CVE-2025-2312 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

A flaw was found in cifs-utils. When trying to obtain Kerberos credentials, the cifs.upcall program from the cifs-utils package makes an upcall to the wrong nam…
Medium CVSS: 5.9

CVE-2025-2312

A flaw was found in cifs-utils. When trying to obtain Kerberos credentials, the cifs.upcall program from the cifs-utils package makes an upcall to the wrong namespace in containerized environments. This issue may lead to disclosing sensitive data from the host's Kerberos credentials cache.
Vendor
-
Product
-
CWE
CWE-488
Yayın Tarihi
2025-03-25 18:15:34
Güncelleme
2025-03-27 16:45:46
Source Identifier
74b3a70d-cca6-4d34-9789-e83b222ae3be
KEV Date Added
-

Kategoriler

CWE-488 MEDIUM 2025

Referanslar

https://git.samba.org/?p=cifs-utils.git;a=commit;h=89b679228cc1be9739d54203d28289b03352c174 https://web.git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/fs/smb?id=db363b0a1d9e6b9dc556296f1b1007aeb496a8cf