CVE-2024-26822

medium

Description

In the Linux kernel, the following vulnerability has been resolved: smb: client: set correct id, uid and cruid for multiuser automounts When uid, gid and cruid are not specified, we need to dynamically set them into the filesystem context used for automounting otherwise they'll end up reusing the values from the parent mount.

References

https://git.kernel.org/stable/c/c2aa2718cda2d56b4a551cb40043e9abc9684626

https://git.kernel.org/stable/c/7590ba9057c6d74c66f3b909a383ec47cd2f27fb

https://git.kernel.org/stable/c/4a6e4c56721a3e6e2550b72ec56aab306c4607a7

https://git.kernel.org/stable/c/4508ec17357094e2075f334948393ddedbb75157

https://git.kernel.org/stable/c/2ceba8ae1bd1f5589548cb722a5c583ca3a2dede

Details

Source: Mitre, NVD

Published: 2024-04-17

Updated: 2026-03-17

Risk Information

CVSS v2

Base Score: 4.6

Vector: CVSS2#AV:L/AC:L/Au:S/C:N/I:C/A:N

Severity: Medium

CVSS v3

Base Score: 5.5

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

Severity: Medium

EPSS

EPSS: 0.00118