CVE-2025-2312
published 2025-03-25CVE-2025-2312: A flaw was found in cifs-utils. When trying to obtain Kerberos credentials, the cifs.upcall program from the cifs-utils package makes an upcall to the wrong…
PriorityP425medium5.9CVSS 3.1
AVLACHPRNUINSCCHINAN
EPSS
0.15%
4.5th percentile
A flaw was found in cifs-utils. When trying to obtain Kerberos credentials, the cifs.upcall program from the cifs-utils package makes an upcall to the wrong namespace in containerized environments. This issue may lead to disclosing sensitive data from the host's Kerberos credentials cache.
Affected
14 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| cifs-utils | cifs-utils | < 7.2 | 7.2 |
| debian | cifs-utils | < cifs-utils 2:7.2-1 (forky) | cifs-utils 2:7.2-1 (forky) |
| linux | linux_kernel | >= 0 < 5.15.0-142.152 | 5.15.0-142.152 |
| linux | linux_kernel | >= 0 < 6.8.0-62.65 | 6.8.0-62.65 |
| linux | linux_kernel | >= 0 < 5.4.0-218.238 | 5.4.0-218.238 |
| msrc | azl3_cifs-utils_7.0-2_on_azure_linux_3.0 | — | — |
| msrc | azl3_cifs-utils_7.3-1_on_azure_linux_3.0 | — | — |
| msrc | azl3_grub2_2.06-24_on_azure_linux_3.0 | — | — |
| msrc | cbl2_cifs-utils_6.14-3_on_cbl_mariner_2.0 | — | — |
| msrc | cbl2_grub2_2.06-14_on_cbl_mariner_2.0 | — | — |
| samba | cifs-utils | >= 0 < 2:7.2-1 | 2:7.2-1 |
| samba | cifs-utils | >= 0 < 2:7.2-1 | 2:7.2-1 |
| ubuntu | linux-azure-fips | — | — |
| ubuntu | linux-fips | — | — |
CVSS provenance
nvdv3.15.9MEDIUMCVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N
osv8.8HIGH
vendor_ubuntu8.8HIGH
vendor_msrc6.7MEDIUM
vendor_debian5.9MEDIUM
vendor_redhat5.9MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
OSV
linux-intel-iotg-5.15 vulnerabilities
osv·2025-07-18·CVSS 8.8
CVE-2024-8805 [HIGH] linux-intel-iotg-5.15 vulnerabilities
linux-intel-iotg-5.15 vulnerabilities
Michael Randrianantenaina discovered that the Bluetooth driver in the Linux
Kernel contained an improper access control vulnerability. A nearby
attacker could use this to connect a rougue device and possibly execute
arbitrary code. (CVE-2024-8805)
It was discovered that the CIFS network file system implementation in the
Linux kernel did not properly verify the target namespace when handling
upcalls. An attacker could use this to expose sensitive information.
(CVE-2025-2312)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- PA-RISC architecture;
- PowerPC architecture;
- x86 architecture;
- Block layer subsystem;
- Crypt
OSV
linux-raspi vulnerabilities
osv·2025-07-17·CVSS 5.5
CVE-2024-8805 [MEDIUM] linux-raspi vulnerabilities
linux-raspi vulnerabilities
Michael Randrianantenaina discovered that the Bluetooth driver in the Linux
Kernel contained an improper access control vulnerability. A nearby
attacker could use this to connect a rougue device and possibly execute
arbitrary code. (CVE-2024-8805)
It was discovered that the CIFS network file system implementation in the
Linux kernel did not properly verify the target namespace when handling
upcalls. An attacker could use this to expose sensitive information.
(CVE-2025-2312)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- PowerPC architecture;
- x86 architecture;
- ACPI drivers;
- Clock framework and drivers;
- GPU drivers;
- HI
OSV
linux-hwe-6.8 vulnerabilities
osv·2025-07-17·CVSS 5.9
CVE-2025-2312 [MEDIUM] linux-hwe-6.8 vulnerabilities
linux-hwe-6.8 vulnerabilities
It was discovered that the CIFS network file system implementation in the
Linux kernel did not properly verify the target namespace when handling
upcalls. An attacker could use this to expose sensitive information.
(CVE-2025-2312)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- PowerPC architecture;
- S390 architecture;
- Block layer subsystem;
- Serial ATA and Parallel ATA drivers;
- Drivers core;
- Network block device driver;
- Character device driver;
- TPM device driver;
- Clock framework and drivers;
- FireWire subsystem;
- GPIO subsystem;
- GPU drivers;
- HID subsystem;
- I3C subsystem;
- InfiniBand drivers;
- IOMMU sub
OSV
linux-iot vulnerabilities
osv·2025-07-16·CVSS 5.9
CVE-2025-2312 [MEDIUM] linux-iot vulnerabilities
linux-iot vulnerabilities
It was discovered that the CIFS network file system implementation in the
Linux kernel did not properly verify the target namespace when handling
upcalls. An attacker could use this to expose sensitive information.
(CVE-2025-2312)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- PowerPC architecture;
- x86 architecture;
- Block layer subsystem;
- Drivers core;
- Network block device driver;
- Character device driver;
- iSCSI Boot Firmware Table Attributes driver;
- GPU drivers;
- HID subsystem;
- InfiniBand drivers;
- Media drivers;
- MemoryStick subsystem;
- Network drivers;
- NTB driver;
- PCI subsystem;
- P
OSV
linux-raspi, linux-raspi-5.4 vulnerabilities
osv·2025-07-16·CVSS 5.5
CVE-2025-2312 [MEDIUM] linux-raspi, linux-raspi-5.4 vulnerabilities
linux-raspi, linux-raspi-5.4 vulnerabilities
It was discovered that the CIFS network file system implementation in the
Linux kernel did not properly verify the target namespace when handling
upcalls. An attacker could use this to expose sensitive information.
(CVE-2025-2312)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- PowerPC architecture;
- x86 architecture;
- iSCSI Boot Firmware Table Attributes driver;
- GPU drivers;
- HID subsystem;
- InfiniBand drivers;
- Media drivers;
- MemoryStick subsystem;
- Network drivers;
- NTB driver;
- PCI subsystem;
- SCSI subsystem;
- Thermal drivers;
- JFS file system;
- File systems infrastructure;
- Tracing infrastr
OSV
linux-azure, linux-azure-6.11 vulnerabilities
osv·2025-07-08·CVSS 5.9
CVE-2025-2312 [MEDIUM] linux-azure, linux-azure-6.11 vulnerabilities
linux-azure, linux-azure-6.11 vulnerabilities
It was discovered that the CIFS network file system implementation in the
Linux kernel did not properly verify the target namespace when handling
upcalls. An attacker could use this to expose sensitive information.
(CVE-2025-2312)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM32 architecture;
- ARM64 architecture;
- PowerPC architecture;
- x86 architecture;
- Compute Acceleration Framework;
- ACPI drivers;
- Ublk userspace block driver;
- Compressed RAM block device driver;
- Bus devices;
- AMD CDX bus driver;
- Clock framework and drivers;
- DMA engine subsystem;
- DPLL subsystem;
- Qualcomm firmware driv
OSV
linux-lowlatency, linux-lowlatency-hwe-6.11 vulnerabilities
osv·2025-07-04·CVSS 5.9
CVE-2025-2312 [MEDIUM] linux-lowlatency, linux-lowlatency-hwe-6.11 vulnerabilities
linux-lowlatency, linux-lowlatency-hwe-6.11 vulnerabilities
It was discovered that the CIFS network file system implementation in the
Linux kernel did not properly verify the target namespace when handling
upcalls. An attacker could use this to expose sensitive information.
