CVE-2025-12801

Nfs-utils: rpc.mountd in the nfs-utils privilege escalation

Description

A vulnerability was recently discovered in the rpc.mountd daemon in the nfs-utils package for Linux, that allows a NFSv3 client to escalate the privileges assigned to it in the /etc/exports file at mount time. In particular, it allows the client to access any subdirectory or subtree of an exported directory, regardless of the set file permissions, and regardless of any 'root_squash' or 'all_squash' attributes that would normally be expected to apply to that client.

INFO

Published Date :

2026-03-04T15:25:53.403Z

Last Modified :

2026-04-02T14:11:43.300Z

Source :

redhat

AFFECTED PRODUCTS

The following products are affected by CVE-2025-12801 vulnerability.

Vendors	Products
Linux-nfs	Nfs-utils
Redhat	Ceph Storage Enterprise Linux Nfs Utils Openshift Openshift Container Platform Rhel Eus

REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-12801.

URL	Resource
https://access.redhat.com/errata/RHSA-2026:3938
https://access.redhat.com/errata/RHSA-2026:3939
https://access.redhat.com/errata/RHSA-2026:3940
https://access.redhat.com/errata/RHSA-2026:3941
https://access.redhat.com/errata/RHSA-2026:3942
https://access.redhat.com/errata/RHSA-2026:5127
https://access.redhat.com/errata/RHSA-2026:5606
https://access.redhat.com/errata/RHSA-2026:5867
https://access.redhat.com/errata/RHSA-2026:5873
https://access.redhat.com/errata/RHSA-2026:5877
https://access.redhat.com/security/cve/CVE-2025-12801
https://bugzilla.redhat.com/show_bug.cgi?id=2413081
https://nvd.nist.gov/vuln/detail/CVE-2025-12801
https://www.cve.org/CVERecord?id=CVE-2025-12801

CVSS Vulnerability Scoring System

V3.1

Detailed values of each vector for above chart.

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality Impact

Integrity Impact

Availability Impact