Security update for cifs-utils SUSE Patch security@suse.de SUSE Security Team SUSE-SU-2025:1381-1 Final 1 1 2025-04-28T07:37:13Z current 2025-04-28T07:37:13Z 2025-04-28T07:37:13Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for cifs-utils This update for cifs-utils fixes the following issues: - CVE-2025-2312: Fixed cifs.upcall making an upcall to the wrong namespace in containerized environments while trying to get Kerberos credentials (bsc#1239680) The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). SUSE-2025-1381,SUSE-SLE-Micro-5.3-2025-1381,SUSE-SLE-Micro-5.4-2025-1381,SUSE-SLE-Micro-5.5-2025-1381,SUSE-SLE-Module-Basesystem-15-SP6-2025-1381,openSUSE-SLE-15.6-2025-1381 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/update/announcement/2025/suse-su-20251381-1/ Link for SUSE-SU-2025:1381-1 https://lists.suse.com/pipermail/sle-updates/2025-April/039091.html E-Mail link for SUSE-SU-2025:1381-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1239680 SUSE Bug 1239680 https://www.suse.com/security/cve/CVE-2025-2312/ SUSE CVE CVE-2025-2312 page SUSE Linux Enterprise Micro 5.3 SUSE Linux Enterprise Micro 5.4 SUSE Linux Enterprise Micro 5.5 SUSE Linux Enterprise Module for Basesystem 15 SP6 openSUSE Leap 15.6 cifs-utils-6.15-150400.3.12.1 cifs-utils-devel-6.15-150400.3.12.1 pam_cifscreds-6.15-150400.3.12.1 cifs-utils-6.15-150400.3.12.1 as a component of SUSE Linux Enterprise Micro 5.3 cifs-utils-6.15-150400.3.12.1 as a component of SUSE Linux Enterprise Micro 5.4 cifs-utils-6.15-150400.3.12.1 as a component of SUSE Linux Enterprise Micro 5.5 cifs-utils-6.15-150400.3.12.1 as a component of SUSE Linux Enterprise Module for Basesystem 15 SP6 cifs-utils-devel-6.15-150400.3.12.1 as a component of SUSE Linux Enterprise Module for Basesystem 15 SP6 cifs-utils-6.15-150400.3.12.1 as a component of openSUSE Leap 15.6 cifs-utils-devel-6.15-150400.3.12.1 as a component of openSUSE Leap 15.6 pam_cifscreds-6.15-150400.3.12.1 as a component of openSUSE Leap 15.6 A flaw was found in cifs-utils. When trying to obtain Kerberos credentials, the cifs.upcall program from the cifs-utils package makes an upcall to the wrong namespace in containerized environments. This issue may lead to disclosing sensitive data from the host's Kerberos credentials cache. CVE-2025-2312 SUSE Linux Enterprise Micro 5.3:cifs-utils-6.15-150400.3.12.1 SUSE Linux Enterprise Micro 5.4:cifs-utils-6.15-150400.3.12.1 SUSE Linux Enterprise Micro 5.5:cifs-utils-6.15-150400.3.12.1 SUSE Linux Enterprise Module for Basesystem 15 SP6:cifs-utils-6.15-150400.3.12.1 SUSE Linux Enterprise Module for Basesystem 15 SP6:cifs-utils-devel-6.15-150400.3.12.1 openSUSE Leap 15.6:cifs-utils-6.15-150400.3.12.1 openSUSE Leap 15.6:cifs-utils-devel-6.15-150400.3.12.1 openSUSE Leap 15.6:pam_cifscreds-6.15-150400.3.12.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-20251381-1/ https://www.suse.com/security/cve/CVE-2025-2312.html CVE-2025-2312 https://bugzilla.suse.com/1239680 SUSE Bug 1239680