| Release | Version |
|---|---|
| bullseye | 2:6.11-3.1+deb11u2 |
| bullseye (security) | 2:6.11-3.1+deb11u1 |
| bookworm | 2:7.0-2 |
| trixie | 2:7.4-1 |
| forky | 2:7.4-1 |
| sid | 2:7.4-1 |
| Bug | bullseye | bookworm | trixie | forky | sid | Description |
|---|---|---|---|---|---|---|
| CVE-2026-12505 | vulnerable | vulnerable | vulnerable | vulnerable | vulnerable | A flaw was found in the cifs-utils package where the cifs.upcall helpe ... |
| CVE-2025-2312 | fixed | vulnerable (no DSA, ignored) | fixed | fixed | fixed | A flaw was found in cifs-utils. When trying to obtain Kerberos credent ... |
| Bug | bullseye | bookworm | trixie | forky | sid | Description |
|---|---|---|---|---|---|---|
| CVE-2014-2830 | vulnerable | vulnerable | vulnerable | vulnerable | vulnerable | Stack-based buffer overflow in cifskey.c or cifscreds.c in cifs-utils ... |
| Bug | Description |
|---|---|
| CVE-2022-29869 | cifs-utils through 6.14, with verbose logging, can cause an informatio ... |
| CVE-2022-27239 | In cifs-utils through 6.14, a stack-based buffer overflow when parsing ... |
| CVE-2021-20208 | A flaw was found in cifs-utils in versions before 6.13. A user when mo ... |
| CVE-2020-14342 | It was found that cifs-utils' mount.cifs was invoking a shell when req ... |
| CVE-2012-1586 | mount.cifs in cifs-utils 2.6 allows local users to determine the exist ... |
| CVE-2011-3585 | Multiple race conditions in the (1) mount.cifs and (2) umount.cifs pro ... |
| CVE-2011-2724 | The check_mtab function in client/mount.cifs.c in mount.cifs in smbfs ... |
| CVE-2011-1678 | smbfs in Samba 3.5.8 and earlier attempts to use (1) mount.cifs to app ... |
| DSA / DLA | Description |
|---|---|
| DSA-5157-1 | cifs-utils - security update |
| DLA-3009-1 | cifs-utils - security update |