Bug 2081221 (CVE-2022-29869)
| Summary: | CVE-2022-29869 cifs-utils: crafted input may cause an information leak | ||
|---|---|---|---|
| Product: | [Other] Security Response | Reporter: | Marian Rehak <mrehak> |
| Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
| Status: | CLOSED WONTFIX | QA Contact: | |
| Severity: | low | Docs Contact: | |
| Priority: | low | ||
| Version: | unspecified | CC: | abokovoy, jlayton, lsahlber, luk.claes, ronniesahlberg, sprabhu, ssorce |
| Target Milestone: | --- | Keywords: | Security |
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | If docs needed, set a value | |
| Doc Text: |
A flaw was found in cifs-utils. When verbose logging is enabled, invalid credentials file lines may be dumped to stderr. This may lead to information disclosure in particular conditions when the credentials file given is sensitive and contains '=' signs.
|
Story Points: | --- |
| Clone Of: | Environment: | ||
| Last Closed: | 2022-09-28 14:03:49 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | 2082334, 2082335 | ||
| Bug Blocks: | 2081222 | ||
|
Description
Marian Rehak
2022-05-03 06:21:27 UTC
|