ALT-PU-2021-2827-1
Package cifs-utils updated to version 6.13-alt3 for branch p10 in task 285065.
Closed vulnerabilities
Published: 2021-04-20
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2021-20208
A flaw was found in cifs-utils in versions before 6.13. A user when mounting a krb5 CIFS file system from within a container can use Kerberos credentials of the host. The highest threat from this vulnerability is to data confidentiality and integrity.
Severity: MEDIUM (6.1)
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:H/A:N
References:
- https://bugzilla.redhat.com/show_bug.cgi?id=1921116
- https://bugzilla.redhat.com/show_bug.cgi?id=1921116
- https://bugzilla.samba.org/show_bug.cgi?id=14651
- https://bugzilla.samba.org/show_bug.cgi?id=14651
- FEDORA-2021-c87ed13391
- FEDORA-2021-c87ed13391
- FEDORA-2021-b1bb3d3b20
- FEDORA-2021-b1bb3d3b20
- FEDORA-2021-d54e02d1b2
- FEDORA-2021-d54e02d1b2
Closed bugs
Не работает монтирование сетевой папки с помощью pam_mount