28 matches found
Ubuntu 20.04 LTS : Linux kernel (FIPS) vulnerabilities (USN-7585-3)
The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7585-3 advisory. It was discovered that the CIFS network file system implementation in the Linux kernel did not properly verify the target namespace when handling upcalls...
Amazon Linux 2023 : cifs-utils, cifs-utils-devel, cifs-utils-info (ALAS2023-2026-1597)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1597 advisory. A flaw was found in cifs-utils. When trying to obtain Kerberos credentials, the cifs.upcall program from the cifs-utils package makes an upcall to the wrong namespace in containerized environments. Thi...
USN-7653-1 linux-hwe-6.8 vulnerabilities
It was discovered that the CIFS network file system implementation in the Linux kernel did not properly verify the target namespace when handling upcalls. An attacker could use this to expose sensitive information. CVE-2025-2312 Several security issues were discovered in the Linux kernel. An...
USN-7585-7 linux-raspi, linux-raspi-5.4 vulnerabilities
It was discovered that the CIFS network file system implementation in the Linux kernel did not properly verify the target namespace when handling upcalls. An attacker could use this to expose sensitive information. CVE-2025-2312 Several security issues were discovered in the Linux kernel. An...
USN-7628-1 linux-azure, linux-azure-6.11 vulnerabilities
It was discovered that the CIFS network file system implementation in the Linux kernel did not properly verify the target namespace when handling upcalls. An attacker could use this to expose sensitive information. CVE-2025-2312 Several security issues were discovered in the Linux kernel. An...
USN-7605-2 linux-lowlatency, linux-lowlatency-hwe-6.11 vulnerabilities
It was discovered that the CIFS network file system implementation in the Linux kernel did not properly verify the target namespace when handling upcalls. An attacker could use this to expose sensitive information. CVE-2025-2312 Several security issues were discovered in the Linux kernel. An...
USN-7605-1 linux, linux-aws, linux-gcp, linux-gcp-6.11, linux-hwe-6.11, linux-oracle, linux-raspi, linux-realtime vulnerabilities
It was discovered that the CIFS network file system implementation in the Linux kernel did not properly verify the target namespace when handling upcalls. An attacker could use this to expose sensitive information. CVE-2025-2312 Several security issues were discovered in the Linux kernel. An...
USN-7602-1 linux-xilinx-zynqmp vulnerabilities
Michael Randrianantenaina discovered that the Bluetooth driver in the Linux Kernel contained an improper access control vulnerability. A nearby attacker could use this to connect a rougue device and possibly execute arbitrary code. CVE-2024-8805 It was discovered that the CIFS network file system...
USN-7585-3 linux-azure-fips, linux-fips vulnerabilities
It was discovered that the CIFS network file system implementation in the Linux kernel did not properly verify the target namespace when handling upcalls. An attacker could use this to expose sensitive information. CVE-2025-2312 Several security issues were discovered in the Linux kernel. An...
Mageia: Security Advisory (MGASA-2025-0176)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
MGASA-2025-0176 Updated cifs-utils packages fix security vulnerability
cifs.upcall makes an upcall to the wrong namespace in containerized environments. CVE-2025-2312...
SUSE: Security Advisory (SUSE-SU-2025:1381-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu: Security Advisory (USN-7536-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE Security Advisory (SUSE-SU-2025:1381-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : cifs-utils (SUSE-SU-2025:1381-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:1381-1 advisory. - CVE-2025-2312: Fixed cifs.upcall making an upcall to the wrong namespace in containerized environments...
Security update for cifs-utils
This update for cifs-utils fixes the following issues: CVE-2025-2312: Fixed cifs.upcall making an upcall to the wrong namespace in containerized environments while trying to get Kerberos credentials bsc1239680 Patch Instructions: To install this SUSE update use the SUSE recommended installation...
SUSE-SU-2025:1381-1 Security update for cifs-utils
This update for cifs-utils fixes the following issues: - CVE-2025-2312: Fixed cifs.upcall making an upcall to the wrong namespace in containerized environments while trying to get Kerberos credentials bsc1239680...
Azure Linux 3.0 Security Update: cifs-utils (CVE-2025-2312)
The version of cifs-utils installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-2312 advisory. - A flaw was found in cifs-utils. When trying to obtain Kerberos credentials, the cifs.upcall program from...
CVE-2025-2312 affecting package cifs-utils for versions less than 7.3-1
CVE-2025-2312 affecting package cifs-utils for versions less than 7.3-1. An upgraded version of the package is available that resolves this issue...
CBL Mariner 2.0 Security Update: cifs-utils (CVE-2025-2312)
The version of cifs-utils installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-2312 advisory. - A flaw was found in cifs-utils. When trying to obtain Kerberos credentials, the cifs.upcall program from...