ByteOS Network

NVD Vulnerability Details :

CVE-2025-2312

Awaiting Analysis

Source-74b3a70d-cca6-4d34-9789-e83b222ae3be

Published At-25 Mar, 2025 | 18:15

Updated At-27 Mar, 2025 | 16:45

A flaw was found in cifs-utils. When trying to obtain Kerberos credentials, the cifs.upcall program from the cifs-utils package makes an upcall to the wrong namespace in containerized environments. This issue may lead to disclosing sensitive data from the host's Kerberos credentials cache.

Date Added	Due Date	Vulnerability Name	Required Action
	N/A

Metrics

Type	Version	Base score	Base severity	Vector
Secondary	3.1	5.9	MEDIUM	CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N

Type: Secondary

Version: 3.1

Base score: 5.9

Base severity: MEDIUM

Vector:

CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N

Weaknesses

CWE ID	Type	Source
CWE-488	Secondary	74b3a70d-cca6-4d34-9789-e83b222ae3be

CWE ID: CWE-488

Type: Secondary

Source: 74b3a70d-cca6-4d34-9789-e83b222ae3be

References

Hyperlink	Source	Resource
https://git.samba.org/?p=cifs-utils.git;a=commit;h=89b679228cc1be9739d54203d28289b03352c174	74b3a70d-cca6-4d34-9789-e83b222ae3be	N/A
https://web.git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/fs/smb?id=db363b0a1d9e6b9dc556296f1b1007aeb496a8cf	74b3a70d-cca6-4d34-9789-e83b222ae3be	N/A

Hyperlink: https://git.samba.org/?p=cifs-utils.git;a=commit;h=89b679228cc1be9739d54203d28289b03352c174

Source: 74b3a70d-cca6-4d34-9789-e83b222ae3be

Resource: N/A

Hyperlink: https://web.git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/fs/smb?id=db363b0a1d9e6b9dc556296f1b1007aeb496a8cf

Source: 74b3a70d-cca6-4d34-9789-e83b222ae3be

Resource: N/A

CISA Catalog

Metrics

CPE Matches

Weaknesses

Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References

Change History