Suse Enterprise Storage vulnerabilities

CVE-2022-27239 [HIGH] CWE-787 CVE-2022-27239: In cifs-utils through 6.14, a stack-based buffer overflow when parsing the mount.cifs ip= command-li In cifs-utils through 6.14, a stack-based buffer overflow when parsing the mount.cifs ip= command-line argument could lead to local attackers gaining root privileges.

CVE-2021-4034 [HIGH] CWE-787 CVE-2021-4034: A local privilege escalation vulnerability was found on polkit's pkexec utility. The pkexec applicat A local privilege escalation vulnerability was found on polkit's pkexec utility. The pkexec application is a setuid tool designed to allow unprivileged users to run commands as privileged users according predefined policies. The current version of pkexec doesn't handle the calling parameters count correctly and ends trying to execute environment variabl