Multiple vulnerabilies has been found and corrected in samba: client/mount.cifs.c in mount.cifs in smbfs in Samba does not verify that the device name and mountpoint strings are composed of valid characters, which allows local users to cause a denial of service via a crafted string . client/mount.cifs.c in mount.cifs in smbfs in Samba allows local users to mount a CIFS share on an arbitrary mountpoint, and gain privileges, via a symlink attack on the mountpoint directory file . The updated packages have been patched to correct these issues.