(CVE-2025-2312)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM32 architecture;
- ARM64 architecture;
- PowerPC architecture;
- x86 architecture;
- Compute Acceleration Framework;
- ACPI drivers;
- Ublk userspace block driver;
- Compressed RAM block device driver;
- Bus devices;
- AMD CDX bus driver;
- Clock framework and drivers;
- DMA engine subsystem;
- DPLL subsystem;
- Qualcomm
OSV
linux-intel-iotg vulnerabilities
osv·2025-07-04·CVSS 5.5
CVE-2024-8805 [MEDIUM] linux-intel-iotg vulnerabilities
linux-intel-iotg vulnerabilities
Michael Randrianantenaina discovered that the Bluetooth driver in the Linux
Kernel contained an improper access control vulnerability. A nearby
attacker could use this to connect a rougue device and possibly execute
arbitrary code. (CVE-2024-8805)
It was discovered that the CIFS network file system implementation in the
Linux kernel did not properly verify the target namespace when handling
upcalls. An attacker could use this to expose sensitive information.
(CVE-2025-2312)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- PowerPC architecture;
- x86 architecture;
- ACPI drivers;
- Clock framework and drivers;
- GPU drivers;
OSV
linux-bluefield vulnerabilities
osv·2025-07-03·CVSS 5.5
CVE-2025-2312 [MEDIUM] linux-bluefield vulnerabilities
linux-bluefield vulnerabilities
It was discovered that the CIFS network file system implementation in the
Linux kernel did not properly verify the target namespace when handling
upcalls. An attacker could use this to expose sensitive information.
(CVE-2025-2312)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- PowerPC architecture;
- x86 architecture;
- iSCSI Boot Firmware Table Attributes driver;
- GPU drivers;
- HID subsystem;
- InfiniBand drivers;
- Media drivers;
- MemoryStick subsystem;
- Network drivers;
- NTB driver;
- PCI subsystem;
- SCSI subsystem;
- Thermal drivers;
- JFS file system;
- File systems infrastructure;
- Tracing infrastructure;
- 802
OSV
linux-oem-6.11 vulnerabilities
osv·2025-06-30·CVSS 5.9
CVE-2025-2312 [MEDIUM] linux-oem-6.11 vulnerabilities
linux-oem-6.11 vulnerabilities
It was discovered that the CIFS network file system implementation in the
Linux kernel did not properly verify the target namespace when handling
upcalls. An attacker could use this to expose sensitive information.
(CVE-2025-2312)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM32 architecture;
- ARM64 architecture;
- PowerPC architecture;
- x86 architecture;
- Compute Acceleration Framework;
- ACPI drivers;
- Ublk userspace block driver;
- Compressed RAM block device driver;
- Bus devices;
- AMD CDX bus driver;
- Clock framework and drivers;
- DMA engine subsystem;
- DPLL subsystem;
- Qualcomm firmware drivers;
- GPIO sub
OSV
linux-gcp, linux-gcp-6.8 vulnerabilities
osv·2025-06-30·CVSS 5.5
CVE-2025-2312 [MEDIUM] linux-gcp, linux-gcp-6.8 vulnerabilities
linux-gcp, linux-gcp-6.8 vulnerabilities
It was discovered that the CIFS network file system implementation in the
Linux kernel did not properly verify the target namespace when handling
upcalls. An attacker could use this to expose sensitive information.
(CVE-2025-2312)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- GPIO subsystem;
- GPU drivers;
- InfiniBand drivers;
- IRQ chip drivers;
- Network drivers;
- Mellanox network drivers;
- i.MX PM domains;
- SCSI subsystem;
- USB Serial drivers;
- AFS file system;
- GFS2 file system;
- File systems infrastructure;
- File system notification infrastructure;
- Overlay file system;
- Proc file system;
- SMB net
OSV
linux-hwe-5.4 vulnerabilities
osv·2025-06-30·CVSS 5.5
CVE-2025-2312 [MEDIUM] linux-hwe-5.4 vulnerabilities
linux-hwe-5.4 vulnerabilities
It was discovered that the CIFS network file system implementation in the
Linux kernel did not properly verify the target namespace when handling
upcalls. An attacker could use this to expose sensitive information.
(CVE-2025-2312)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- PowerPC architecture;
- x86 architecture;
- iSCSI Boot Firmware Table Attributes driver;
- GPU drivers;
- HID subsystem;
- InfiniBand drivers;
- Media drivers;
- MemoryStick subsystem;
- Network drivers;
- NTB driver;
- PCI subsystem;
- SCSI subsystem;
- Thermal drivers;
- JFS file system;
- File systems infrastructure;
- Tracing infrastructure;
- 802.1
OSV
linux, linux-aws, linux-gcp, linux-gcp-6.11, linux-hwe-6.11, linux-oracle, linux-raspi, linux-realtime vulnerabilities
osv·2025-06-30·CVSS 5.9
CVE-2025-2312 [MEDIUM] linux, linux-aws, linux-gcp, linux-gcp-6.11, linux-hwe-6.11, linux-oracle, linux-raspi, linux-realtime vulnerabilities
linux, linux-aws, linux-gcp, linux-gcp-6.11, linux-hwe-6.11, linux-oracle, linux-raspi, linux-realtime vulnerabilities
It was discovered that the CIFS network file system implementation in the
Linux kernel did not properly verify the target namespace when handling
upcalls. An attacker could use this to expose sensitive information.
(CVE-2025-2312)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM32 architecture;
- ARM64 architecture;
- PowerPC architecture;
- x86 architecture;
- Compute Acceleration Framework;
- ACPI drivers;
- Ublk userspace block driver;
- Compressed RAM block device driver;
- Bus devices;
- AMD CDX bus driver;
- Clock framework and dr
OSV
linux-oracle, linux-oracle-6.8, linux-raspi vulnerabilities
osv·2025-06-26·CVSS 5.5
CVE-2025-2312 [MEDIUM] linux-oracle, linux-oracle-6.8, linux-raspi vulnerabilities
linux-oracle, linux-oracle-6.8, linux-raspi vulnerabilities
It was discovered that the CIFS network file system implementation in the
Linux kernel did not properly verify the target namespace when handling
upcalls. An attacker could use this to expose sensitive information.
(CVE-2025-2312)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- GPIO subsystem;
- GPU drivers;
- InfiniBand drivers;
- IRQ chip drivers;
- Network drivers;
- Mellanox network drivers;
- i.MX PM domains;
- SCSI subsystem;
- USB Serial drivers;
- AFS file system;
- GFS2 file system;
- File systems infrastructure;
- File system notification infrastructure;
- Overlay file system;
- Proc fil
OSV
linux-xilinx-zynqmp vulnerabilities
osv·2025-06-26·CVSS 8.8
CVE-2024-8805 [HIGH] linux-xilinx-zynqmp vulnerabilities
linux-xilinx-zynqmp vulnerabilities
Michael Randrianantenaina discovered that the Bluetooth driver in the Linux
Kernel contained an improper access control vulnerability. A nearby
attacker could use this to connect a rougue device and possibly execute
arbitrary code. (CVE-2024-8805)
It was discovered that the CIFS network file system implementation in the
Linux kernel did not properly verify the target namespace when handling
upcalls. An attacker could use this to expose sensitive information.
