CVE-2024-26822
smb: client: set correct id, uid and cruid for multiuser automounts
Vexday Risk Score
3Baixo
Decisão SSVC (CISA)
Track
Sem sinal de exploração → monitorar
CVSS —EPSS 0.2%KEV nãoPoC —Nuclei —Metasploit —Patch —
Ciclo de vida
17 abr 2024Publicada no NVD
Recomendação: Monitorar — sem sinal de exploração no momento.
In the Linux kernel, the following vulnerability has been resolved:
smb: client: set correct id, uid and cruid for multiuser automounts
When uid, gid and cruid are not specified, we need to dynamically
set them into the filesystem context used for automounting otherwise
they'll end up reusing the values from the parent mount.
Produtos afetados
Linux · LinuxReferências
https://git.kernel.org/stable/c/2ceba8ae1bd1f5589548cb722a5c583ca3a2dedehttps://git.kernel.org/stable/c/4508ec17357094e2075f334948393ddedbb75157https://git.kernel.org/stable/c/4a6e4c56721a3e6e2550b72ec56aab306c4607a7https://git.kernel.org/stable/c/7590ba9057c6d74c66f3b909a383ec47cd2f27fbhttps://git.kernel.org/stable/c/c2aa2718cda2d56b4a551cb40043e9abc9684626