{"id":"CVE-2025-2312","summary":"cifs.upcall  makes an upcall to the wrong namespace in containerized environments","details":"A flaw was found in cifs-utils. When trying to obtain Kerberos credentials, the cifs.upcall program from the cifs-utils package makes an upcall to the wrong namespace in containerized environments. This issue may lead to disclosing sensitive data from the host's Kerberos credentials cache.","modified":"2026-05-18T05:58:07.278640946Z","published":"2025-03-25T18:08:02.848Z","related":["SUSE-SU-2025:01614-1","SUSE-SU-2025:01620-1","SUSE-SU-2025:01640-1","SUSE-SU-2025:01707-1","SUSE-SU-2025:01919-1","SUSE-SU-2025:01951-1","SUSE-SU-2025:01964-1","SUSE-SU-2025:01967-1","SUSE-SU-2025:1381-1","SUSE-SU-2025:20192-1","SUSE-SU-2025:20206-1","SUSE-SU-2025:20270-1","SUSE-SU-2025:20283-1"],"database_specific":{"cna_assigner":"redhat-cnalr","cwe_ids":["CWE-488"],"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/2xxx/CVE-2025-2312.json"},"references":[{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/2xxx/CVE-2025-2312.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-2312"},{"type":"FIX","url":"https://git.samba.org/?p=cifs-utils.git;a=commit;h=89b679228cc1be9739d54203d28289b03352c174"},{"type":"FIX","url":"https://web.git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/fs/smb?id=db363b0a1d9e6b9dc556296f1b1007aeb496a8cf"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.samba.org/cifs-utils.git/","events":[{"introduced":"0"},{"fixed":"0da208dab49b34ca825cee37cb1817e449d52444"}],"database_specific":{"extracted_events":[{"introduced":"0"},{"fixed":"7.2"}],"source":"AFFECTED_FIELD"}}],"versions":["cifs-utils-7.1","cifs-utils-7.0","cifs-utils-6.15","cifs-utils-6.14","cifs-utils-6.13","cifs-utils-6.12","cifs-utils-6.11","cifs-utils-6.10","cifs-utils-6.9","cifs-utils-6.8","cifs-utils-6.7","cifs-utils-6.6","cifs-utils-6.5","cifs-utils-6.4","cifs-utils-6.3","cifs-utils-6.2","cifs-utils-6.1","cifs-utils-6.0","cifs-utils-5.9","cifs-utils-5.8","cifs-utils-5.7","cifs-utils-5.6","cifs-utils-5.5","cifs-utils-5.4","cifs-utils-5.3","cifs-utils-5.2","cifs-utils-5.1","cifs-utils-5.0","cifs-utils-4.9","cifs-utils-4.8.1","cifs-utils-4.8","cifs-utils-4.7","cifs-utils-4.6","cifs-utils-4.5","cifs-utils-4.4","cifs-utils-4.3","cifs-utils-4.2","cifs-utils-4.1","cifs-utils-4.0","cifs-utils-4.0rc1","release-4-0a1","cifs-utils-4.0a1"],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-2312.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N"}]}