VDB
DEBIAN-CVE-2025-2312
DEBIAN-CVE-2025-2312
PUBLISHED
CVSS 5.900000095367432 MEDIUM
A flaw was found in cifs-utils. When trying to obtain Kerberos credentials, the cifs.upcall program from the cifs-utils package makes an upcall to the wrong namespace in containerized environments. This issue may lead to disclosing sensitive data from the host's Kerberos credentials cache.
Risk Scores
CVSS 3.1
5.900000095367432
CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Debian:12 | cifs-utils | 7.4-1, *, 0 |
| Debian:13 | cifs-utils | 0, 0 |
| Debian:14 | cifs-utils | 0, 0 |
Timeline
- Mar 25, 2025 CVE Published
- Apr 28, 2026 CVE Updated