Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
6.5
Critical Security Fix for Red Hat's NFS Utilities
RHSA-2026:3938
Summary
Red Hat's NFS utilities have a security flaw that could allow an attacker to access sensitive data on your network. This affects Red Hat Enterprise Linux users who rely on NFS for file sharing. To fix this issue, update your system to the latest version of nfs-utils.
What to do
- Update redhat libnfsidmap to version 1:2.3.3-68.el8_10.
- Update redhat libnfsidmap-debuginfo to version 1:2.3.3-68.el8_10.
- Update redhat libnfsidmap-devel to version 1:2.3.3-68.el8_10.
- Update redhat nfs-utils to version 1:2.3.3-68.el8_10.
- Update redhat nfs-utils-debuginfo to version 1:2.3.3-68.el8_10.
- Update redhat nfs-utils-debugsource to version 1:2.3.3-68.el8_10.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| redhat | libnfsidmap | <= 1:2.3.3-68.el8_10 | 1:2.3.3-68.el8_10 |
| redhat | libnfsidmap-debuginfo | <= 1:2.3.3-68.el8_10 | 1:2.3.3-68.el8_10 |
| redhat | libnfsidmap-devel | <= 1:2.3.3-68.el8_10 | 1:2.3.3-68.el8_10 |
| redhat | nfs-utils | <= 1:2.3.3-68.el8_10 | 1:2.3.3-68.el8_10 |
| redhat | nfs-utils-debuginfo | <= 1:2.3.3-68.el8_10 | 1:2.3.3-68.el8_10 |
| redhat | nfs-utils-debugsource | <= 1:2.3.3-68.el8_10 | 1:2.3.3-68.el8_10 |
| redhat | libnfsidmap | <= 1:2.3.3-68.el8_10 | 1:2.3.3-68.el8_10 |
| redhat | libnfsidmap-debuginfo | <= 1:2.3.3-68.el8_10 | 1:2.3.3-68.el8_10 |
| redhat | libnfsidmap-devel | <= 1:2.3.3-68.el8_10 | 1:2.3.3-68.el8_10 |
| redhat | nfs-utils | <= 1:2.3.3-68.el8_10 | 1:2.3.3-68.el8_10 |
| redhat | nfs-utils-debuginfo | <= 1:2.3.3-68.el8_10 | 1:2.3.3-68.el8_10 |
| redhat | nfs-utils-debugsource | <= 1:2.3.3-68.el8_10 | 1:2.3.3-68.el8_10 |
Original title
Red Hat Security Advisory: nfs-utils security update
osv CVSS3.1
6.5
- https://access.redhat.com/errata/RHSA-2026:3938 Vendor Advisory
- https://access.redhat.com/security/updates/classification/#moderate Third Party Advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=2413081 Third Party Advisory
- https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_3938.j... Vendor Advisory
- https://access.redhat.com/security/cve/CVE-2025-12801 Third Party Advisory
- https://www.cve.org/CVERecord?id=CVE-2025-12801 Vendor Advisory
- https://nvd.nist.gov/vuln/detail/CVE-2025-12801 Vendor Advisory
Published: 6 Mar 2026 · Updated: 7 Mar 2026 · First seen: 6 Mar 2026