CVE-2024-26822

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2024-26822

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-26822.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2024-26822

Downstream

BELL-CVE-2024-26822

DEBIAN-CVE-2024-26822

DLA-4499-1

DSA-6163-1

ECHO-c117-6f91-8bf8

ROOT-OS-DEBIAN-12-CVE-2024-26822

SUSE-SU-2024:2008-1

SUSE-SU-2024:2019-1

SUSE-SU-2024:2135-1

SUSE-SU-2024:2190-1

SUSE-SU-2024:2203-1

SUSE-SU-2024:2362-1

SUSE-SU-2024:2384-1

SUSE-SU-2024:2973-1

SUSE-SU-2025:20008-1

SUSE-SU-2025:20028-1

UBUNTU-CVE-2024-26822

USN-6895-1

USN-6895-2

USN-6895-3

USN-6895-4

USN-6900-1

USN-7179-1

USN-7179-2

USN-7179-3

USN-7179-4

USN-7186-1

USN-7186-2

USN-7194-1

Related

Published

2024-04-17T09:43:49.221Z

Modified

2026-05-15T11:53:45.313946369Z

Summary

smb: client: set correct id, uid and cruid for multiuser automounts

Details

In the Linux kernel, the following vulnerability has been resolved:

smb: client: set correct id, uid and cruid for multiuser automounts

When uid, gid and cruid are not specified, we need to dynamically set them into the filesystem context used for automounting otherwise they'll end up reusing the values from the parent mount.

Database specific

{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/26xxx/CVE-2024-26822.json",
    "cna_assigner": "Linux"
}

References

Affected packages

Linux / Kernel

Package

Name: Kernel

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

5.15.201

Type: ECOSYSTEM
Events: Introduced

5.16.0

Fixed

6.1.164

Type: ECOSYSTEM
Events: Introduced

6.2.0

Fixed

6.6.18

Fixed

6.7.6

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-26822.json"