5.5

CVE-2024-26822

EPSS 0.01%
Published 17.04.2024 10:15:08
Last modified 27.03.2025 20:43:09
Source 416baaa9-dc9f-4396-8d5f-8c081f
Teams watchlist Login
Open Login

In the Linux kernel, the following vulnerability has been resolved:

smb: client: set correct id, uid and cruid for multiuser automounts

When uid, gid and cruid are not specified, we need to dynamically
set them into the filesystem context used for automounting otherwise
they'll end up reusing the values from the parent mount.

Affected products Warnungen 0 Metrics 2 CWE 0 References 6

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

This information is available to logged-in users.

Data is provided by the National Vulnerability Database (NVD)

Linux ≫ Linux Kernel Version >= 6.2 < 6.6.18

Linux ≫ Linux Kernel Version >= 6.7 < 6.7.6

Linux ≫ Linux Kernel Version5.15.124

Linux ≫ Linux Kernel Version6.1.54

Linux ≫ Linux Kernel Version6.8 Updaterc1

Linux ≫ Linux Kernel Version6.8 Updaterc2

Linux ≫ Linux Kernel Version6.8 Updaterc3

Linux ≫ Linux Kernel Version6.8 Updaterc4

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.01%	0.011

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	5.5	1.8	3.6	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

https://git.kernel.org/stable/c/4508ec17357094e2075f334948393ddedbb75157

Patch

https://git.kernel.org/stable/c/7590ba9057c6d74c66f3b909a383ec47cd2f27fb

Patch

https://git.kernel.org/stable/c/c2aa2718cda2d56b4a551cb40043e9abc9684626

Patch

https://nvd.nist.gov/vuln/detail/CVE-2024-26822

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2024-26822

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2024-26822

EUVD