A security researcher has disclosed a Linux local privilege escalation — dubbed CIFSwitch — that lets any unprivileged user silently escalate to root on a wide range of distributions, including Linux Mint, Debian, Rocky Linux, CentOS Stream, Kali Linux, SLES, and several others. The kernel-side bug has sat quietly in the codebase since 2007.
The vulnerability lies at the boundary between the Linux kernel's CIFS client — the component that handles SMB network filesystems — and a userspace helper provided by cifs-utils. Alone, neither piece is obviously broken. Together, their misplaced trust becomes a clean path to the root.
How the attack actually works
When the kernel needs to authenticate a Kerberos-backed SMB mount, it offloads the credential work to a userspace binary called cifs.upcall, which runs as root. To coordinate, the kernel builds a description string and requests a cifs.spnego-type key via the Linux keyring subsystem. The request-key daemon sees the key type, finds its rule, and fires cifs.upcall as root.
The critical oversight: the kernel never checked whether the description actually originated with it. Before the fix, the cifs_spnego_key_type definition had no .vet_description hook — the function that would have enforced ownership. Without it, any unprivileged process could call request_key("cifs.spnego", fake_description, ...) with fully attacker-crafted fields. The rootful helper launches regardless—and crucially, even if the kernel ultimately rejects the key. The exploit window opens the moment cifs.upcall starts, not when it succeeds.
From there, the chain is elegant. The attacker supplies a fake pid pointing to a process in their own mount namespace and sets upcall_target=app. The helper reads those fields as trusted kernel output and switches into the attacker's namespace. Before dropping privileges, it calls getpwuid() to look up the target UID — which goes through NSS (the Name Service Switch, Linux's mechanism for resolving users and groups). In the attacker's mount namespace, NSS can be configured to use a custom nsswitch.conf and a malicious shared library. That library runs inside the root helper, writes a permissive entry to sudoers.d, and the attacker has unrestricted root.
Who is affected
Full exploitation requires three conditions: a vulnerable kernel (any version since 2007), an affected cifs-utils version (6.14 or newer, or older versions that backported other CVE fixes), and the ability to create unprivileged user namespaces — a capability that is enabled by default across most modern desktop and server distributions.
By default, the exploit works immediately on Linux Mint 21.3 and 22.3, Kali Linux from 2021.4 through 2026.1, CentOS Stream 9, Rocky Linux 9, Debian 11 through 13, Ubuntu 18.04 through 22.04, AlmaLinux 9.7, and SLES 15 SP7. Fedora 40–44, CentOS Stream 10, Rocky Linux 10, and Ubuntu 26.04 are blocked by their default SELinux or AppArmor policies — but relaxing those policies re-enables the attack. Amazon Linux 2 and Kali Linux 2019/2020 ship with older cifs-utils versions that lack the namespace-switching code entirely, leaving them unaffected.
The fix and immediate mitigations
The kernel-side patch adds a .vet_description hook to cifs_spnego_key_type that returns -EPERM unless the requesting credential matches CIFS's internal spnego_cred. That single check breaks the exploit chain. The patch has been queued for stable kernels following a coordinated embargo on the linux-distros mailing list, which expired on May 27, 2026.
If patching immediately isn't possible, administrators can block the cifs kernel module from loading if SMB mounts aren't in use, remove cifs-utils if Kerberos-authenticated mounts aren't required, override the default cifs.spnego request-key rule to negate keys instead of launching the helper, or disable unprivileged user namespace creation entirely.
Why this one is different
The researcher behind CIFSwitch, Asim Manizada, found the bug not by manually auditing code, but by directing LLM agents equipped with a semantic graph traversal tool — one that maps security-relevant kernel objects, their consumers, and where assumptions between creation time and consumption time can drift. The approach let the model reason cleanly across the kernel/userspace boundary in a way traditional static analysis tools struggle with at higher abstraction levels.
What makes the finding stand out isn't the primitives — none of them are novel individually. It's that the chain involves no memory corruption, no race condition, and no exotic kernel feature. It is a pure logic bug, quietly composing three independently benign design decisions into a local root that has apparently gone unnoticed for nearly two decades. That's the kind of vulnerability that tends to be everywhere once you know what to look for.
The proof-of-concept is now public. Check your distribution's security channel and apply patches or mitigations without delay.