Vulnerability Description
In the Linux kernel, the following vulnerability has been resolved: smb: client: set correct id, uid and cruid for multiuser automounts When uid, gid and cruid are not specified, we need to dynamically set them into the filesystem context used for automounting otherwise they'll end up reusing the values from the parent mount.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Linux | Linux Kernel | >= 6.2, < 6.6.18 |
References
- https://git.kernel.org/stable/c/2ceba8ae1bd1f5589548cb722a5c583ca3a2dedePatch
- https://git.kernel.org/stable/c/4508ec17357094e2075f334948393ddedbb75157Patch
- https://git.kernel.org/stable/c/4a6e4c56721a3e6e2550b72ec56aab306c4607a7Patch
- https://git.kernel.org/stable/c/7590ba9057c6d74c66f3b909a383ec47cd2f27fbPatch
- https://git.kernel.org/stable/c/c2aa2718cda2d56b4a551cb40043e9abc9684626Patch
- https://git.kernel.org/stable/c/4508ec17357094e2075f334948393ddedbb75157Patch
- https://git.kernel.org/stable/c/7590ba9057c6d74c66f3b909a383ec47cd2f27fbPatch
- https://git.kernel.org/stable/c/c2aa2718cda2d56b4a551cb40043e9abc9684626Patch
FAQ
What is CVE-2024-26822?
CVE-2024-26822 is a vulnerability with a CVSS score of 5.5 (MEDIUM). In the Linux kernel, the following vulnerability has been resolved: smb: client: set correct id, uid and cruid for multiuser automounts When uid, gid and cruid are not specified, we need to dynamica...
How severe is CVE-2024-26822?
CVE-2024-26822 has been rated MEDIUM with a CVSS base score of 5.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2024-26822?
Check the references section above for vendor advisories and patch information. Affected products include: Linux Linux Kernel.