CVE-2025-12801
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
04/03/2026
Last modified:
02/04/2026
Description
A vulnerability was recently discovered in the rpc.mountd daemon in the nfs-utils package for Linux, that allows a NFSv3 client to escalate the<br />
privileges assigned to it in the /etc/exports file at mount time. In particular, it allows the client to access any subdirectory or subtree of an exported directory, regardless of the set file permissions, and regardless of any &#39;root_squash&#39; or &#39;all_squash&#39; attributes that would normally be expected to apply to that client.
Impact
Base Score 3.x
6.50
Severity 3.x
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:a:redhat:openshift_container_platform:4.0:*:*:*:*:*:*:* | ||
| cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:* | ||
| cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:* | ||
| cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:* | ||
| cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:* | ||
| cpe:2.3:o:redhat:enterprise_linux:10.0:*:*:*:*:*:*:* | ||
| cpe:2.3:a:linux-nfs:nfs-utils:-:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- https://access.redhat.com/errata/RHSA-2026:3938
- https://access.redhat.com/errata/RHSA-2026:3939
- https://access.redhat.com/errata/RHSA-2026:3940
- https://access.redhat.com/errata/RHSA-2026:3941
- https://access.redhat.com/errata/RHSA-2026:3942
- https://access.redhat.com/errata/RHSA-2026:5127
- https://access.redhat.com/errata/RHSA-2026:5606
- https://access.redhat.com/errata/RHSA-2026:5867
- https://access.redhat.com/errata/RHSA-2026:5873
- https://access.redhat.com/errata/RHSA-2026:5877
- https://access.redhat.com/security/cve/CVE-2025-12801
- https://bugzilla.redhat.com/show_bug.cgi?id=2413081