Back to bug 1921116
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Pedro Sampaio | 2021-01-27 14:31:26 UTC | CC | security-response-team | |
| Pedro Sampaio | 2021-01-27 14:34:10 UTC | Blocks | 1916420 | |
| Alex | 2021-01-31 16:27:55 UTC | Doc Text | A flaw was found in cifs-utils. A user when mount krb5 CIFS file system from within a container can use Kerberos credentials of the host. The highest threat from this vulnerability is to data confidentiality and integrity. | |
| Pedro Sampaio | 2021-02-01 17:05:59 UTC | Summary | EMBARGOED cifs-utils: Container can use kerberos cache from the host via mount.cifs/cifs.upcall | EMBARGOED CVE-2021-20208 cifs-utils: Container can use kerberos cache from the host via mount.cifs/cifs.upcall |
| Alias | CVE-2021-20208 | |||
| Pedro Sampaio | 2021-02-01 17:30:53 UTC | Blocks | 1923718 | |
| Alex | 2021-02-03 17:05:32 UTC | Depends On | 1924815, 1924814 | |
| Alex | 2021-02-07 17:40:41 UTC | Depends On | 1925956 | |
| Hardik Vyas | 2021-02-08 16:41:11 UTC | CC | hvyas, puebele | |
| Eric Christensen | 2021-02-18 18:40:36 UTC | Doc Text | A flaw was found in cifs-utils. A user when mount krb5 CIFS file system from within a container can use Kerberos credentials of the host. The highest threat from this vulnerability is to data confidentiality and integrity. | A flaw was found in cifs-utils. A user when mounting a krb5 CIFS file system from within a container can use Kerberos credentials of the host. The highest threat from this vulnerability is to data confidentiality and integrity. |
| Ronnie Sahlberg | 2021-03-09 03:28:03 UTC | Flags | needinfo?(security-response-team) | |
| Stanislav Ochotnicky | 2021-03-10 10:04:27 UTC | CC | allarkin | |
| Flags | needinfo?(security-response-team) | needinfo?(allarkin) | ||
| Alex | 2021-03-10 11:31:39 UTC | Flags | needinfo?(allarkin) | |
| Ronnie Sahlberg | 2021-03-11 01:45:49 UTC | Blocks | 1936300 | |
| CC | xifeng | |||
| Alex | 2021-04-19 11:32:02 UTC | Group | security, qe_staff | |
| CC | abokovoy, anoopcs, dkarpele, iboukris, jlayton, jstephen, lmohanty, luk.claes, madam, ronniesahlberg, sprabhu, ssorce | |||
| Summary | EMBARGOED CVE-2021-20208 cifs-utils: Container can use kerberos cache from the host via mount.cifs/cifs.upcall | CVE-2021-20208 cifs-utils: Container can use kerberos cache from the host via mount.cifs/cifs.upcall | ||
| Guilherme de Almeida Suckevicz | 2021-04-19 19:00:09 UTC | Fixed In Version | cifs-utils 6.13 | |
| Red Hat Bugzilla | 2023-01-01 00:26:18 UTC | CC | sprabhu | |
| Red Hat Bugzilla | 2023-01-01 08:30:16 UTC | CC | gdeschner | |
| Alasdair Kergon | 2023-01-04 04:54:53 UTC | CC | gdeschner | |
| Alasdair Kergon | 2023-01-04 05:45:51 UTC | CC | sprabhu | |
| Red Hat Bugzilla | 2023-01-16 08:27:47 UTC | CC | jrivera | |
| Pavel Filipensky | 2023-01-23 08:35:56 UTC | Depends On | 2163303 | |
| Red Hat Bugzilla | 2023-01-31 23:37:00 UTC | CC | madam | |
| Tomas Hoger | 2023-04-27 21:23:10 UTC | Depends On | 2163303 | |
| Red Hat Bugzilla | 2023-07-07 08:33:55 UTC | CC | security-response-team | |
| Assignee | security-response-team | nobody | ||
| Red Hat Bugzilla | 2023-08-09 14:32:31 UTC | CC | lsahlber |
Back to bug 1921116