| Release | Version |
|---|---|
| jessie | 2:6.4-1+deb8u1 |
| stretch | 2:6.7-1+deb9u1 |
| buster | 2:6.8-2+deb10u1 |
| bullseye | 2:6.11-3.1+deb11u2 |
| bullseye (security) | 2:6.11-3.1+deb11u1 |
| bookworm | 2:7.0-2 |
| trixie | 2:7.0-2.1 |
| sid | 2:7.0-2.1 |
| Bug | jessie | stretch | buster | bullseye | bookworm | trixie | sid | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2021-20208 | vulnerable (no DSA) | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | fixed | fixed | A flaw was found in cifs-utils in versions before 6.13. A user when mo ... |
| CVE-2020-14342 | vulnerable (no DSA, postponed) | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | fixed | fixed | It was found that cifs-utils' mount.cifs was invoking a shell when req ... |
| Bug | jessie | stretch | buster | bullseye | bookworm | trixie | sid | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2014-2830 | vulnerable | vulnerable | vulnerable | vulnerable | vulnerable | vulnerable | vulnerable | Stack-based buffer overflow in cifskey.c or cifscreds.c in cifs-utils ... |
| Bug | Description |
|---|---|
| CVE-2022-29869 | cifs-utils through 6.14, with verbose logging, can cause an informatio ... |
| CVE-2022-27239 | In cifs-utils through 6.14, a stack-based buffer overflow when parsing ... |
| CVE-2012-1586 | mount.cifs in cifs-utils 2.6 allows local users to determine the exist ... |
| CVE-2011-3585 | Multiple race conditions in the (1) mount.cifs and (2) umount.cifs pro ... |
| CVE-2011-2724 | The check_mtab function in client/mount.cifs.c in mount.cifs in smbfs ... |
| CVE-2011-1678 | smbfs in Samba 3.5.8 and earlier attempts to use (1) mount.cifs to app ... |
| DSA / DLA | Description |
|---|---|
| DSA-5157-1 | cifs-utils - security update |
| DLA-3009-1 | cifs-utils - security update |
| ELA-614-1 | cifs-utils - security update |