CVE-2025-12801 MEDIUM

CVE-2025-12801: Nfs-utils: rpc.mountd in the nfs-utils privilege escalation

Vendor Red Hat
Product Red Hat Enterprise Linux 6
Weakness CWE-279
Published March 4, 2026
Last update June 29, 2026

CVSS base score

6.5/10
Attack vector Network
Attack complexity Low
Privileges required Low
User interaction None
Confidentiality High
Integrity None

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

What the vulnerability does

01Description

A vulnerability was recently discovered in the rpc.mountd daemon in the nfs-utils package for Linux, that allows a NFSv3 client to escalate the privileges assigned to it in the /etc/exports file at mount time. In particular, it allows the client to access any subdirectory or subtree of an exported directory, regardless of the set file permissions, and regardless of any 'root_squash' or 'all_squash' attributes that would normally be expected to apply to that client.

Key dates

02Disclosure timeline

March 4, 2026 CVE published
June 29, 2026 Record updated