Описание
A flaw was found in cifs-utils. When trying to obtain Kerberos credentials, the cifs.upcall program from the cifs-utils package makes an upcall to the wrong namespace in containerized environments. This issue may lead to disclosing sensitive data from the host's Kerberos credentials cache.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| cifs-utils | fixed | 2:7.2-1 | package | |
| cifs-utils | ignored | bookworm | package | |
| cifs-utils | not-affected | bullseye | package |
Примечания
https://bugzilla.redhat.com/show_bug.cgi?id=2352604
Depends on change on kernel: https://git.kernel.org/linus/db363b0a1d9e6b9dc556296f1b1007aeb496a8cf (6.13-rc1)
Fixed by: https://git.samba.org/?p=cifs-utils.git;a=commit;h=89b679228cc1be9739d54203d28289b03352c174 (7.2)
Documentation update: https://git.samba.org/?p=cifs-utils.git;a=commit;h=cf63240489431e98033e599a7c9437b59494a2e4 (7.2)
EPSS
Связанные уязвимости
A flaw was found in cifs-utils. When trying to obtain Kerberos credentials, the cifs.upcall program from the cifs-utils package makes an upcall to the wrong namespace in containerized environments. This issue may lead to disclosing sensitive data from the host's Kerberos credentials cache.
A flaw was found in cifs-utils. When trying to obtain Kerberos credentials, the cifs.upcall program from the cifs-utils package makes an upcall to the wrong namespace in containerized environments. This issue may lead to disclosing sensitive data from the host's Kerberos credentials cache.
A flaw was found in cifs-utils. When trying to obtain Kerberos credentials, the cifs.upcall program from the cifs-utils package makes an upcall to the wrong namespace in containerized environments. This issue may lead to disclosing sensitive data from the host's Kerberos credentials cache.
cifs.upcall makes an upcall to the wrong namespace in containerized environments
EPSS