(CVE-2025-2312)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- PowerPC architecture;
- x86 architecture;
- Block layer subsystem;
- ACPI driv
OSV
linux-raspi-realtime vulnerabilities
osv·2025-06-25·CVSS 5.5
CVE-2025-2312 [MEDIUM] linux-raspi-realtime vulnerabilities
linux-raspi-realtime vulnerabilities
It was discovered that the CIFS network file system implementation in the
Linux kernel did not properly verify the target namespace when handling
upcalls. An attacker could use this to expose sensitive information.
(CVE-2025-2312)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- GPIO subsystem;
- GPU drivers;
- InfiniBand drivers;
- IRQ chip drivers;
- Network drivers;
- Mellanox network drivers;
- i.MX PM domains;
- SCSI subsystem;
- USB Serial drivers;
- AFS file system;
- GFS2 file system;
- File systems infrastructure;
- File system notification infrastructure;
- Overlay file system;
- Proc file system;
- SMB network
OSV
linux-azure-5.4 vulnerabilities
osv·2025-06-25·CVSS 5.5
CVE-2025-2312 [MEDIUM] linux-azure-5.4 vulnerabilities
linux-azure-5.4 vulnerabilities
It was discovered that the CIFS network file system implementation in the
Linux kernel did not properly verify the target namespace when handling
upcalls. An attacker could use this to expose sensitive information.
(CVE-2025-2312)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- PowerPC architecture;
- x86 architecture;
- iSCSI Boot Firmware Table Attributes driver;
- GPU drivers;
- HID subsystem;
- InfiniBand drivers;
- Media drivers;
- MemoryStick subsystem;
- Network drivers;
- NTB driver;
- PCI subsystem;
- SCSI subsystem;
- Thermal drivers;
- JFS file system;
- File systems infrastructure;
- Tracing infrastructure;
- 802
OSV
linux-azure-fips, linux-fips vulnerabilities
osv·2025-06-25·CVSS 5.5
CVE-2025-2312 [MEDIUM] linux-azure-fips, linux-fips vulnerabilities
linux-azure-fips, linux-fips vulnerabilities
It was discovered that the CIFS network file system implementation in the
Linux kernel did not properly verify the target namespace when handling
upcalls. An attacker could use this to expose sensitive information.
(CVE-2025-2312)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- PowerPC architecture;
- x86 architecture;
- iSCSI Boot Firmware Table Attributes driver;
- GPU drivers;
- HID subsystem;
- InfiniBand drivers;
- Media drivers;
- MemoryStick subsystem;
- Network drivers;
- NTB driver;
- PCI subsystem;
- SCSI subsystem;
- Thermal drivers;
- JFS file system;
- File systems infrastructure;
- Tracing infrastr
OSV
linux-aws vulnerabilities
osv·2025-06-24·CVSS 5.5
CVE-2024-8805 [MEDIUM] linux-aws vulnerabilities
linux-aws vulnerabilities
Michael Randrianantenaina discovered that the Bluetooth driver in the Linux
Kernel contained an improper access control vulnerability. A nearby
attacker could use this to connect a rougue device and possibly execute
arbitrary code. (CVE-2024-8805)
It was discovered that the CIFS network file system implementation in the
Linux kernel did not properly verify the target namespace when handling
upcalls. An attacker could use this to expose sensitive information.
(CVE-2025-2312)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- PowerPC architecture;
- x86 architecture;
- ACPI drivers;
- Clock framework and drivers;
- GPU drivers;
- HID
OSV
linux-aws-5.15, linux-gcp-5.15, linux-ibm-5.15, linux-lowlatency-hwe-5.15, linux-oracle-5.15 vulnerabilities
osv·2025-06-24·CVSS 5.5
CVE-2024-8805 [MEDIUM] linux-aws-5.15, linux-gcp-5.15, linux-ibm-5.15, linux-lowlatency-hwe-5.15, linux-oracle-5.15 vulnerabilities
linux-aws-5.15, linux-gcp-5.15, linux-ibm-5.15, linux-lowlatency-hwe-5.15, linux-oracle-5.15 vulnerabilities
Michael Randrianantenaina discovered that the Bluetooth driver in the Linux
Kernel contained an improper access control vulnerability. A nearby
attacker could use this to connect a rougue device and possibly execute
arbitrary code. (CVE-2024-8805)
It was discovered that the CIFS network file system implementation in the
Linux kernel did not properly verify the target namespace when handling
upcalls. An attacker could use this to expose sensitive information.
(CVE-2025-2312)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- PowerPC architecture;
- x86
OSV
linux-hwe-5.15 vulnerabilities
osv·2025-06-24·CVSS 8.8
CVE-2024-8805 [HIGH] linux-hwe-5.15 vulnerabilities
linux-hwe-5.15 vulnerabilities
Michael Randrianantenaina discovered that the Bluetooth driver in the Linux
Kernel contained an improper access control vulnerability. A nearby
attacker could use this to connect a rougue device and possibly execute
arbitrary code. (CVE-2024-8805)
It was discovered that the CIFS network file system implementation in the
Linux kernel did not properly verify the target namespace when handling
upcalls. An attacker could use this to expose sensitive information.
(CVE-2025-2312)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- PowerPC architecture;
- x86 architecture;
- Block layer subsystem;
- ACPI drivers;
OSV
linux, linux-aws, linux-aws-6.8, linux-gke, linux-gkeop, linux-ibm, linux-lowlatency, linux-lowlatency-hwe-6.8, linux-nvidia, linux-nvidia-6.8, linux-nvidia-lowlatency, linux-oem-6.8 vulnerabilities
osv·2025-06-24·CVSS 5.5
CVE-2025-2312 [MEDIUM] linux, linux-aws, linux-aws-6.8, linux-gke, linux-gkeop, linux-ibm, linux-lowlatency, linux-lowlatency-hwe-6.8, linux-nvidia, linux-nvidia-6.8, linux-nvidia-lowlatency, linux-oem-6.8 vulnerabilities
linux, linux-aws, linux-aws-6.8, linux-gke, linux-gkeop, linux-ibm, linux-lowlatency, linux-lowlatency-hwe-6.8, linux-nvidia, linux-nvidia-6.8, linux-nvidia-lowlatency, linux-oem-6.8 vulnerabilities
It was discovered that the CIFS network file system implementation in the
Linux kernel did not properly verify the target namespace when handling
upcalls. An attacker could use this to expose sensitive information.
(CVE-2025-2312)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- GPIO subsystem;
- GPU drivers;
- InfiniBand drivers;
- IRQ chip drivers;
- Network drivers;
- Mellanox network drivers;
- i.MX PM domains;
- SCSI subsystem;
- USB Serial drivers;
- AFS f
OSV
linux-intel-iot-realtime, linux-realtime vulnerabilities
osv·2025-06-24·CVSS 5.5
CVE-2024-8805 [MEDIUM] linux-intel-iot-realtime, linux-realtime vulnerabilities
linux-intel-iot-realtime, linux-realtime vulnerabilities
Michael Randrianantenaina discovered that the Bluetooth driver in the Linux
Kernel contained an improper access control vulnerability. A nearby
attacker could use this to connect a rougue device and possibly execute
arbitrary code. (CVE-2024-8805)
It was discovered that the CIFS network file system implementation in the
Linux kernel did not properly verify the target namespace when handling
upcalls. An attacker could use this to expose sensitive information.
