An update for nfs-utils is now available for openEuler-22.03-LTS-SP4 Security Advisory openeuler-security@openeuler.org openEuler security committee openEuler-SA-2026-2599 Final 1.0 1.0 2026-06-05 Initial 2026-06-05 2026-06-05 openEuler SA Tool V1.0 2026-06-05 nfs-utils security update An update for nfs-utils is now available for openEuler-22.03-LTS-SP4 This is he nfs-utils tools package. It contains the showmount,mount.nfs,umount.nfs and libnfsidmap Security Fix(es): A vulnerability was recently discovered in the rpc.mountd daemon in the nfs-utils package for Linux, that allows a NFSv3 client to escalate the privileges assigned to it in the /etc/exports file at mount time. In particular, it allows the client to access any subdirectory or subtree of an exported directory, regardless of the set file permissions, and regardless of any 'root_squash' or 'all_squash' attributes that would normally be expected to apply to that client.(CVE-2025-12801) An update for nfs-utils is now available for openEuler-22.03-LTS-SP4. openEuler Security has rated this update as having a security impact of medium. A Common Vunlnerability Scoring System(CVSS)base score,which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section. Medium nfs-utils https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2026-2599 https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-12801 https://nvd.nist.gov/vuln/detail/CVE-2025-12801 openEuler-22.03-LTS-SP4 libnfsidmap-2.5.4-18.oe2203sp4.aarch64.rpm nfs-utils-2.5.4-18.oe2203sp4.aarch64.rpm nfs-utils-debuginfo-2.5.4-18.oe2203sp4.aarch64.rpm nfs-utils-debugsource-2.5.4-18.oe2203sp4.aarch64.rpm nfs-utils-devel-2.5.4-18.oe2203sp4.aarch64.rpm nfs-utils-help-2.5.4-18.oe2203sp4.aarch64.rpm nfs-utils-min-2.5.4-18.oe2203sp4.aarch64.rpm libnfsidmap-2.5.4-18.oe2203sp4.x86_64.rpm nfs-utils-2.5.4-18.oe2203sp4.x86_64.rpm nfs-utils-debuginfo-2.5.4-18.oe2203sp4.x86_64.rpm nfs-utils-debugsource-2.5.4-18.oe2203sp4.x86_64.rpm nfs-utils-devel-2.5.4-18.oe2203sp4.x86_64.rpm nfs-utils-help-2.5.4-18.oe2203sp4.x86_64.rpm nfs-utils-min-2.5.4-18.oe2203sp4.x86_64.rpm nfs-utils-2.5.4-18.oe2203sp4.src.rpm A vulnerability was recently discovered in the rpc.mountd daemon in the nfs-utils package for Linux, that allows a NFSv3 client to escalate the privileges assigned to it in the /etc/exports file at mount time. In particular, it allows the client to access any subdirectory or subtree of an exported directory, regardless of the set file permissions, and regardless of any 'root_squash' or 'all_squash' attributes that would normally be expected to apply to that client. 2026-06-05 CVE-2025-12801 openEuler-22.03-LTS-SP4 Medium 6.5 AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N nfs-utils security update 2026-06-05 https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2026-2599