This bug was fixed in the package cifs-utils - 2:7.0-2ubuntu0.2
---------------
cifs-utils (2:7.0-2ubuntu0.2) noble-security; urgency=medium
* SECURITY REGRESSION: Fix memory leak in check_service_ticket_exists()
if a valid Kerberos service ticket is not available.
(LP: #2113906)
- d/p/lp2113906-cifs.upcall-fix-memory-leaks-in-check_service_ticket.patch
* SECURITY REGRESSION: Correctly search the calling applications
environment for KRB5CCNAME if running kernel is not patched for
CVE-2025-2312, fixing mounts for AD users. (LP: #2112614)
- d/p/CVE-2025-2312-3.patch: cifs.upcall: correctly treat
UPTARGET_UNSPECIFIED as UPTARGET_APP.
-- Matthew Ruffell <matthew.ruff...@canonical.com> Wed, 11 Jun 2025
16:07:20 +1200
** Changed in: cifs-utils (Ubuntu Jammy)
Status: Fix Committed => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2112614
Title:
Regression: After CVE-2025-2312 cifs.upcall can't find credential
caches from user env
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/cifs-utils/+bug/2112614/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
