nfs-utils rpc.mountd Privilege Escalation Vulnerability

Vulnerability

A vulnerability in the rpc.mountd daemon of the nfs-utils package for Linux allows NFSv3 clients to escalate privileges assigned in the /etc/exports file. This vulnerability enables clients to access any subdirectory or subtree of an exported directory, disregarding file permissions and any 'root_squash' or 'all_squash' attributes that should apply to them. Red Hat Enterprise Linux systems configured as NFSv3 servers are affected.

Impact

Exploitation of this vulnerability allows authenticated NFSv3 clients to bypass 'root_squash' or 'all_squash' restrictions, accessing NFS share subdirectories with elevated privileges, contrary to intended file permissions.

Added: Mar 4, 2026, 4:21 PM

Updated: Mar 4, 2026, 6:28 PM

Vulnerability Rating

Custom Algorithm

spread

6.8

impact

5.0

exploitability

3.1

remediation

0.0

relevance

3.5

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

6.8

impact

5.0

exploitability

3.1

remediation

0.0

relevance

3.5

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

nfs-utils rpc.mountd Privilege Escalation Vulnerability

Vulnerability

Impact

Affected Products

nfs-utils

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating