cifs-utils (SUSE:Linux Enterprise High Performance Computing 15-LTSS) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Linux Enterprise High Performance Computing 15-LTSS package cifs-utils, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (3)
CVE-2022-27239 — CVSS 7.8 (high): In cifs-utils through 6.14, a stack-based buffer overflow when parsing the mount.cifs ip= command-line argument could lead to local…
CVE-2021-20208 — CVSS 6.1 (medium): A flaw was found in cifs-utils in versions before 6.13. A user when mounting a krb5 CIFS file system from within a container can use…
CVE-2020-14342 — CVSS 4.4 (medium): It was found that cifs-utils' mount.cifs was invoking a shell when requesting the Samba password, which could be used to inject arbitrary…