Search CVE reports

Toggle filters

1 – 10 of 10 results

CVE-2025-2312

Medium priority

Some fixes available 5 of 137

A flaw was found in cifs-utils. When trying to obtain Kerberos credentials, the cifs.upcall program from the cifs-utils package makes an upcall to the wrong namespace in containerized environments. This issue may lead...

142 affected packages

cifs-utils, linux, linux-allwinner, linux-allwinner-5.19, linux-aws...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
cifs-utils Vulnerable Vulnerable Vulnerable Vulnerable Vulnerable
linux Vulnerable Vulnerable Vulnerable Ignored Ignored
linux-allwinner Not in release Not in release Not in release Not in release Not in release
linux-allwinner-5.19 Not in release Ignored Not in release Not in release Not in release
linux-aws Vulnerable Vulnerable Vulnerable Ignored Ignored
linux-aws-5.0 Not in release Not in release Not in release Ignored Not in release
linux-aws-5.11 Not in release Not in release Ignored Not in release Not in release
linux-aws-5.13 Not in release Not in release Ignored Not in release Not in release
linux-aws-5.15 Not in release Not in release Vulnerable Not in release Not in release
linux-aws-5.19 Not in release Ignored Not in release Not in release Not in release
linux-aws-5.3 Not in release Not in release Not in release Ignored Not in release
linux-aws-5.4 Not in release Not in release Not in release Ignored Not in release
linux-aws-5.8 Not in release Not in release Ignored Not in release Not in release
linux-aws-6.2 Not in release Ignored Not in release Not in release Not in release
linux-aws-6.5 Not in release Ignored Not in release Not in release Not in release
linux-aws-6.8 Not in release Vulnerable Not in release Not in release Not in release
linux-aws-fips Not in release Vulnerable Vulnerable Vulnerable Not in release
linux-aws-hwe Not in release Not in release Not in release Not in release Ignored
linux-azure Fixed Fixed Vulnerable Ignored Ignored
linux-azure-4.15 Not in release Not in release Not in release Ignored Not in release
linux-azure-5.11 Ignored Not in release Not in release
linux-azure-5.13 Not in release Not in release Ignored Not in release Not in release
linux-azure-5.15 Not in release Not in release Fixed Not in release Not in release
linux-azure-5.19 Not in release Ignored Not in release Not in release Not in release
linux-azure-5.3 Not in release Not in release Not in release Ignored Not in release
linux-azure-5.4 Not in release Not in release Not in release Ignored Not in release
linux-azure-5.8 Not in release Not in release Ignored Not in release Not in release
linux-azure-6.11 Vulnerable Not in release Not in release Not in release Not in release
linux-azure-6.2 Not in release Ignored Not in release Not in release Not in release
linux-azure-6.5 Not in release Ignored Not in release Not in release Not in release
linux-azure-6.8 Not in release Fixed Not in release Not in release Not in release
linux-azure-edge Not in release Not in release Not in release Ignored Not in release
linux-azure-fde Not in release Needs evaluation Ignored Not in release Not in release
linux-azure-fde-5.15 Not in release Not in release Needs evaluation Not in release Not in release
linux-azure-fde-5.19 Not in release Ignored Not in release Not in release Not in release
linux-azure-fde-6.2 Not in release Ignored Not in release Not in release Not in release
linux-azure-fips Not in release Fixed Vulnerable Vulnerable Not in release
linux-azure-nvidia Vulnerable Not in release Not in release Not in release Not in release
linux-bluefield Not in release Not in release Vulnerable Not in release Not in release
linux-dell300x Not in release Not in release Not in release Ignored Not in release
linux-fips Not in release Vulnerable Vulnerable Vulnerable Vulnerable
linux-gcp Vulnerable Vulnerable Vulnerable Ignored Ignored
linux-gcp-4.15 Not in release Not in release Not in release Ignored Not in release
linux-gcp-5.11 Not in release Not in release Ignored Not in release Not in release
linux-gcp-5.13 Not in release Not in release Ignored Not in release Not in release
linux-gcp-5.15 Not in release Not in release Vulnerable Not in release Not in release
linux-gcp-5.19 Not in release Ignored Not in release Not in release Not in release
linux-gcp-5.3 Not in release Not in release Not in release Ignored Not in release
linux-gcp-5.4 Not in release Not in release Not in release Ignored Not in release
linux-gcp-5.8 Not in release Not in release Ignored Not in release Not in release
linux-gcp-6.2 Not in release Ignored Not in release Not in release Not in release
linux-gcp-6.5 Not in release Ignored Not in release Not in release Not in release
linux-gcp-6.8 Not in release Vulnerable Not in release Not in release Not in release
linux-gcp-fips Not in release Vulnerable Vulnerable Vulnerable Not in release
linux-gke Vulnerable Vulnerable Ignored Not in release Ignored
linux-gke-4.15 Not in release Not in release Not in release Ignored Not in release
linux-gke-5.0 Not in release Not in release Not in release Ignored Not in release
linux-gke-5.15 Not in release Not in release Ignored Not in release Not in release
linux-gke-5.3 Not in release Not in release Not in release Ignored Not in release
linux-gke-5.4 Not in release Not in release Not in release Ignored Not in release
linux-gkeop Vulnerable Vulnerable Ignored Not in release Not in release
linux-gkeop-5.15 Not in release Not in release Ignored Not in release Not in release
linux-gkeop-5.4 Not in release Not in release Not in release Ignored Not in release
linux-hwe Not in release Not in release Not in release Ignored Ignored
linux-hwe-5.11 Not in release Not in release Ignored Not in release Not in release
linux-hwe-5.13 Not in release Not in release Ignored Not in release Not in release
linux-hwe-5.15 Not in release Not in release Vulnerable Not in release Not in release
linux-hwe-5.19 Not in release Ignored Not in release Not in release Not in release
linux-hwe-5.4 Not in release Not in release Not in release Ignored Not in release
linux-hwe-5.8 Not in release Not in release Ignored Not in release Not in release
