Vulnerability CVE-2022-29869: Information
Description
cifs-utils through 6.14, with verbose logging, can cause an information leak when a file contains = (equal sign) characters but is not a valid credentials file.
Severity: MEDIUM (5.3) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Fixed packages
Package name | Branch | Fixed in version | Version from repository | Errata ID | Task # | State |
|---|---|---|---|---|---|---|
| cifs-utils | sisyphus | 6.15-alt1 | 7.0-alt1 | ALT-PU-2022-2522-1 | 306005 | Fixed |
| cifs-utils | sisyphus_e2k | 6.15-alt1 | 7.0-alt1 | ALT-PU-2022-5942-1 | - | Fixed |
| cifs-utils | sisyphus_riscv64 | 6.15-alt1 | 7.0-alt1 | ALT-PU-2022-5891-1 | - | Fixed |
| cifs-utils | p10 | 6.15-alt1 | 6.15-alt1 | ALT-PU-2022-2576-1 | 306006 | Fixed |
| cifs-utils | p10_e2k | 6.15-alt1 | 6.15-alt1 | ALT-PU-2022-6096-1 | - | Fixed |
| cifs-utils | c10f1 | 6.15-alt1 | 6.15-alt1 | ALT-PU-2022-2576-1 | 306006 | Fixed |
| cifs-utils | c9f2 | 6.15-alt1 | 6.15-alt1 | ALT-PU-2022-2563-1 | 306007 | Fixed |
| cifs-utils | p11 | 6.15-alt1 | 7.0-alt1 | ALT-PU-2022-2522-1 | 306005 | Fixed |
References to Advisories, Solutions, and Tools
Hyperlink | Resource |
|---|---|
| https://github.com/piastry/cifs-utils/pull/7 |
|
| https://github.com/piastry/cifs-utils/commit/8acc963a2e7e9d63fe1f2e7f73f5a03f83d9c379 |
|
| [debian-lts-announce] 20220516 [SECURITY] [DLA 3009-1] cifs-utils security update |
|
| DSA-5157 |
|
| FEDORA-2022-eb2d3ca94d | |
| FEDORA-2022-7fda04ab5a | |
| FEDORA-2022-34de4f833d | |
| GLSA-202311-05 |