.
My Cloud OS 5 Firmware 5.22.113
WDC Tracking Number: WDC-22008
Published: May 18, 2022
Last Updated: May 18, 2022
Description
My Cloud OS 5 Firmware 5.22.113 includes updates to help improve the security of your My Cloud OS 5 devices.
To take advantage of the latest security fixes, Western Digital recommends that users promptly update their devices to the latest firmware by clicking on the firmware update notification.
Product Impact
Minimum Fix Version
Last Updated
My Cloud PR2100
5.22.113
May 18, 2022
My Cloud PR4100
5.22.113
May 18, 2022
My Cloud EX4100
5.22.113
May 18, 2022
My Cloud EX2 Ultra
5.22.113
May 18, 2022
My Cloud Mirror G2
5.22.113
May 18, 2022
My Cloud DL2100
5.22.113
May 18, 2022
My Cloud DL4100
5.22.113
May 18, 2022
My Cloud EX2100
5.22.113
May 18, 2022
My Cloud
5.22.113
May 18, 2022
WD Cloud
5.22.113
May 18, 2022
For more information on the latest security updates, see the release notes: https://os5releasenotes.mycloud.com/#/
Advisory Summary
A vulnerability in the Linux kernel’s cgroup_release_agent_write was addressed that could lead to escalation of privileges and bypass namespace isolation unexpectedly.
CVE Number: CVE-2022-0492
Addressed an integer overflow vulnerability in the GNU Multiple Arithmetic Library that could lead to a buffer overflow via crafted input.
CVE Number: CVE-2021-43618
Addressed an issue in OpenSSL that would make it possible to trigger an infinite loop by crafting a certificate that has invalid elliptic curve parameters. Since certificate parsing takes place before the certificate signature verification process, this could lead to a denial-of-service attack.
CVE Number: CVE-2022-0778