(CVE-2025-2312)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- PowerPC architecture;
- x86 architecture;
- ACPI drivers;
- Clock framework and
OSV
linux-aws-fips, linux-fips, linux-gcp-fips vulnerabilities
osv·2025-06-24·CVSS 5.5
CVE-2024-8805 [MEDIUM] linux-aws-fips, linux-fips, linux-gcp-fips vulnerabilities
linux-aws-fips, linux-fips, linux-gcp-fips vulnerabilities
Michael Randrianantenaina discovered that the Bluetooth driver in the Linux
Kernel contained an improper access control vulnerability. A nearby
attacker could use this to connect a rougue device and possibly execute
arbitrary code. (CVE-2024-8805)
It was discovered that the CIFS network file system implementation in the
Linux kernel did not properly verify the target namespace when handling
upcalls. An attacker could use this to expose sensitive information.
(CVE-2025-2312)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- PowerPC architecture;
- x86 architecture;
- ACPI drivers;
- Clock framework a
OSV
linux-realtime vulnerabilities
osv·2025-06-24·CVSS 5.5
CVE-2025-2312 [MEDIUM] linux-realtime vulnerabilities
linux-realtime vulnerabilities
It was discovered that the CIFS network file system implementation in the
Linux kernel did not properly verify the target namespace when handling
upcalls. An attacker could use this to expose sensitive information.
(CVE-2025-2312)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- GPIO subsystem;
- GPU drivers;
- InfiniBand drivers;
- IRQ chip drivers;
- Network drivers;
- Mellanox network drivers;
- i.MX PM domains;
- SCSI subsystem;
- USB Serial drivers;
- AFS file system;
- GFS2 file system;
- File systems infrastructure;
- File system notification infrastructure;
- Overlay file system;
- Proc file system;
- SMB network file
OSV
linux, linux-gcp, linux-gke, linux-gkeop, linux-ibm, linux-kvm, linux-lowlatency, linux-nvidia, linux-nvidia-tegra, linux-nvidia-tegra-igx, linux-oracle vulnerabilities
osv·2025-06-23·CVSS 5.5
CVE-2024-8805 [MEDIUM] linux, linux-gcp, linux-gke, linux-gkeop, linux-ibm, linux-kvm, linux-lowlatency, linux-nvidia, linux-nvidia-tegra, linux-nvidia-tegra-igx, linux-oracle vulnerabilities
linux, linux-gcp, linux-gke, linux-gkeop, linux-ibm, linux-kvm, linux-lowlatency, linux-nvidia, linux-nvidia-tegra, linux-nvidia-tegra-igx, linux-oracle vulnerabilities
Michael Randrianantenaina discovered that the Bluetooth driver in the Linux
Kernel contained an improper access control vulnerability. A nearby
attacker could use this to connect a rougue device and possibly execute
arbitrary code. (CVE-2024-8805)
It was discovered that the CIFS network file system implementation in the
Linux kernel did not properly verify the target namespace when handling
upcalls. An attacker could use this to expose sensitive information.
(CVE-2025-2312)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaw
OSV
linux, linux-aws, linux-aws-5.4, linux-azure, linux-gcp, linux-gcp-5.4, linux-ibm, linux-ibm-5.4, linux-kvm, linux-oracle, linux-oracle-5.4, linux-xilinx-zynqmp vulnerabilities
osv·2025-06-19·CVSS 5.5
CVE-2025-2312 [MEDIUM] linux, linux-aws, linux-aws-5.4, linux-azure, linux-gcp, linux-gcp-5.4, linux-ibm, linux-ibm-5.4, linux-kvm, linux-oracle, linux-oracle-5.4, linux-xilinx-zynqmp vulnerabilities
linux, linux-aws, linux-aws-5.4, linux-azure, linux-gcp, linux-gcp-5.4, linux-ibm, linux-ibm-5.4, linux-kvm, linux-oracle, linux-oracle-5.4, linux-xilinx-zynqmp vulnerabilities
It was discovered that the CIFS network file system implementation in the
Linux kernel did not properly verify the target namespace when handling
upcalls. An attacker could use this to expose sensitive information.
(CVE-2025-2312)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- PowerPC architecture;
- x86 architecture;
- iSCSI Boot Firmware Table Attributes driver;
- GPU drivers;
- HID subsystem;
- InfiniBand drivers;
- Media drivers;
- MemoryStick subsystem;
- Network drivers;
- NT
OSV
linux-aws-fips, linux-gcp-fips vulnerabilities
osv·2025-06-19·CVSS 5.5
CVE-2025-2312 [MEDIUM] linux-aws-fips, linux-gcp-fips vulnerabilities
linux-aws-fips, linux-gcp-fips vulnerabilities
It was discovered that the CIFS network file system implementation in the
Linux kernel did not properly verify the target namespace when handling
upcalls. An attacker could use this to expose sensitive information.
(CVE-2025-2312)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- PowerPC architecture;
- x86 architecture;
- iSCSI Boot Firmware Table Attributes driver;
- GPU drivers;
- HID subsystem;
- InfiniBand drivers;
- Media drivers;
- MemoryStick subsystem;
- Network drivers;
- NTB driver;
- PCI subsystem;
- SCSI subsystem;
- Thermal drivers;
- JFS file system;
- File systems infrastructure;
- Tracing infras
OSV
linux-azure-nvidia vulnerabilities
osv·2025-04-28·CVSS 8.8
CVE-2024-8805 [HIGH] linux-azure-nvidia vulnerabilities
linux-azure-nvidia vulnerabilities
Michael Randrianantenaina discovered that the Bluetooth driver in the Linux
Kernel contained an improper access control vulnerability. A nearby
attacker could use this to connect a rougue device and possibly execute
arbitrary code. (CVE-2024-8805)
Attila Szász discovered that the HFS+ file system implementation in the
Linux Kernel contained a heap overflow vulnerability. An attacker could use
a specially crafted file system image that, when mounted, could cause a
denial of service (system crash) or possibly execute arbitrary code.
(CVE-2025-0927)
It was discovered that the CIFS network file system implementation in the
Linux kernel did not properly verify the target namespace when handling
upcalls. An attacker could use this to expose sensitive informa
OSV
linux-azure, linux-azure-6.11 vulnerabilities
osv·2025-04-23·CVSS 5.5
CVE-2025-2312 [MEDIUM] linux-azure, linux-azure-6.11 vulnerabilities
linux-azure, linux-azure-6.11 vulnerabilities
It was discovered that the CIFS network file system implementation in the
Linux kernel did not properly verify the target namespace when handling
upcalls. An attacker could use this to expose sensitive information.
(CVE-2025-2312)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- GPIO subsystem;
- GPU drivers;
- IRQ chip drivers;
- Network drivers;
- Mellanox network drivers;
- x86 platform drivers;
- i.MX PM domains;
- SCSI subsystem;
- USB Serial drivers;
- AFS file system;
- GFS2 file system;
- File systems infrastructure;
- Proc file system;
- SMB network file system;
- Timer subsystem;
- Kernel CPU control i
OSV
linux-azure-6.8 vulnerabilities
osv·2025-04-01·CVSS 8.8
CVE-2024-8805 [HIGH] linux-azure-6.8 vulnerabilities
linux-azure-6.8 vulnerabilities
Michael Randrianantenaina discovered that the Bluetooth driver in the Linux
Kernel contained an improper access control vulnerability. A nearby
attacker could use this to connect a rougue device and possibly execute
arbitrary code. (CVE-2024-8805)
Attila Szász discovered that the HFS+ file system implementation in the
Linux Kernel contained a heap overflow vulnerability. An attacker could use
a specially crafted file system image that, when mounted, could cause a
denial of service (system crash) or possibly execute arbitrary code.
