A 19-year-old local privilege escalation in the Linux kernel CIFS subsystem (CIFSwitch) allows any unprivileged user to gain root on systems with cifs-utils installed and user namespaces enabled. A public proof-of-concept is available, no CVE has been assigned, and patches are in community testing as of 2026-05-28. Affected distributions include CentOS Stream 9, Rocky Linux 9, AlmaLinux 9, and SLES 15 SP7.