Security
Headlines
HeadlinesLatestCVEs

Headline

Ubuntu Security Notice USN-5459-1

Ubuntu Security Notice 5459-1 - Aurélien Aptel discovered that cifs-utils invoked a shell when requesting a password. In certain environments, a local attacker could possibly use this issue to escalate privileges. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. It was discovered that cifs-utils incorrectly used host credentials when mounting a krb5 CIFS file system from within a container. An attacker inside a container could possibly use this issue to obtain access to sensitive information. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS.

Packet Storm
#vulnerability#ubuntu

==========================================================================
Ubuntu Security Notice USN-5459-1
June 02, 2022

cifs-utils vulnerabilities

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 22.04 LTS
  • Ubuntu 21.10
  • Ubuntu 20.04 LTS
  • Ubuntu 18.04 LTS

Summary:

Several security issues were fixed in cifs-utils.

Software Description:

  • cifs-utils: Common Internet File System utilities

Details:

Aurélien Aptel discovered that cifs-utils invoked a shell when requesting a
password. In certain environments, a local attacker could possibly use this
issue to escalate privileges. This issue only affected Ubuntu 18.04 LTS and
Ubuntu 20.04 LTS. (CVE-2020-14342)

It was discovered that cifs-utils incorrectly used host credentials when
mounting a krb5 CIFS file system from within a container. An attacker
inside a container could possibly use this issue to obtain access to
sensitive information. This issue only affected Ubuntu 18.04 LTS and Ubuntu
20.04 LTS. (CVE-2021-20208)

It was discovered that cifs-utils incorrectly handled certain command-line
arguments. A local attacker could possibly use this issue to obtain root
privileges. (CVE-2022-27239)

It was discovered that cifs-utils incorrectly handled verbose logging. A
local attacker could possibly use this issue to obtain sensitive
information. (CVE-2022-29869)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 22.04 LTS:
cifs-utils 2:6.14-1ubuntu0.1

Ubuntu 21.10:
cifs-utils 2:6.11-3.1ubuntu0.1

Ubuntu 20.04 LTS:
cifs-utils 2:6.9-1ubuntu0.2

Ubuntu 18.04 LTS:
cifs-utils 2:6.8-1ubuntu1.2

In general, a standard system update will make all the necessary changes.

References:
https://ubuntu.com/security/notices/USN-5459-1
CVE-2020-14342, CVE-2021-20208, CVE-2022-27239, CVE-2022-29869

Package Information:
https://launchpad.net/ubuntu/+source/cifs-utils/2:6.14-1ubuntu0.1
https://launchpad.net/ubuntu/+source/cifs-utils/2:6.11-3.1ubuntu0.1
https://launchpad.net/ubuntu/+source/cifs-utils/2:6.9-1ubuntu0.2
https://launchpad.net/ubuntu/+source/cifs-utils/2:6.8-1ubuntu1.2

Related news

Gentoo Linux Security Advisory 202311-05

Gentoo Linux Security Advisory 202311-5 - Multiple vulnerabilities have been discovered in LinuxCIFS utils, the worst of which can lead to local root privilege escalation. Versions greater than or equal to 6.15 are affected.

CVE-2022-46756: DSA-2022-335: Dell VxRail Security Update for Multiple Third-Party Component Vulnerabilities

Dell VxRail, versions prior to 7.0.410, contain a Container Escape Vulnerability. A local high-privileged attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the container's underlying OS. Exploitation may lead to a system take over by an attacker.

CVE-2022-29869: mount.cifs: two bug fixes by ddiss · Pull Request #7 · piastry/cifs-utils

cifs-utils through 6.14, with verbose logging, can cause an information leak when a file contains = (equal sign) characters but is not a valid credentials file.

CVE-2022-27239: Linux CIFS Utils and Samba - Free Knowledge Base

In cifs-utils through 6.14, a stack-based buffer overflow when parsing the mount.cifs ip= command-line argument could lead to local attackers gaining root privileges.

CVE-2021-20208: Invalid Bug ID

A flaw was found in cifs-utils in versions before 6.13. A user when mounting a krb5 CIFS file system from within a container can use Kerberos credentials of the host. The highest threat from this vulnerability is to data confidentiality and integrity.

CVE-2020-14342: cifs-utils release 6.11 ready for download

It was found that cifs-utils' mount.cifs was invoking a shell when requesting the Samba password, which could be used to inject arbitrary commands. An attacker able to invoke mount.cifs with special permission, such as via sudo rules, could use this flaw to escalate their privileges.

Packet Storm: Latest News

Siemens Energy Omnivise T3000 8.2 SP3 Privilege Escalation / File Download