Your submission was sent successfully! Close

Thank you for contacting us. A member of our team will be in touch shortly. Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

Search CVE reports


Toggle filters

1 – 9 of 9 results


CVE-2022-29869

Medium priority

Some fixes available 4 of 6

cifs-utils through 6.14, with verbose logging, can cause an information leak when a file contains = (equal sign) characters but is not a valid credentials file.

1 affected packages

cifs-utils

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
cifs-utils Not affected Fixed Fixed Fixed Vulnerable
Show less packages

CVE-2022-27239

Medium priority

Some fixes available 4 of 6

In cifs-utils through 6.14, a stack-based buffer overflow when parsing the mount.cifs ip= command-line argument could lead to local attackers gaining root privileges.

1 affected packages

cifs-utils

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
cifs-utils Not affected Fixed Fixed Fixed Vulnerable
Show less packages

CVE-2021-20208

Low priority

Some fixes available 2 of 6

A flaw was found in cifs-utils in versions before 6.13. A user when mounting a krb5 CIFS file system from within a container can use Kerberos credentials of the host. The highest threat from this vulnerability is to data...

1 affected packages

cifs-utils

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
cifs-utils Not affected Not affected Fixed Fixed Vulnerable
Show less packages

CVE-2020-14342

Low priority

Some fixes available 11 of 13

It was found that cifs-utils' mount.cifs was invoking a shell when requesting the Samba password, which could be used to inject arbitrary commands. An attacker able to invoke mount.cifs with special permission, such as via sudo...

1 affected packages

cifs-utils

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
cifs-utils Fixed Fixed Fixed Fixed Vulnerable
Show less packages

CVE-2014-2830

Medium priority
Ignored

Stack-based buffer overflow in cifskey.c or cifscreds.c in cifs-utils before 6.4, as used in pam_cifscreds, allows remote attackers to have unspecified impact via unknown vectors.

1 affected packages

cifs-utils

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
cifs-utils Not affected
Show less packages

CVE-2012-1586

Low priority
Ignored

mount.cifs in cifs-utils 2.6 allows local users to determine the existence of arbitrary files or directories via the file path in the second argument, which reveals their existence in an error message.

1 affected packages

cifs-utils

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
cifs-utils Not affected Not affected Not affected
Show less packages

CVE-2011-3585

Medium priority
Fixed

Multiple race conditions in the (1) mount.cifs and (2) umount.cifs programs in Samba 3.6 allow local users to cause a denial of service (mounting outage) via a SIGKILL signal during a time window when the /etc/mtab~ file exists.

2 affected packages

cifs-utils, samba

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
cifs-utils
samba
Show less packages

CVE-2011-2724

Medium priority

Some fixes available 3 of 5

The check_mtab function in client/mount.cifs.c in mount.cifs in smbfs in Samba 3.5.10 and earlier does not properly verify that the (1) device name and (2) mountpoint strings are composed of valid characters, which allows local...

2 affected packages

cifs-utils, samba

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
cifs-utils
samba
Show less packages

CVE-2011-1678

Medium priority

Some fixes available 4 of 6

smbfs in Samba 3.5.8 and earlier attempts to use (1) mount.cifs to append to the /etc/mtab file and (2) umount.cifs to append to the /etc/mtab.tmp file without first checking whether resource limits would interfere, which allows...

2 affected packages

cifs-utils, samba

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
cifs-utils
samba
Show less packages