441 matches found
RHSA-2026:39576 Red Hat Security Advisory: cifs-utils security, bug fix, and enhancement update
Bulletin has no description...
RHSA-2026:39575 Red Hat Security Advisory: cifs-utils security, bug fix, and enhancement update
Bulletin has no description...
ALSA-2026:39575 Important: cifs-utils security, bug fix, and enhancement update
The SMB/CIFS protocol is a standard file sharing protocol widely deployed on Microsoft Windows machines. The cifs-utils packages contain tools for mounting shares on Linux using the SMB/CIFS protocol. The tools in this package work in conjunction with support in the kernel to allow one to mount a...
USN-8496-3: cifs-utils vulnerability
USN-8496-1 fixed vulnerabilities in cifs-utils. The update caused a regression and was backed out in USN-8496-2. This update reintroduces the security fix, along with a fix for the regression. Original advisory details: It was discovered that cifs-utils incorrectly dropped root privileges before...
Low: cifs-utils
Issue Overview: No CVE associated with this advisory Affected Packages: cifs-utils Issue Correction: Run dnf update cifs-utils --releasever 2023.12.20260706 or dnf update --advisory ALAS2023-2026-1927 --releasever 2023.12.20260706 to update your system. More information on how to update your syst...
USN-8496-2: cifs-utils regression
USN-8496-1 fixed a vulnerability in cifs-utils. Unfortunately, the fix introduced a regression with Kerberos mounts. This update reverts the security update until a complete fix is available. We apologize for the inconvenience. Original advisory details: It was discovered that cifs-utils...
Ubuntu 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS : cifs-utils vulnerability (USN-8496-1)
The remote Ubuntu 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-8496-1 advisory. It was discovered that cifs-utils incorrectly dropped root privileges before looking up user information. A local attacker could...
USN-8496-1: cifs-utils vulnerability
It was discovered that cifs-utils incorrectly dropped root privileges before looking up user information. A local attacker could possibly use this issue to execute arbitrary code as the root user...
USN-8496-1 cifs-utils vulnerability
It was discovered that cifs-utils incorrectly dropped root privileges before looking up user information. A local attacker could possibly use this issue to execute arbitrary code as the root user...
Azure Linux 3.0 Security Update: CBL-Mariner Releases (CVE-2026-12505)
The version of CBL-Mariner Releases installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2026-12505 advisory. - A flaw was found in the cifs-utils package where the cifs.upcall helper fails to securely drop...
SUSE SLES12 Security Update : cifs-utils (SUSE-SU-2026:2700-1)
The remote SUSE Linux SLES12 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2026:2700-1 advisory. This update for cifs-utils fixes the following issue - CVE-2026-12505: cifs.upcall local privilege escalation via requestkey-controlled namespace switc...
CVE-2026-12505 affecting package cifs-utils for versions less than 7.6-1
CVE-2026-12505 affecting package cifs-utils for versions less than 7.6-1. An upgraded version of the package is available that resolves this issue...
SUSE-SU-2026:2699-1 Security update for cifs-utils
This update for cifs-utils fixes the following issue - CVE-2026-12505: cifs.upcall local privilege escalation via requestkey-controlled namespace switch and NSS loading bsc1267389...
RHEL 10 : cifs-utils (RHSA-2026:32990)
The remote Redhat Enterprise Linux 10 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:32990 advisory. The SMB/CIFS protocol is a standard file sharing protocol widely deployed on Microsoft Windows machines. The cifs-utils packages contain tools for...
cifs-utils: local privilege escalation via forged cifs.spnego key description in cifs.upcall
A flaw was found in the cifs-utils package where the cifs.upcall helper fails to securely drop its root privileges before looking up user information inside a user-controlled environment. A local, low privileged attacker can exploit this by using a crafted requestkey payload to trick the root-own...
Important: Red Hat Security Advisory: cifs-utils security update
An update for cifs-utils is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fr...
DEBIAN-CVE-2026-12505
A flaw was found in the cifs-utils package where the cifs.upcall helper fails to securely drop its root privileges before looking up user information inside a user-controlled environment. A local, low privileged attacker can exploit this by using a crafted requestkey payload to trick the root-own...
CVE-2026-12505
A flaw was found in the cifs-utils package where the cifs.upcall helper fails to securely drop its root privileges before looking up user information inside a user-controlled environment. A local, low privileged attacker can exploit this by using a crafted requestkey payload to trick the root-own...
CVE-2026-12505 Cifs-utils: local privilege escalation via forged cifs.spnego key description in cifs.upcall
A flaw was found in the cifs-utils package where the cifs.upcall helper fails to securely drop its root privileges before looking up user information inside a user-controlled environment. A local, low privileged attacker can exploit this by using a crafted requestkey payload to trick the root-own...
CVE-2026-12505 Cifs-utils: local privilege escalation via forged cifs.spnego key description in cifs.upcall
A flaw was found in the cifs-utils package where the cifs.upcall helper fails to securely drop its root privileges before looking up user information inside a user-controlled environment. A local, low privileged attacker can exploit this by using a crafted requestkey payload to trick the root-own...