CVE-2022-27239

Name: CVE-2022-27239
Creator: NVD / NIST
Published: 2022-04-27T14:15:09.203+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

HIGHCVSS 7.8/10EPSS 0.56%

Last modified Jun 17, 2026

CVE-2022-27239 is a high-severity vulnerability rated 7.8/10 on the CVSS scale. In cifs-utils through 6.14, a stack-based buffer overflow when parsing the mount.cifs ip= command-line argument could lead to local attackers gaining root privileges.. EPSS estimates a 0.56% chance of exploitation in the next 30 days.

Description

In cifs-utils through 6.14, a stack-based buffer overflow when parsing the mount.cifs ip= command-line argument could lead to local attackers gaining root privileges.

Metrics

CVSS 3.1

7.8/10

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS Probability

0.56%

42.2th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

CWE-787

Affected Software

Vendor	Product	Versions	Update
Samba	Cifs-Utils	< 6.15	—
Debian	Debian Linux	9.0	—
Debian	Debian Linux	10.0	—
Debian	Debian Linux	11.0	—
Suse	Caas Platform	4.0	—
Suse	Enterprise Storage	6.0	—
Suse	Enterprise Storage	7.0	—
Suse	Linux Enterprise Point Of Service	11.0	Sp3
Suse	Linux Enterprise Storage	7.1	—
Suse	Manager Proxy	4.1	—
Suse	Manager Proxy	4.2	—
Suse	Manager Proxy	4.3	—
Suse	Manager Retail Branch Server	4.1	—
Suse	Manager Retail Branch Server	4.2	—
Suse	Manager Retail Branch Server	4.3	—
Suse	Manager Server	4.1	—
Suse	Manager Server	4.2	—
Suse	Manager Server	4.3	—
Suse	Openstack Cloud	8.0	—
Suse	Openstack Cloud	9.0	—
Suse	Openstack Cloud Crowbar	8.0	—
Suse	Openstack Cloud Crowbar	9.0	—
Suse	Linux Enterprise Desktop	15	Sp3
Suse	Linux Enterprise High Performance Computing	12.0	Sp5
Suse	Linux Enterprise High Performance Computing	15.0	—
Suse	Linux Enterprise Micro	5.2	—
Suse	Linux Enterprise Real Time	15.0	Sp2
Suse	Linux Enterprise Server	11	Sp3
Suse	Linux Enterprise Server	12	Sp2
Suse	Linux Enterprise Server	15	—
Suse	Linux Enterprise Software Development Kit	12	Sp5
Hp	Helion Openstack	8.0	—
Fedoraproject	Fedora	34	—
Fedoraproject	Fedora	35	—
Fedoraproject	Fedora	36	—

References

http://wiki.robotz.com/index.php/Linux_CIFS_Utils_and_SambaThird Party Advisory
https://bugzilla.samba.org/show_bug.cgi?id=15025Issue Tracking, Permissions Required, Vendor Advisory
https://bugzilla.suse.com/show_bug.cgi?id=1197216Issue Tracking, Patch, Third Party Advisory
https://github.com/piastry/cifs-utils/pull/7Issue Tracking, Patch, Third Party Advisory
https://github.com/piastry/cifs-utils/pull/7/commits/955fb147e97a6a74e1aaa65766de91e2c1479765Patch, Third Party Advisory
https://lists.debian.org/debian-lts-announce/2022/05/msg00020.htmlMailing List, Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5WBOLMANBYJILXQKRRK7OCR774PXJAYY/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HXKZLJYJJEC3TIBFLXUORRMZUKG5W676/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QIYZ4L6SLSYJQ446VJAO2VGAESURQNSP/
https://security.gentoo.org/glsa/202311-05
https://www.debian.org/security/2022/dsa-5157Third Party Advisory
http://wiki.robotz.com/index.php/Linux_CIFS_Utils_and_SambaThird Party Advisory
https://bugzilla.samba.org/show_bug.cgi?id=15025Issue Tracking, Permissions Required, Vendor Advisory
https://bugzilla.suse.com/show_bug.cgi?id=1197216Issue Tracking, Patch, Third Party Advisory
https://github.com/piastry/cifs-utils/pull/7Issue Tracking, Patch, Third Party Advisory
https://github.com/piastry/cifs-utils/pull/7/commits/955fb147e97a6a74e1aaa65766de91e2c1479765Patch, Third Party Advisory
https://lists.debian.org/debian-lts-announce/2022/05/msg00020.htmlMailing List, Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5WBOLMANBYJILXQKRRK7OCR774PXJAYY/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HXKZLJYJJEC3TIBFLXUORRMZUKG5W676/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QIYZ4L6SLSYJQ446VJAO2VGAESURQNSP/
https://security.gentoo.org/glsa/202311-05
https://www.debian.org/security/2022/dsa-5157Third Party Advisory

Timeline

Published: Apr 27, 2022
Last Modified: Jun 17, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2022-27239?

In cifs-utils through 6.14, a stack-based buffer overflow when parsing the mount.cifs ip= command-line argument could lead to local attackers gaining root privileges.

How severe is CVE-2022-27239?

CVE-2022-27239 has a CVSS score of 7.8/10 (HIGH severity). The EPSS model estimates a 0.56% probability of exploitation in the next 30 days.

How do I fix CVE-2022-27239?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2022-27239?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST