Unrated severityNVD Advisory· Published Apr 19, 2021· Updated Aug 3, 2024
CVE-2021-20208
CVE-2021-20208
Description
A flaw was found in cifs-utils in versions before 6.13. A user when mounting a krb5 CIFS file system from within a container can use Kerberos credentials of the host. The highest threat from this vulnerability is to data confidentiality and integrity.
Affected products
11- cifs-utils/cifs-utilsdescription
- osv-coords10 versionspkg:rpm/opensuse/cifs-utils&distro=openSUSE%20Leap%2015.2pkg:rpm/opensuse/cifs-utils&distro=openSUSE%20Tumbleweedpkg:rpm/suse/cifs-utils&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015-ESPOSpkg:rpm/suse/cifs-utils&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015-LTSSpkg:rpm/suse/cifs-utils&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP2pkg:rpm/suse/cifs-utils&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5pkg:rpm/suse/cifs-utils&distro=SUSE%20Linux%20Enterprise%20Server%2015-LTSSpkg:rpm/suse/cifs-utils&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5pkg:rpm/suse/cifs-utils&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015pkg:rpm/suse/cifs-utils&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP5
< 6.9-lp152.2.3.1+ 9 more
- (no CPE)range: < 6.9-lp152.2.3.1
- (no CPE)range: < 6.13-1.3
- (no CPE)range: < 6.9-3.14.1
- (no CPE)range: < 6.9-3.14.1
- (no CPE)range: < 6.9-5.9.1
- (no CPE)range: < 6.9-13.14.1
- (no CPE)range: < 6.9-3.14.1
- (no CPE)range: < 6.9-13.14.1
- (no CPE)range: < 6.9-3.14.1
- (no CPE)range: < 6.9-13.14.1
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
5- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2W4HSDIWXXNQBUW5ZS37RQMLJ7THK5AS/mitrevendor-advisoryx_refsource_FEDORA
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/66WJ3SVBHCSNQZAWSGLB6FBOCFU45FFG/mitrevendor-advisoryx_refsource_FEDORA
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z4BZSJXROEFHYATAAHHRR6P3HUSMPQB3/mitrevendor-advisoryx_refsource_FEDORA
- bugzilla.redhat.com/show_bug.cgimitrex_refsource_MISC
- bugzilla.samba.org/show_bug.cgimitrex_refsource_MISC
News mentions
0No linked articles in our index yet.