A flaw was found in cifs-utils in versions before 6.13. A user when mounting a krb5 CIFS file system from within a container can use Kerberos credentials of the host. The highest threat from this vulnerability is to data confidentiality and integrity.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
History
10 Dec 2021, 19:52
Type | Values Removed | Values Added |
---|---|---|
References | (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z4BZSJXROEFHYATAAHHRR6P3HUSMPQB3/ - Mailing List, Third Party Advisory | |
References | (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2W4HSDIWXXNQBUW5ZS37RQMLJ7THK5AS/ - Mailing List, Third Party Advisory | |
References | (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/66WJ3SVBHCSNQZAWSGLB6FBOCFU45FFG/ - Mailing List, Third Party Advisory | |
CWE | CWE-269 | |
CPE | cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:* cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:* cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:* |
01 Oct 2021, 06:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
25 Sep 2021, 01:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
Information
Published : 2021-04-19 22:15
Updated : 2024-02-04 21:47
NVD link : CVE-2021-20208
Mitre link : CVE-2021-20208
CVE.ORG link : CVE-2021-20208
JSON object : View
Products Affected
redhat
- enterprise_linux
samba
- cifs-utils
fedoraproject
- fedora