(CVE-2025-0927)
It was discovered that the CIFS network file system implementation in the
Linux kernel did not properly verify the target namespace when handling
upcalls. An attacker could use this to expose sensitive informatio
OSV
linux-azure vulnerabilities
osv·2025-03-27·CVSS 8.8
CVE-2024-8805 [HIGH] linux-azure vulnerabilities
linux-azure vulnerabilities
Michael Randrianantenaina discovered that the Bluetooth driver in the Linux
Kernel contained an improper access control vulnerability. A nearby
attacker could use this to connect a rougue device and possibly execute
arbitrary code. (CVE-2024-8805)
Attila Szász discovered that the HFS+ file system implementation in the
Linux Kernel contained a heap overflow vulnerability. An attacker could use
a specially crafted file system image that, when mounted, could cause a
denial of service (system crash) or possibly execute arbitrary code.
(CVE-2025-0927)
It was discovered that the CIFS network file system implementation in the
Linux kernel did not properly verify the target namespace when handling
upcalls. An attacker could use this to expose sensitive information.
(
GHSA
GHSA-c3c3-3xh6-r623: A flaw was found in cifs-utils
ghsa_unreviewed·2025-03-25
CVE-2025-2312 [MEDIUM] CWE-488 GHSA-c3c3-3xh6-r623: A flaw was found in cifs-utils
A flaw was found in cifs-utils. When trying to obtain Kerberos credentials, the cifs.upcall program from the cifs-utils package makes an upcall to the wrong namespace in containerized environments. This issue may lead to disclosing sensitive data from the host's Kerberos credentials cache.
OSV
CVE-2025-2312: A flaw was found in cifs-utils
osv·2025-03-25·CVSS 5.9
CVE-2025-2312 [MEDIUM] CVE-2025-2312: A flaw was found in cifs-utils
A flaw was found in cifs-utils. When trying to obtain Kerberos credentials, the cifs.upcall program from the cifs-utils package makes an upcall to the wrong namespace in containerized environments. This issue may lead to disclosing sensitive data from the host's Kerberos credentials cache.
Ubuntu
Linux kernel (Intel IoTG) vulnerabilities
vendor_ubuntu·2025-07-18·CVSS 8.8
CVE-2025-38009 [HIGH] Linux kernel (Intel IoTG) vulnerabilities
Title: Linux kernel (Intel IoTG) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Michael Randrianantenaina discovered that the Bluetooth driver in the Linux
Kernel contained an improper access control vulnerability. A nearby
attacker could use this to connect a rougue device and possibly execute
arbitrary code. (CVE-2024-8805)
It was discovered that the CIFS network file system implementation in the
Linux kernel did not properly verify the target namespace when handling
upcalls. An attacker could use this to expose sensitive information.
(CVE-2025-2312)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- PA-RISC architecture;
Ubuntu
Linux kernel (HWE) vulnerabilities
vendor_ubuntu·2025-07-17·CVSS 5.9
CVE-2024-57953 [MEDIUM] Linux kernel (HWE) vulnerabilities
Title: Linux kernel (HWE) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
It was discovered that the CIFS network file system implementation in the
Linux kernel did not properly verify the target namespace when handling
upcalls. An attacker could use this to expose sensitive information.
(CVE-2025-2312)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- PowerPC architecture;
- S390 architecture;
- Block layer subsystem;
- Serial ATA and Parallel ATA drivers;
- Drivers core;
- Network block device driver;
- Character device driver;
- TPM device driver;
- Clock framework and drivers;
- FireWire subsystem;
- GPIO subsystem;
- GP
Ubuntu
Linux kernel (Raspberry Pi) vulnerabilities
vendor_ubuntu·2025-07-17·CVSS 5.5
CVE-2022-49636 [MEDIUM] Linux kernel (Raspberry Pi) vulnerabilities
Title: Linux kernel (Raspberry Pi) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Michael Randrianantenaina discovered that the Bluetooth driver in the Linux
Kernel contained an improper access control vulnerability. A nearby
attacker could use this to connect a rougue device and possibly execute
arbitrary code. (CVE-2024-8805)
It was discovered that the CIFS network file system implementation in the
Linux kernel did not properly verify the target namespace when handling
upcalls. An attacker could use this to expose sensitive information.
(CVE-2025-2312)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- PowerPC architectur
Ubuntu
Linux kernel (Raspberry Pi) vulnerabilities
vendor_ubuntu·2025-07-16·CVSS 5.5
CVE-2025-38637 [MEDIUM] Linux kernel (Raspberry Pi) vulnerabilities
Title: Linux kernel (Raspberry Pi) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
It was discovered that the CIFS network file system implementation in the
Linux kernel did not properly verify the target namespace when handling
upcalls. An attacker could use this to expose sensitive information.
(CVE-2025-2312)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- PowerPC architecture;
- x86 architecture;
- iSCSI Boot Firmware Table Attributes driver;
- GPU drivers;
- HID subsystem;
- InfiniBand drivers;
- Media drivers;
- MemoryStick subsystem;
- Network drivers;
- NTB driver;
- PCI subsystem;
- SCSI subsystem;
- Thermal drive
Ubuntu
Linux kernel (IoT) vulnerabilities
vendor_ubuntu·2025-07-16·CVSS 5.9
CVE-2025-21935 [MEDIUM] Linux kernel (IoT) vulnerabilities
Title: Linux kernel (IoT) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
It was discovered that the CIFS network file system implementation in the
Linux kernel did not properly verify the target namespace when handling
upcalls. An attacker could use this to expose sensitive information.
(CVE-2025-2312)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- PowerPC architecture;
- x86 architecture;
- Block layer subsystem;
- Drivers core;
- Network block device driver;
- Character device driver;
- iSCSI Boot Firmware Table Attributes driver;
- GPU drivers;
- HID subsystem;
- InfiniBand drivers;
- Media drive
Ubuntu
Linux kernel (Azure) vulnerabilities
vendor_ubuntu·2025-07-08·CVSS 5.9
CVE-2025-22095 [MEDIUM] Linux kernel (Azure) vulnerabilities
Title: Linux kernel (Azure) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
It was discovered that the CIFS network file system implementation in the
Linux kernel did not properly verify the target namespace when handling
upcalls. An attacker could use this to expose sensitive information.
(CVE-2025-2312)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM32 architecture;
- ARM64 architecture;
- PowerPC architecture;
- x86 architecture;
- Compute Acceleration Framework;
- ACPI drivers;
- Ublk userspace block driver;
- Compressed RAM block device driver;
- Bus devices;
- AMD CDX bus driver;
- Clock framework and drivers;
-
Ubuntu
Linux kernel (Low Latency) vulnerabilities
vendor_ubuntu·2025-07-04·CVSS 5.9
CVE-2025-22080 [MEDIUM] Linux kernel (Low Latency) vulnerabilities
Title: Linux kernel (Low Latency) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
It was discovered that the CIFS network file system implementation in the
Linux kernel did not properly verify the target namespace when handling
upcalls. An attacker could use this to expose sensitive information.
