Amazon Linux 1 Security Advisory: ALAS-2023-1698
Advisory Release Date: 2023-03-02 20:22 Pacific
Advisory Updated Date: 2023-03-07 01:56 Pacific
A stack-based buffer overflow issue was found in pifs-utils. Parsing the mount.cifs ip command-line argument can lead to local attackers gaining root privileges. (CVE-2022-27239)
Affected Packages:
cifs-utils
Issue Correction:
Run yum update cifs-utils to update your system.
i686:
cifs-utils-debuginfo-6.2-7.7.amzn1.i686
cifs-utils-devel-6.2-7.7.amzn1.i686
cifs-utils-6.2-7.7.amzn1.i686
src:
cifs-utils-6.2-7.7.amzn1.src
x86_64:
cifs-utils-6.2-7.7.amzn1.x86_64
cifs-utils-debuginfo-6.2-7.7.amzn1.x86_64
cifs-utils-devel-6.2-7.7.amzn1.x86_64