In the Linux kernel, the following vulnerability has been resolved:
smb: client: set correct id, uid and cruid for multiuser automounts
When uid, gid and cruid are not specified, we need to dynamically set them into the filesystem context used for automounting otherwise they'll end up reusing the values from the parent mount.
{ "vanir_signatures": [ { "signature_version": "v1", "target": { "file": "fs/smb/client/namespace.c" }, "signature_type": "Line", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@4508ec17357094e2075f334948393ddedbb75157", "deprecated": false, "digest": { "line_hashes": [ "155558513119103975132760034902508811508", "183690471425462689765352001203145214184", "97711146878016885021950208697231616694", "25456364114260286118015146679859929187", "71613107392748507355929925272570446664", "102411093859320951773560514155040770650", "57340025198541695897185589129176886753" ], "threshold": 0.9 }, "id": "CVE-2024-26822-07542e9c" }, { "signature_version": "v1", "target": { "file": "fs/smb/client/namespace.c" }, "signature_type": "Line", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@7590ba9057c6d74c66f3b909a383ec47cd2f27fb", "deprecated": false, "digest": { "line_hashes": [ "155558513119103975132760034902508811508", "183690471425462689765352001203145214184", "97711146878016885021950208697231616694", "25456364114260286118015146679859929187", "71613107392748507355929925272570446664", "102411093859320951773560514155040770650", "57340025198541695897185589129176886753" ], "threshold": 0.9 }, "id": "CVE-2024-26822-44401132" }, { "signature_version": "v1", "target": { "function": "cifs_do_automount", "file": "fs/smb/client/namespace.c" }, "signature_type": "Function", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@7590ba9057c6d74c66f3b909a383ec47cd2f27fb", "deprecated": false, "digest": { "length": 1257.0, "function_hash": "97550964208028254002895090306641504820" }, "id": "CVE-2024-26822-59f5264d" }, { "signature_version": "v1", "target": { "function": "cifs_do_automount", "file": "fs/smb/client/namespace.c" }, "signature_type": "Function", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@c2aa2718cda2d56b4a551cb40043e9abc9684626", "deprecated": false, "digest": { "length": 1257.0, "function_hash": "97550964208028254002895090306641504820" }, "id": "CVE-2024-26822-9f5d20ea" }, { "signature_version": "v1", "target": { "file": "fs/smb/client/namespace.c" }, "signature_type": "Line", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@c2aa2718cda2d56b4a551cb40043e9abc9684626", "deprecated": false, "digest": { "line_hashes": [ "155558513119103975132760034902508811508", "183690471425462689765352001203145214184", "97711146878016885021950208697231616694", "25456364114260286118015146679859929187", "71613107392748507355929925272570446664", "102411093859320951773560514155040770650", "57340025198541695897185589129176886753" ], "threshold": 0.9 }, "id": "CVE-2024-26822-d6a21100" }, { "signature_version": "v1", "target": { "function": "cifs_do_automount", "file": "fs/smb/client/namespace.c" }, "signature_type": "Function", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@4508ec17357094e2075f334948393ddedbb75157", "deprecated": false, "digest": { "length": 1257.0, "function_hash": "97550964208028254002895090306641504820" }, "id": "CVE-2024-26822-ef8d0219" } ] }