linux-hwe-6.11 Vulnerable Not in release Not in release Not in release Not in release
linux-hwe-6.2 Not in release Ignored Not in release Not in release Not in release
linux-hwe-6.5 Not in release Ignored Not in release Not in release Not in release
linux-hwe-6.8 Not in release Vulnerable Not in release Not in release Not in release
linux-hwe-edge Not in release Not in release Not in release Ignored Ignored
linux-ibm Vulnerable Vulnerable Vulnerable Not in release Not in release
linux-ibm-5.15 Not in release Not in release Vulnerable Not in release Not in release
linux-ibm-5.4 Not in release Not in release Not in release Ignored Not in release
linux-intel Vulnerable Not in release Not in release Not in release Not in release
linux-intel-5.13 Not in release Not in release Ignored Not in release Not in release
linux-intel-iot-realtime Not in release Vulnerable Not in release Not in release Not in release
linux-intel-iotg Not in release Vulnerable Not in release Not in release Not in release
linux-intel-iotg-5.15 Not in release Not in release Vulnerable Not in release Not in release
linux-iot Not in release Not in release Vulnerable Not in release Not in release
linux-kvm Not in release Vulnerable Vulnerable Ignored Ignored
linux-laptop Not in release Not in release Not in release Not in release Not in release
linux-lowlatency Vulnerable Vulnerable Not in release Not in release Not in release
linux-lowlatency-hwe-5.15 Not in release Not in release Vulnerable Not in release Not in release
linux-lowlatency-hwe-5.19 Not in release Ignored Not in release Not in release Not in release
linux-lowlatency-hwe-6.11 Vulnerable Not in release Not in release Not in release Not in release
linux-lowlatency-hwe-6.2 Not in release Ignored Not in release Not in release Not in release
linux-lowlatency-hwe-6.5 Not in release Ignored Not in release Not in release Not in release
linux-lowlatency-hwe-6.8 Not in release Vulnerable Not in release Not in release Not in release
linux-lts-xenial Not in release Not in release Not in release Not in release Not in release
linux-nvidia Vulnerable Vulnerable Not in release Not in release Not in release
linux-nvidia-6.2 Not in release Ignored Not in release Not in release Not in release
linux-nvidia-6.5 Not in release Ignored Not in release Not in release Not in release
linux-nvidia-6.8 Not in release Vulnerable Not in release Not in release Not in release
linux-nvidia-lowlatency Vulnerable Not in release Not in release Not in release Not in release
linux-nvidia-tegra Vulnerable Vulnerable Not in release Not in release Not in release
linux-nvidia-tegra-igx Not in release Vulnerable Not in release Not in release Not in release
linux-oem Not in release Not in release Not in release Ignored Ignored
linux-oem-5.10 Not in release Not in release Ignored Not in release Not in release
linux-oem-5.13 Not in release Not in release Ignored Not in release Not in release
linux-oem-5.14 Not in release Not in release Ignored Not in release Not in release
linux-oem-5.17 Not in release Ignored Not in release Not in release Not in release
linux-oem-5.6 Not in release Not in release Ignored Not in release Not in release
linux-oem-6.0 Not in release Ignored Not in release Not in release Not in release
linux-oem-6.1 Not in release Ignored Not in release Not in release Not in release
linux-oem-6.11 Vulnerable Not in release Not in release Not in release Not in release
linux-oem-6.5 Not in release Ignored Not in release Not in release Not in release
linux-oem-6.8 Vulnerable Not in release Not in release Not in release Not in release
linux-oem-osp1 Not in release Not in release Not in release Ignored Not in release
linux-oracle Vulnerable Vulnerable Vulnerable Ignored Ignored
linux-oracle-5.0 Not in release Not in release Not in release Ignored Not in release
linux-oracle-5.11 Not in release Not in release Ignored Not in release Not in release
linux-oracle-5.13 Not in release Not in release Ignored Not in release Not in release
linux-oracle-5.15 Not in release Not in release Vulnerable Not in release Not in release
linux-oracle-5.3 Not in release Not in release Not in release Ignored Not in release
linux-oracle-5.4 Not in release Not in release Not in release Ignored Not in release
linux-oracle-5.8 Not in release Not in release Ignored Not in release Not in release
linux-oracle-6.5 Not in release Ignored Not in release Not in release Not in release
linux-oracle-6.8 Not in release Vulnerable Not in release Not in release Not in release
linux-raspi Vulnerable Vulnerable Vulnerable Not in release Not in release
linux-raspi-5.4 Not in release Not in release Not in release Ignored Not in release
linux-raspi-realtime Vulnerable Not in release Not in release Not in release Not in release
linux-raspi2 Not in release Not in release Ignored Ignored Ignored
linux-raspi2-5.3 Not in release Not in release Not in release Ignored Not in release
linux-realtime Vulnerable Vulnerable Not in release Not in release Not in release
linux-riscv Vulnerable Ignored Ignored Not in release Not in release
linux-riscv-5.11 Not in release Not in release Ignored Not in release Not in release
linux-riscv-5.15 Not in release Not in release Vulnerable Not in release Not in release
linux-riscv-5.19 Not in release Ignored Not in release Not in release Not in release
linux-riscv-5.8 Not in release Not in release Ignored Not in release Not in release
linux-riscv-6.5 Not in release Ignored Not in release Not in release Not in release
linux-riscv-6.8 Not in release Vulnerable Not in release Not in release Not in release
linux-snapdragon Not in release Not in release Not in release Ignored Ignored
linux-starfive Not in release Not in release Not in release Not in release Not in release
linux-starfive-5.19 Not in release Ignored Not in release Not in release Not in release
linux-starfive-6.2 Not in release Ignored Not in release Not in release Not in release
linux-starfive-6.5 Not in release Ignored Not in release Not in release Not in release
linux-xilinx-zynqmp Not in release Vulnerable Vulnerable Not in release Not in release
Show all 142 packages Show less packages

