https://bugzilla.samba.org/show_bug.cgi?id=14442 --- Comment #7 from Marcus Meissner <meissner@xxxxxxx> --- Looks like a valid CVE scenario. (untrusted users might be asked to input their smb sharwe username which is then passed unfiltered into this kind of mount.cifs construct) additionaly to the proposed fixes, perhaps also check for valid characters and abort if you encounter an invalid one. -- You are receiving this mail because: You are the QA Contact for the bug.