425 matches found
RHEL 10 : cifs-utils (RHSA-2026:32990)
The remote Redhat Enterprise Linux 10 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:32990 advisory. The SMB/CIFS protocol is a standard file sharing protocol widely deployed on Microsoft Windows machines. The cifs-utils packages contain tools for...
CVE-2026-12505
A flaw was found in the cifs-utils package where the cifs.upcall helper fails to securely drop its root privileges before looking up user information inside a user-controlled environment. A local, low privileged attacker can exploit this by using a crafted requestkey payload to trick the root-own...
CVE-2026-12505 Cifs-utils: local privilege escalation via forged cifs.spnego key description in cifs.upcall
A flaw was found in the cifs-utils package where the cifs.upcall helper fails to securely drop its root privileges before looking up user information inside a user-controlled environment. A local, low privileged attacker can exploit this by using a crafted requestkey payload to trick the root-own...
CVE-2026-12505 Cifs-utils: local privilege escalation via forged cifs.spnego key description in cifs.upcall
A flaw was found in the cifs-utils package where the cifs.upcall helper fails to securely drop its root privileges before looking up user information inside a user-controlled environment. A local, low privileged attacker can exploit this by using a crafted requestkey payload to trick the root-own...
EUVD-2026-37834
A flaw was found in the cifs-utils package where the cifs.upcall helper fails to securely drop its root privileges before looking up user information inside a user-controlled environment. A local, low privileged attacker can exploit this by using a crafted requestkey payload to trick the root-own...
CVE-2026-12505
CVE-2026-12505 concerns the cifs-utils package. The issue: the root-owned cifs.upcall fails to securely drop root privileges before consulting user information, allowing a local, low-privilege attacker to craft a request_key payload that causes the process to enter a controlled environment with a...
Important Photon OS Security Update - PHSA-2025-5.0-0691
Updates of 'linux-esx', 'linux', 'cifs-utils' packages of Photon OS have been released...
EUVD-2014-2855
Malware in sbrugna...
EUVD-2020-6487
Malware in sbrugna...
EUVD-2025-15114
Malicious code in bioql PyPI...
EUVD-2021-7651
Malicious code in bioql PyPI...
EUVD-2022-31748
Malicious code in bioql PyPI...
EUVD-2022-34181
Malicious code in bioql PyPI...
ROS-20250829-01
A vulnerability in the mount.cifs.c component of the CIFS network file system mount utility package cifs-utils of the Linux operating system is related to writing beyond buffer boundaries in memory. Exploitation exploitation of the vulnerability could allow an attacker to escalate his privileges...
USN-7688-1: cifs-utils vulnerabilities
Aurélien Aptel discovered that cifs-utils invoked a shell when requesting a password. In certain environments, a local attacker could possibly use this issue to escalate privileges. CVE-2020-14342 It was discovered that cifs-utils incorrectly used host credentials when mounting a krb5 CIFS file...
Linux Distros Unpatched Vulnerability : CVE-2025-2312
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in cifs-utils. When trying to obtain Kerberos credentials, the cifs.upcall program from the cifs-utils package makes an upcall to the wrong...
Ubuntu: Security Advisory (USN-7536-2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-7536-2: cifs-utils regression
USN-7536-1 fixed vulnerabilities in cifs-utils. This update introduced a regression in certain environments. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that cifs-utils incorrectly handled namespaces when obtaining Kerberos...
USN-7536-2 cifs-utils regression
USN-7536-1 fixed vulnerabilities in cifs-utils. This update introduced a regression in certain environments. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that cifs-utils incorrectly handled namespaces when obtaining Kerberos...
Mageia: Security Advisory (MGASA-2025-0176)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...