Information Leak in cifs-utils by Piastry
CVE-2022-29869

5.3MEDIUM

Key Information:

Vendor

Samba

Status
Cifs-utils
Vendor
CVE Published:
28 April 2022

What is CVE-2022-29869?

The cifs-utils application, prior to version 6.14, experiences a vulnerability that can lead to information leaks when verbose logging is enabled. This issue arises if a file contains equal sign characters but does not qualify as a valid credentials file, potentially exposing sensitive data unintentionally. It poses a risk for systems relying on this utility when handling certain file formats.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://github.com/piastry/cifs-utils/pull/7
https://github.com/piastry/cifs-utils/commit/8acc963a2e7e...
https://lists.fedoraproject.org/archives/list/package-ann...
vendor-advisory

CVSS V3.1

Score:
5.3
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
None
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.