(CVE-2025-2312)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM32 architecture;
- ARM64 architecture;
- PowerPC architecture;
- x86 architecture;
- Compute Acceleration Framework;
- ACPI drivers;
- Ublk userspace block driver;
- Compressed RAM block device driver;
- Bus devices;
- AMD CDX bus driver;
- Clock framework and drive
Ubuntu
Linux kernel (Intel IoTG) vulnerabilities
vendor_ubuntu·2025-07-04·CVSS 5.5
CVE-2022-49728 [MEDIUM] Linux kernel (Intel IoTG) vulnerabilities
Title: Linux kernel (Intel IoTG) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Michael Randrianantenaina discovered that the Bluetooth driver in the Linux
Kernel contained an improper access control vulnerability. A nearby
attacker could use this to connect a rougue device and possibly execute
arbitrary code. (CVE-2024-8805)
It was discovered that the CIFS network file system implementation in the
Linux kernel did not properly verify the target namespace when handling
upcalls. An attacker could use this to expose sensitive information.
(CVE-2025-2312)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- PowerPC architecture;
Ubuntu
Linux kernel (BlueField) vulnerabilities
vendor_ubuntu·2025-07-03·CVSS 5.5
CVE-2024-56551 [MEDIUM] Linux kernel (BlueField) vulnerabilities
Title: Linux kernel (BlueField) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
It was discovered that the CIFS network file system implementation in the
Linux kernel did not properly verify the target namespace when handling
upcalls. An attacker could use this to expose sensitive information.
(CVE-2025-2312)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- PowerPC architecture;
- x86 architecture;
- iSCSI Boot Firmware Table Attributes driver;
- GPU drivers;
- HID subsystem;
- InfiniBand drivers;
- Media drivers;
- MemoryStick subsystem;
- Network drivers;
- NTB driver;
- PCI subsystem;
- SCSI subsystem;
- Thermal drivers;
Ubuntu
Linux kernel vulnerabilities
vendor_ubuntu·2025-06-30·CVSS 5.5
CVE-2025-21699 [MEDIUM] Linux kernel vulnerabilities
Title: Linux kernel vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
It was discovered that the CIFS network file system implementation in the
Linux kernel did not properly verify the target namespace when handling
upcalls. An attacker could use this to expose sensitive information.
(CVE-2025-2312)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- GPIO subsystem;
- GPU drivers;
- InfiniBand drivers;
- IRQ chip drivers;
- Network drivers;
- Mellanox network drivers;
- i.MX PM domains;
- SCSI subsystem;
- USB Serial drivers;
- AFS file system;
- GFS2 file system;
- File systems infrastructure;
- File system notification infrast
Ubuntu
Linux kernel (HWE) vulnerabilities
vendor_ubuntu·2025-06-30·CVSS 5.5
CVE-2024-56551 [MEDIUM] Linux kernel (HWE) vulnerabilities
Title: Linux kernel (HWE) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
It was discovered that the CIFS network file system implementation in the
Linux kernel did not properly verify the target namespace when handling
upcalls. An attacker could use this to expose sensitive information.
(CVE-2025-2312)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- PowerPC architecture;
- x86 architecture;
- iSCSI Boot Firmware Table Attributes driver;
- GPU drivers;
- HID subsystem;
- InfiniBand drivers;
- Media drivers;
- MemoryStick subsystem;
- Network drivers;
- NTB driver;
- PCI subsystem;
- SCSI subsystem;
- Thermal drivers;
- JFS
Ubuntu
Linux kernel vulnerabilities
vendor_ubuntu·2025-06-30·CVSS 5.9
CVE-2025-22080 [MEDIUM] Linux kernel vulnerabilities
Title: Linux kernel vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
It was discovered that the CIFS network file system implementation in the
Linux kernel did not properly verify the target namespace when handling
upcalls. An attacker could use this to expose sensitive information.
(CVE-2025-2312)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM32 architecture;
- ARM64 architecture;
- PowerPC architecture;
- x86 architecture;
- Compute Acceleration Framework;
- ACPI drivers;
- Ublk userspace block driver;
- Compressed RAM block device driver;
- Bus devices;
- AMD CDX bus driver;
- Clock framework and drivers;
- DMA engi
Ubuntu
Linux kernel (OEM) vulnerabilities
vendor_ubuntu·2025-06-30·CVSS 5.9
CVE-2025-22070 [MEDIUM] Linux kernel (OEM) vulnerabilities
Title: Linux kernel (OEM) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
It was discovered that the CIFS network file system implementation in the
Linux kernel did not properly verify the target namespace when handling
upcalls. An attacker could use this to expose sensitive information.
(CVE-2025-2312)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM32 architecture;
- ARM64 architecture;
- PowerPC architecture;
- x86 architecture;
- Compute Acceleration Framework;
- ACPI drivers;
- Ublk userspace block driver;
- Compressed RAM block device driver;
- Bus devices;
- AMD CDX bus driver;
- Clock framework and drivers;
- DM
Ubuntu
Linux kernel (Xilinx ZynqMP) vulnerabilities
vendor_ubuntu·2025-06-26·CVSS 8.8
CVE-2024-58086 [HIGH] Linux kernel (Xilinx ZynqMP) vulnerabilities
Title: Linux kernel (Xilinx ZynqMP) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Michael Randrianantenaina discovered that the Bluetooth driver in the Linux
Kernel contained an improper access control vulnerability. A nearby
attacker could use this to connect a rougue device and possibly execute
arbitrary code. (CVE-2024-8805)
It was discovered that the CIFS network file system implementation in the
Linux kernel did not properly verify the target namespace when handling
upcalls. An attacker could use this to expose sensitive information.
(CVE-2025-2312)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture
Ubuntu
Linux kernel (FIPS) vulnerabilities
vendor_ubuntu·2025-06-25·CVSS 5.5
CVE-2025-38637 [MEDIUM] Linux kernel (FIPS) vulnerabilities
Title: Linux kernel (FIPS) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
It was discovered that the CIFS network file system implementation in the
Linux kernel did not properly verify the target namespace when handling
upcalls. An attacker could use this to expose sensitive information.
(CVE-2025-2312)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- PowerPC architecture;
- x86 architecture;
- iSCSI Boot Firmware Table Attributes driver;
- GPU drivers;
- HID subsystem;
- InfiniBand drivers;
- Media drivers;
- MemoryStick subsystem;
- Network drivers;
- NTB driver;
- PCI subsystem;
- SCSI subsystem;
- Thermal drivers;
- JF
Ubuntu
Linux kernel (Raspberry Pi Real-time) vulnerabilities
vendor_ubuntu·2025-06-25·CVSS 5.5
CVE-2024-57948 [MEDIUM] Linux kernel (Raspberry Pi Real-time) vulnerabilities
Title: Linux kernel (Raspberry Pi Real-time) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
It was discovered that the CIFS network file system implementation in the
Linux kernel did not properly verify the target namespace when handling
upcalls. An attacker could use this to expose sensitive information.
(CVE-2025-2312)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- GPIO subsystem;
- GPU drivers;
- InfiniBand drivers;
- IRQ chip drivers;
- Network drivers;
- Mellanox network drivers;
- i.MX PM domains;
- SCSI subsystem;
- USB Serial drivers;
- AFS file system;
- GFS2 file system;
- File systems infrastructure;
- File sy
Ubuntu
Linux kernel (Azure) vulnerabilities
vendor_ubuntu·2025-06-25·CVSS 5.5
CVE-2024-56551 [MEDIUM] Linux kernel (Azure) vulnerabilities
Title: Linux kernel (Azure) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
It was discovered that the CIFS network file system implementation in the
Linux kernel did not properly verify the target namespace when handling
upcalls. An attacker could use this to expose sensitive information.