CVE-2022-29869

Medium priority

Some fixes available 4 of 6

cifs-utils through 6.14, with verbose logging, can cause an information leak when a file contains = (equal sign) characters but is not a valid credentials file.

1 affected package

cifs-utils

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
cifs-utils Not affected Fixed Fixed Fixed Vulnerable
Show less packages

CVE-2022-27239

Medium priority

Some fixes available 4 of 6

In cifs-utils through 6.14, a stack-based buffer overflow when parsing the mount.cifs ip= command-line argument could lead to local attackers gaining root privileges.

1 affected package

cifs-utils

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
cifs-utils Not affected Fixed Fixed Fixed Vulnerable
Show less packages

CVE-2021-20208

Low priority

Some fixes available 2 of 6

A flaw was found in cifs-utils in versions before 6.13. A user when mounting a krb5 CIFS file system from within a container can use Kerberos credentials of the host. The highest threat from this vulnerability is to data...

1 affected package

cifs-utils

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
cifs-utils Not affected Not affected Fixed Fixed Vulnerable
Show less packages

CVE-2020-14342

Low priority

Some fixes available 11 of 13

It was found that cifs-utils' mount.cifs was invoking a shell when requesting the Samba password, which could be used to inject arbitrary commands. An attacker able to invoke mount.cifs with special permission, such as via sudo...

1 affected package

cifs-utils

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
cifs-utils Fixed Fixed Fixed Fixed Vulnerable
Show less packages

CVE-2014-2830

Medium priority
Ignored

Stack-based buffer overflow in cifskey.c or cifscreds.c in cifs-utils before 6.4, as used in pam_cifscreds, allows remote attackers to have unspecified impact via unknown vectors.

1 affected package

cifs-utils

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
cifs-utils Not affected
Show less packages

CVE-2012-1586

Low priority
Ignored

mount.cifs in cifs-utils 2.6 allows local users to determine the existence of arbitrary files or directories via the file path in the second argument, which reveals their existence in an error message.

1 affected package

cifs-utils

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
cifs-utils Not affected Not affected Not affected
Show less packages

CVE-2011-3585

Medium priority
Fixed

Multiple race conditions in the (1) mount.cifs and (2) umount.cifs programs in Samba 3.6 allow local users to cause a denial of service (mounting outage) via a SIGKILL signal during a time window when the /etc/mtab~ file exists.

2 affected packages

cifs-utils, samba

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
cifs-utils
samba
Show less packages

CVE-2011-2724

Medium priority

Some fixes available 3 of 5

The check_mtab function in client/mount.cifs.c in mount.cifs in smbfs in Samba 3.5.10 and earlier does not properly verify that the (1) device name and (2) mountpoint strings are composed of valid characters, which allows local...

2 affected packages

cifs-utils, samba

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
cifs-utils
samba
Show less packages

CVE-2011-1678

Medium priority

Some fixes available 4 of 6

smbfs in Samba 3.5.8 and earlier attempts to use (1) mount.cifs to append to the /etc/mtab file and (2) umount.cifs to append to the /etc/mtab.tmp file without first checking whether resource limits would interfere, which allows...

2 affected packages

cifs-utils, samba

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
cifs-utils
samba
Show less packages