Lucene search
K

3201 matches found

Tenable Nessus
Tenable Nessus
added 2026/06/30 12:0 a.m.8 views

RHEL 10 : cifs-utils (RHSA-2026:32990)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:32990 advisory. The SMB/CIFS protocol is a standard file sharing protocol widely deployed on Microsoft Windows machines. The cifs-utils packages contain tools for...

7.8CVSS5.7AI score0.0012EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2026/06/29 11:15 p.m.5 views

cifs-utils: local privilege escalation via forged cifs.spnego key description in cifs.upcall

A flaw was found in the cifs-utils package where the cifs.upcall helper fails to securely drop its root privileges before looking up user information inside a user-controlled environment. A local, low privileged attacker can exploit this by using a crafted requestkey payload to trick the root-own...

7.8CVSS6AI score0.0012EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/06/29 11:15 p.m.5 views

Important: Red Hat Security Advisory: cifs-utils security update

An update for cifs-utils is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fr...

7.8CVSS5.6AI score0.0012EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/06/29 7:54 p.m.8 views

kernel: Linux kernel: smb: client: reject userspace cifs.spnego descriptions

A privilege escalation vulnerability was found in the Linux kernel's CIFS client implementation. This could allow a local attacker to impersonate other users, bypass authentication in SMB mount operations, and potentially gain unauthorized access to network file shares or escalate privileges...

7.8CVSS6.6AI score0.00353EPSS
Exploits4References7
RedHat Linux
RedHat Linux
added 2026/06/29 7:33 p.m.4 views

kernel: Linux kernel: smb: client: reject userspace cifs.spnego descriptions

A privilege escalation vulnerability was found in the Linux kernel's CIFS client implementation. This could allow a local attacker to impersonate other users, bypass authentication in SMB mount operations, and potentially gain unauthorized access to network file shares or escalate privileges...

7.8CVSS6.6AI score0.00353EPSS
Exploits4References7
Rockylinux
Rockylinux
added 2026/06/25 12:0 p.m.6 views

cifs-utils bug fix and enhancement update

An update is available for cifs-utils. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky Linux 8...

7.8CVSS7AI score0.00562EPSS
Exploits0
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.7 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: smb: client: fixed a memory leak in cifsconstructtcon When using a multiuser mount with domain= specified and cifscreds, cifssetcifscreds will set @ctx-domainname, so it needs to be freed before leaving cifsconstructtcon. This...

5.9AI score0.00173EPSS
Exploits0References2
Amazon
Amazon
added 2026/06/22 12:0 a.m.5 views

Important: kernel6.18

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: handle attrsetsize errors when truncating files CVE-2025-71289 In the Linux kernel, the following vulnerability has been resolved: smb: client: validate the whole DACL before rewriting it in cifsacl...

9.3CVSS6.3AI score0.00339EPSS
Exploits0
Amazon
Amazon
added 2026/06/22 12:0 a.m.8 views

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: smb: client: reject userspace cifs.spnego descriptions CVE-2026-46243 Affected Packages: kernel Note: This advisory is applicable to Amazon Linux 2 - Kernel-5.10 Extra. Visit this page to learn more about Amazon...

7.8CVSS5.7AI score0.00353EPSS
Exploits4
Amazon
Amazon
added 2026/06/22 12:0 a.m.8 views

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: smb: client: reject userspace cifs.spnego descriptions CVE-2026-46243 Affected Packages: kernel Note: This advisory is applicable to Amazon Linux 2 - Kernel-5.15 Extra. Visit this page to learn more about Amazon...

7.8CVSS5.7AI score0.00353EPSS
Exploits4
Tenable Nessus
Tenable Nessus
added 2026/06/20 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2026-12505

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the cifs-utils package where the cifs.upcall helper fails to securely drop its root privileges before looking up user information inside a...

7.8CVSS6AI score0.0012EPSS
Exploits0References4
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: cifs: fixed a small mempool leak in SMB2negotiate. In some cases of failures dialect mismatches in SMB2negotiate, after the request is sent, the checks would return -EIO. Instead, it should return rc = -EIO and then jump to negex...

5.5CVSS6.2AI score0.00149EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: cifs: A connection leak occurs when the tlink setup fails. If the tlink setup fails and connections are lost, then the refcnt leak occurs due to the cifsd kthread not exiting. Additionally, fscache information is also leaked...

5.5CVSS6.2AI score0.00167EPSS
Exploits0References2
OSV
OSV
added 2026/06/18 4:16 a.m.5 views

DEBIAN-CVE-2026-12505

A flaw was found in the cifs-utils package where the cifs.upcall helper fails to securely drop its root privileges before looking up user information inside a user-controlled environment. A local, low privileged attacker can exploit this by using a crafted requestkey payload to trick the root-own...

7.8CVSS6.1AI score0.0012EPSS
Exploits0References1
NVD
NVD
added 2026/06/18 4:16 a.m.18 views

CVE-2026-12505

A flaw was found in the cifs-utils package where the cifs.upcall helper fails to securely drop its root privileges before looking up user information inside a user-controlled environment. A local, low privileged attacker can exploit this by using a crafted requestkey payload to trick the root-own...

7.8CVSS0.0012EPSS
Exploits0References5
OSV
OSV
added 2026/06/18 4:16 a.m.5 views

UBUNTU-CVE-2026-12505

A flaw was found in the cifs-utils package where the cifs.upcall helper fails to securely drop its root privileges before looking up user information inside a user-controlled environment. A local, low privileged attacker can exploit this by using a crafted requestkey payload to trick the root-own...

7.8CVSS6.1AI score0.0012EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/06/18 3:34 a.m.9 views

CVE-2026-12505

A flaw was found in the cifs-utils package where the cifs.upcall helper fails to securely drop its root privileges before looking up user information inside a user-controlled environment. A local, low privileged attacker can exploit this by using a crafted requestkey payload to trick the root-own...

7.8CVSS6AI score0.0012EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2026/06/18 3:34 a.m.7 views

CVE-2026-12505

A flaw was found in the cifs-utils package where the cifs.upcall helper fails to securely drop its root privileges before looking up user information inside a user-controlled environment. A local, low privileged attacker can exploit this by using a crafted requestkey payload to trick the root-own...

7.8CVSS6.1AI score0.0012EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2026/06/18 3:34 a.m.12 views

CVE-2026-12505 Cifs-utils: local privilege escalation via forged cifs.spnego key description in cifs.upcall

A flaw was found in the cifs-utils package where the cifs.upcall helper fails to securely drop its root privileges before looking up user information inside a user-controlled environment. A local, low privileged attacker can exploit this by using a crafted requestkey payload to trick the root-own...

7.8CVSS5.8AI score0.0012EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/18 3:34 a.m.15 views

EUVD-2026-37834

A flaw was found in the cifs-utils package where the cifs.upcall helper fails to securely drop its root privileges before looking up user information inside a user-controlled environment. A local, low privileged attacker can exploit this by using a crafted requestkey payload to trick the root-own...

7.8CVSS5.8AI score0.0012EPSS
Exploits0References3
Rows per page
Query Builder