CVE-2025-2312

CVE-2025-2312

Name

CVE-2025-2312

Description

A flaw was found in cifs-utils. When trying to obtain Kerberos credentials, the cifs.upcall program from the cifs-utils package makes an upcall to the wrong namespace in containerized environments. This issue may lead to disclosing sensitive data from the host's Kerberos credentials cache.

NVD Severity

medium

Other trackers

CVE, NVD, CERT, CVE Details, CIRCL, Arch Linux, Debian, Red Hat, Ubuntu, Gentoo, SUSE (Bugzilla), SUSE (CVE), Mageia

Mailing lists

oss-security, full-disclosure, bugtraq

Exploits

Exploit DB, Metasploit

Forges

GitHub (code, issues), Aports (code, issues)

Type	URI
patch	https://git.samba.org/?p=cifs-utils.git;a=commit;h=89b679228cc1be9739d54203d28289b03352c174
patch	https://web.git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/fs/smb?id=db363b0a1d9e6b9dc556296f1b1007aeb496a8cf

Type

URI

patch

https://git.samba.org/?p=cifs-utils.git;a=commit;h=89b679228cc1be9739d54203d28289b03352c174

patch

https://web.git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/fs/smb?id=db363b0a1d9e6b9dc556296f1b1007aeb496a8cf

CPE URI	Source package	Min version	Max version
	cifs-utils	>= 0	< 7.2

CPE URI

Source package

Min version

Max version

cifs-utils

>= 0

< 7.2

Vulnerable and fixed packages

Source package	Branch	Version	Maintainer	Status
cifs-utils	edge-main	7.1-r0	Francesco Colista <fcolista@alpinelinux.org>	possibly vulnerable
cifs-utils	edge-main	6.15-r0	Francesco Colista <fcolista@alpinelinux.org>	possibly vulnerable
cifs-utils	edge-main	6.13-r0	Francesco Colista <fcolista@alpinelinux.org>	possibly vulnerable
cifs-utils	edge-main	6.11-r0	None	possibly vulnerable
cifs-utils	3.22-main	6.15-r0	None	possibly vulnerable
cifs-utils	3.22-main	6.13-r0	None	possibly vulnerable
cifs-utils	3.21-main	7.1-r0	Francesco Colista <fcolista@alpinelinux.org>	possibly vulnerable
cifs-utils	3.21-main	6.15-r0	None	possibly vulnerable
cifs-utils	3.21-main	6.13-r0	None	possibly vulnerable
cifs-utils	3.20-main	7.0-r4	Francesco Colista <fcolista@alpinelinux.org>	possibly vulnerable
cifs-utils	3.20-main	6.15-r0	None	possibly vulnerable
cifs-utils	3.20-main	6.13-r0	None	possibly vulnerable
cifs-utils	3.19-main	7.0-r2	Francesco Colista <fcolista@alpinelinux.org>	possibly vulnerable
cifs-utils	3.19-main	6.15-r0	None	possibly vulnerable
cifs-utils	3.19-main	6.13-r0	None	possibly vulnerable

Source package

Branch

Version

Maintainer

Status

References

Match rules

Vulnerable and fixed packages