DEBIAN-CVE-2024-26822

DEBIAN-CVE-2024-26822 PUBLISHED CVSS 5.5 MEDIUM

In the Linux kernel, the following vulnerability has been resolved: smb: client: set correct id, uid and cruid for multiuser automounts When uid, gid and cruid are not specified, we need to dynamically set them into the filesystem context used for automounting otherwise they'll end up reusing the values from the parent mount.

Risk Scores

CVSS v3.1

5.5

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

Affected Products

Vendor	Product	Versions
Debian:13	linux	0, 0
Debian:14	linux	0, 0
Debian:11	linux-6.1	6.1.112-1~deb11u1, 6.1.119-1~deb11u1, 6.1.128-1~deb11u1
Debian:12	linux	6.1.99-1, 6.1.69-1, *

Timeline

Apr 17, 2024 CVE Published
Apr 28, 2026 CVE Updated

References

https://security-tracker.debian.org/tracker/CVE-2024-26822 advisory

Open in Interactive Console →