(CVE-2025-2312)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- PowerPC architecture;
- x86 architecture;
- iSCSI Boot Firmware Table Attributes driver;
- GPU drivers;
- HID subsystem;
- InfiniBand drivers;
- Media drivers;
- MemoryStick subsystem;
- Network drivers;
- NTB driver;
- PCI subsystem;
- SCSI subsystem;
- Thermal drivers;
- J
Ubuntu
Linux kernel (AWS) vulnerabilities
vendor_ubuntu·2025-06-24·CVSS 5.5
CVE-2022-49728 [MEDIUM] Linux kernel (AWS) vulnerabilities
Title: Linux kernel (AWS) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Michael Randrianantenaina discovered that the Bluetooth driver in the Linux
Kernel contained an improper access control vulnerability. A nearby
attacker could use this to connect a rougue device and possibly execute
arbitrary code. (CVE-2024-8805)
It was discovered that the CIFS network file system implementation in the
Linux kernel did not properly verify the target namespace when handling
upcalls. An attacker could use this to expose sensitive information.
(CVE-2025-2312)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- PowerPC architecture;
- x86
Ubuntu
Linux kernel (FIPS) vulnerabilities
vendor_ubuntu·2025-06-24·CVSS 5.5
CVE-2022-49728 [MEDIUM] Linux kernel (FIPS) vulnerabilities
Title: Linux kernel (FIPS) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Michael Randrianantenaina discovered that the Bluetooth driver in the Linux
Kernel contained an improper access control vulnerability. A nearby
attacker could use this to connect a rougue device and possibly execute
arbitrary code. (CVE-2024-8805)
It was discovered that the CIFS network file system implementation in the
Linux kernel did not properly verify the target namespace when handling
upcalls. An attacker could use this to expose sensitive information.
(CVE-2025-2312)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- PowerPC architecture;
- x86
Ubuntu
Linux kernel (Real-time) vulnerabilities
vendor_ubuntu·2025-06-24·CVSS 5.5
CVE-2025-22081 [MEDIUM] Linux kernel (Real-time) vulnerabilities
Title: Linux kernel (Real-time) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Michael Randrianantenaina discovered that the Bluetooth driver in the Linux
Kernel contained an improper access control vulnerability. A nearby
attacker could use this to connect a rougue device and possibly execute
arbitrary code. (CVE-2024-8805)
It was discovered that the CIFS network file system implementation in the
Linux kernel did not properly verify the target namespace when handling
upcalls. An attacker could use this to expose sensitive information.
(CVE-2025-2312)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- PowerPC architecture;
Ubuntu
Linux kernel (Real-time) vulnerabilities
vendor_ubuntu·2025-06-24·CVSS 5.5
CVE-2025-21699 [MEDIUM] Linux kernel (Real-time) vulnerabilities
Title: Linux kernel (Real-time) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
It was discovered that the CIFS network file system implementation in the
Linux kernel did not properly verify the target namespace when handling
upcalls. An attacker could use this to expose sensitive information.
(CVE-2025-2312)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- GPIO subsystem;
- GPU drivers;
- InfiniBand drivers;
- IRQ chip drivers;
- Network drivers;
- Mellanox network drivers;
- i.MX PM domains;
- SCSI subsystem;
- USB Serial drivers;
- AFS file system;
- GFS2 file system;
- File systems infrastructure;
- File system notifica
Ubuntu
Linux kernel vulnerabilities
vendor_ubuntu·2025-06-24·CVSS 5.5
CVE-2024-57948 [MEDIUM] Linux kernel vulnerabilities
Title: Linux kernel vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
It was discovered that the CIFS network file system implementation in the
Linux kernel did not properly verify the target namespace when handling
upcalls. An attacker could use this to expose sensitive information.
(CVE-2025-2312)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- GPIO subsystem;
- GPU drivers;
- InfiniBand drivers;
- IRQ chip drivers;
- Network drivers;
- Mellanox network drivers;
- i.MX PM domains;
- SCSI subsystem;
- USB Serial drivers;
- AFS file system;
- GFS2 file system;
- File systems infrastructure;
- File system notification infrast
Ubuntu
Linux kernel vulnerabilities
vendor_ubuntu·2025-06-24·CVSS 5.5
CVE-2022-49728 [MEDIUM] Linux kernel vulnerabilities
Title: Linux kernel vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Michael Randrianantenaina discovered that the Bluetooth driver in the Linux
Kernel contained an improper access control vulnerability. A nearby
attacker could use this to connect a rougue device and possibly execute
arbitrary code. (CVE-2024-8805)
It was discovered that the CIFS network file system implementation in the
Linux kernel did not properly verify the target namespace when handling
upcalls. An attacker could use this to expose sensitive information.
(CVE-2025-2312)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- PowerPC architecture;
- x86 archit
Ubuntu
Linux kernel (HWE) vulnerabilities
vendor_ubuntu·2025-06-24·CVSS 8.8
CVE-2024-57986 [HIGH] Linux kernel (HWE) vulnerabilities
Title: Linux kernel (HWE) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Michael Randrianantenaina discovered that the Bluetooth driver in the Linux
Kernel contained an improper access control vulnerability. A nearby
attacker could use this to connect a rougue device and possibly execute
arbitrary code. (CVE-2024-8805)
It was discovered that the CIFS network file system implementation in the
Linux kernel did not properly verify the target namespace when handling
upcalls. An attacker could use this to expose sensitive information.
(CVE-2025-2312)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- PowerP
Ubuntu
Linux kernel vulnerabilities
vendor_ubuntu·2025-06-23·CVSS 5.5
CVE-2025-22081 [MEDIUM] Linux kernel vulnerabilities
Title: Linux kernel vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Michael Randrianantenaina discovered that the Bluetooth driver in the Linux
Kernel contained an improper access control vulnerability. A nearby
attacker could use this to connect a rougue device and possibly execute
arbitrary code. (CVE-2024-8805)
It was discovered that the CIFS network file system implementation in the
Linux kernel did not properly verify the target namespace when handling
upcalls. An attacker could use this to expose sensitive information.
(CVE-2025-2312)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- PowerPC architecture;
- x86 archit
Ubuntu
Linux kernel vulnerabilities
vendor_ubuntu·2025-06-19·CVSS 5.5
CVE-2025-38637 [MEDIUM] Linux kernel vulnerabilities
Title: Linux kernel vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
It was discovered that the CIFS network file system implementation in the
Linux kernel did not properly verify the target namespace when handling
upcalls. An attacker could use this to expose sensitive information.
(CVE-2025-2312)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- PowerPC architecture;
- x86 architecture;
- iSCSI Boot Firmware Table Attributes driver;
- GPU drivers;
- HID subsystem;
- InfiniBand drivers;
- Media drivers;
- MemoryStick subsystem;
- Network drivers;
- NTB driver;
- PCI subsystem;
- SCSI subsystem;
- Thermal drivers;
- JFS file
Ubuntu
Linux kernel (FIPS) vulnerabilities
vendor_ubuntu·2025-06-19·CVSS 5.5
CVE-2025-38637 [MEDIUM] Linux kernel (FIPS) vulnerabilities
Title: Linux kernel (FIPS) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
It was discovered that the CIFS network file system implementation in the
Linux kernel did not properly verify the target namespace when handling
upcalls. An attacker could use this to expose sensitive information.
