACE6-C127-4B13-8002-8EEBEE8D549B"
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:15:sp4:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "72FDB554-E771-42DA-8B9E-DB5CB545A660"
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:sp5:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6C734CEC-64F2-4129-B52E-C81884B3AC9A"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:helion_openstack:8.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "541BB602-443D-4D8E-A46F-5EC4A9702E17"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A930E247-0B43-43CB-98FF-6CE7B8189835"
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "80E516C0-98A4-4ADE-B69F-66A772E2BAAA"
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5C675112-476C-4D7C-BCB9-A2FB2D0BC9FD"
}
],
"operator": "OR"
}
]
}
]