SB2026010201 - Multiple vulnerabilities in KDE smb4k

Description

This security bulletin contains information about 2 secuirty vulnerabilities.

1) Input validation error (CVE-ID: CVE-2025-66002)

The vulnerability allows a local user to perform arbitrary unmounts.

The vulnerability exists due to insufficient validation of user-supplied input within the Smb4KMountHelper::unmount() function in smb4kmounthelper.cpp. A local user can unmount arbitrary file system and perform a denial of service attack.

2) Permissions, Privileges, and Access Controls (CVE-ID: CVE-2025-66003)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to application allows arbitrary mounts to be created within the Smb4KMountHelper::mount() function in smb4kmounthelper.cpp. A local user with ability to control content of a Samba network share can mount it over an existing local directory (e.g. /bin) and execute arbitrary code with root privileges. 

Remediation

Install update from vendor's website.

References

• https://www.openwall.com/lists/oss-security/2025/12/10/6
• https://invent.kde.org/network/smb4k/-/commit/0dea60194ab6eb8f6e34ca2e6cb0f97b90c46f1e
• https://kde.org/info/security/advisory-20260109-1.txt