WDC Tracking Number: WDC-22008
Published: May 18, 2022
Last Updated: May 18, 2022
My Cloud OS 5 Firmware 5.22.113 includes updates to help improve the security of your My Cloud OS 5 devices.
For more information on the latest security updates, see the release notes: https://os5releasenotes.mycloud.com/#/
A vulnerability in the Linux kernel’s cgroup_release_agent_write was addressed that could lead to escalation of privileges and bypass namespace isolation unexpectedly.
CVE Number: CVE-2022-0492
Addressed an integer overflow vulnerability in the GNU Multiple Arithmetic Library that could lead to a buffer overflow via crafted input.
CVE Number: CVE-2021-43618
Addressed an issue in OpenSSL that would make it possible to trigger an infinite loop by crafting a certificate that has invalid elliptic curve parameters. Since certificate parsing takes place before the certificate signature verification process, this could lead to a denial-of-service attack.
CVE Number: CVE-2022-0778