(CVE-2025-2312)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- PowerPC architecture;
- x86 architecture;
- iSCSI Boot Firmware Table Attributes driver;
- GPU drivers;
- HID subsystem;
- InfiniBand drivers;
- Media drivers;
- MemoryStick subsystem;
- Network drivers;
- NTB driver;
- PCI subsystem;
- SCSI subsystem;
- Thermal drivers;
- JF
Ubuntu
cifs-utils vulnerability
vendor_ubuntu·2025-05-27
CVE-2025-2312 cifs-utils vulnerability
Title: cifs-utils vulnerability
Summary: cifs-utils could be made to expose sensitive information.
It was discovered that cifs-utils incorrectly handled namespaces when
obtaining Kerberos credentials. An attacker could possibly use this issue
to obtain sensitive information.
Instructions: In general, a standard system update will make all the necessary changes.
Ubuntu
Linux kernel (Azure, N-Series) vulnerabilities
vendor_ubuntu·2025-04-28·CVSS 8.8
CVE-2024-53083 [HIGH] Linux kernel (Azure, N-Series) vulnerabilities
Title: Linux kernel (Azure, N-Series) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Michael Randrianantenaina discovered that the Bluetooth driver in the Linux
Kernel contained an improper access control vulnerability. A nearby
attacker could use this to connect a rougue device and possibly execute
arbitrary code. (CVE-2024-8805)
Attila Szász discovered that the HFS+ file system implementation in the
Linux Kernel contained a heap overflow vulnerability. An attacker could use
a specially crafted file system image that, when mounted, could cause a
denial of service (system crash) or possibly execute arbitrary code.
(CVE-2025-0927)
It was discovered that the CIFS network file system implementation in the
Linux kernel did not properly verify the target na
Ubuntu
Linux kernel vulnerabilities
vendor_ubuntu·2025-04-23·CVSS 5.5
CVE-2025-21695 [MEDIUM] Linux kernel vulnerabilities
Title: Linux kernel vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
It was discovered that the CIFS network file system implementation in the
Linux kernel did not properly verify the target namespace when handling
upcalls. An attacker could use this to expose sensitive information.
(CVE-2025-2312)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- GPIO subsystem;
- GPU drivers;
- IRQ chip drivers;
- Network drivers;
- Mellanox network drivers;
- x86 platform drivers;
- i.MX PM domains;
- SCSI subsystem;
- USB Serial drivers;
- AFS file system;
- GFS2 file system;
- File systems infrastructure;
- Proc file system;
- SMB networ
Ubuntu
Linux kernel (Azure) vulnerabilities
vendor_ubuntu·2025-04-01·CVSS 8.8
CVE-2024-49888 [HIGH] Linux kernel (Azure) vulnerabilities
Title: Linux kernel (Azure) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Michael Randrianantenaina discovered that the Bluetooth driver in the Linux
Kernel contained an improper access control vulnerability. A nearby
attacker could use this to connect a rougue device and possibly execute
arbitrary code. (CVE-2024-8805)
Attila Szász discovered that the HFS+ file system implementation in the
Linux Kernel contained a heap overflow vulnerability. An attacker could use
a specially crafted file system image that, when mounted, could cause a
denial of service (system crash) or possibly execute arbitrary code.
(CVE-2025-0927)
It was discovered that the CIFS network file system implementation in the
Linux kernel did not properly verify the target namespace wh
Ubuntu
Linux kernel (Azure) vulnerabilities
vendor_ubuntu·2025-03-27·CVSS 8.8
CVE-2024-49965 [HIGH] Linux kernel (Azure) vulnerabilities
Title: Linux kernel (Azure) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Michael Randrianantenaina discovered that the Bluetooth driver in the Linux
Kernel contained an improper access control vulnerability. A nearby
attacker could use this to connect a rougue device and possibly execute
arbitrary code. (CVE-2024-8805)
Attila Szász discovered that the HFS+ file system implementation in the
Linux Kernel contained a heap overflow vulnerability. An attacker could use
a specially crafted file system image that, when mounted, could cause a
denial of service (system crash) or possibly execute arbitrary code.
(CVE-2025-0927)
It was discovered that the CIFS network file system implementation in the
Linux kernel did not properly verify the target namespace wh
Microsoft
cifs.upcall makes an upcall to the wrong namespace in containerized environments
vendor_msrc·2025-03-11·CVSS 5.9
CVE-2025-2312 [MEDIUM] CWE-488 cifs.upcall makes an upcall to the wrong namespace in containerized environments
cifs.upcall makes an upcall to the wrong namespace in containerized environments
FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?
One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See this blog post for more information. If impact to additional products is identified, we will update the CVE to reflect this.
Mariner: Mariner
redhat-cnalr: redhat-cnalr
Customer Action Required: Yes
Remediation: CBL-Mar
Debian
CVE-2025-2312: cifs-utils - A flaw was found in cifs-utils. When trying to obtain Kerberos credentials, the ...
vendor_debian·2025·CVSS 5.9
CVE-2025-2312 [MEDIUM] CVE-2025-2312: cifs-utils - A flaw was found in cifs-utils. When trying to obtain Kerberos credentials, the ...
A flaw was found in cifs-utils. When trying to obtain Kerberos credentials, the cifs.upcall program from the cifs-utils package makes an upcall to the wrong namespace in containerized environments. This issue may lead to disclosing sensitive data from the host's Kerberos credentials cache.
Scope: local
bookworm: open
bullseye: resolved
forky: resolved (fixed in 2:7.2-1)
sid: resolved (fixed in 2:7.2-1)
trixie: resolved (fixed in 2:7.2-1)
Red Hat
cifs-utils: kernel: cifs-utils: cifs.upcall makes an upcall to the wrong namespace in containerized environments
vendor_redhat·2024-11-11·CVSS 5.9
CVE-2025-2312 [MEDIUM] CWE-488 cifs-utils: kernel: cifs-utils: cifs.upcall makes an upcall to the wrong namespace in containerized environments
cifs-utils: kernel: cifs-utils: cifs.upcall makes an upcall to the wrong namespace in containerized environments
A flaw was found in cifs-utils. When trying to obtain Kerberos credentials, the cifs.upcall program from the cifs-utils package makes an upcall to the wrong namespace in containerized environments. This issue may lead to disclosing sensitive data from the host's Kerberos credentials cache.
A flaw was found in cifs-utils. When trying to obtain Kerberos credentials, the cifs.upcall program from the cifs-utils package makes an upcall to the wrong namespace in containerized environments. This issue may lead to disclosing sensitive data from the host's Kerberos credentials cache.
Statement: No evidence was found of the possibility of a container escape, restricting the impact to c
Microsoft
GRUB2 does not call the module fini functions on exit, leading to Debian/Ubuntu's peimage GRUB2 module leaving UEFI system table hooks after exit. This lead to a use-after-free condition, and could po
vendor_msrc·2024-04-09·CVSS 6.7
CVE-2024-2312 [MEDIUM] CWE-416 GRUB2 does not call the module fini functions on exit, leading to Debian/Ubuntu's peimage GRUB2 module leaving UEFI system table hooks after exit. This lead to a use-after-free condition, and could po
GRUB2 does not call the module fini functions on exit, leading to Debian/Ubuntu's peimage GRUB2 module leaving UEFI system table hooks after exit. This lead to a use-after-free condition, and could possibly lead to secure boot bypass.
FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?
One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See this blog post for more information. If impact to additional products
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2025-03-25
Published