View Issue Details

Jump to NotesJump to History
IDProjectCategoryView StatusDate SubmittedLast Update
0007188Kali LinuxKali Package Bugpublic2021-05-12 16:342021-08-12 17:15
Reporterbugreporter4us Assigned Toarnaudr  
PrioritynormalSeveritymajorReproducibilityalways
Status closedResolutionfixed 
Summary0007188: cifs-utils version 2:6.11-3 breaks krb5 mounts
Description

This morning after updating against the kali.download mirror, cifs-utils was upgraded from 2:6.11-1 to 2:6.11-3. Following this upgrade, my mount for a SMB3 share using krb5i authentication failed. This was reproduced by one other person after updating.

I enabled debuging in my krb5 conf and these are the following results:

key description: cifs.spnego;0;0;39010000;ver=0x2;host=REDACTED;ip4=REDACTED;sec=krb5;uid=0x3e8;creduid=0x0;user=REDACTED;pid=0x2778
May 12 09:23:47 [HOSTNAME] cifs.upcall: ver=2
May 12 09:23:47 [HOSTNAME] cifs.upcall: host=REDACTED
May 12 09:23:47 [HOSTNAME] cifs.upcall: ip=REDACTED
May 12 09:23:47 [HOSTNAME] cifs.upcall: sec=1
May 12 09:23:47 [HOSTNAME] cifs.upcall: uid=1000
May 12 09:23:47 [HOSTNAME] cifs.upcall: creduid=0
May 12 09:23:47 [HOSTNAME] cifs.upcall: user=REDACTED
May 12 09:23:47 [HOSTNAME] cifs.upcall: pid=10104
May 12 09:23:47 [HOSTNAME] cifs.upcall: get_cachename_from_process_env: pid == 0
May 12 09:23:47 [HOSTNAME] cifs.upcall: switch_to_process_ns: setns() failed for cgroup
May 12 09:23:47 [HOSTNAME] cifs.upcall: Exit status 1

This is verified as a problem with cifs-utils vs krb5 by a successful service ticket request using kvno. The mount just does not work.

Steps To Reproduce

Request a TGT against a KDC
kinit [email protected]
Attempt to mount a CIFS share referencing that TGT with krb5i authentication
mount --verbose -t smb3 //FILESHARE/Folder /mnt/fileshare -o user='USER',sec=krb5i,uid=1000,gid=1000
Observe failure.
To localize the fault, attempt to request a service ticket directly with krb5 and observe the success.
kvno cifs/[email protected]

Additional Information

It appears that this package has not yet hit the berkeley repo. I updated from kali.download.

Activities

bugreporter4us

bugreporter4us

2021-05-12 17:26

reporter   ~0014545

I was wrong about the berkeley repo. Package appears everywhere.
bugreporter4us

bugreporter4us

2021-05-14 23:50

reporter   ~0014548

I think likely this is the same issue reported on a newer version on Arch. I imagine the same patch was applied to mitigate CVE 2021-20208
See here for details: https://bugs.archlinux.org/task/70521
rhertzog

rhertzog

2021-05-17 16:27

administrator   ~0014561

This should really be reported to Debian since we are integrating the package straight from Debian. I don't see any report yet in https://bugs.debian.org/cgi-bin/pkgreport.cgi?archive=0;dist=unstable;ordering=normal;repeatmerged=0;src=cifs-utils so the report would certainly help. In particular since you pinpointed the regression to a security update.
bugreporter4us

bugreporter4us

2021-05-26 23:59

reporter   ~0014590

The relevant Debian bug report is:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989080
bugreporter4us

bugreporter4us

2021-06-18 15:22

reporter   ~0014716

As of last night the debian bug has been updated with a fixed package. The update is available in the previously mentioned link. Additionally, the merge request for the package is here: https://salsa.debian.org/samba-team/cifs-utils/-/merge_requests/8
arnaudr

arnaudr

2021-07-16 08:44

manager   ~0014927

No-one merged this patch in Debian yet unfortunately: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989080#25
bugreporter4us

bugreporter4us

2021-07-19 15:55

reporter   ~0014938

Yeah, I've been trying to keep tabs on it. Seems like a large issue that's going entirely untouched. Is there anything we can do in the Kali community to push this forward? As I understand it the fix is there and ready, just needs to be merged...
arnaudr

arnaudr

2021-07-22 02:56

manager   ~0014943

Not much we can do I'm afraid...
bugreporter4us

bugreporter4us

2021-08-03 14:46

reporter   ~0014966

The last update of cifs-utils fixed this issue.
arnaudr

arnaudr

2021-08-12 17:12

manager   ~0014996

This is great news! Thanks for reporting until the end :) I'm closing the issue now.

Issue History

Date Modified Username Field Change
2021-05-12 16:34 bugreporter4us New Issue
2021-05-12 17:26 bugreporter4us Note Added: 0014545
2021-05-14 23:50 bugreporter4us Note Added: 0014548
2021-05-17 16:27 rhertzog Note Added: 0014561
2021-05-26 23:59 bugreporter4us Note Added: 0014590
2021-06-18 15:22 bugreporter4us Note Added: 0014716
2021-06-30 08:49 g0tmi1k Priority high => normal
2021-07-16 08:44 arnaudr Note Added: 0014927
2021-07-19 15:55 bugreporter4us Note Added: 0014938
2021-07-22 02:56 arnaudr Note Added: 0014943
2021-08-03 14:46 bugreporter4us Note Added: 0014966
2021-08-12 17:12 arnaudr Note Added: 0014996
2021-08-12 17:15 arnaudr Assigned To => arnaudr
2021-08-12 17:15 arnaudr Status new => closed
2021-08-12 17:15 arnaudr Resolution open => fixed