A 19-year-old validation flaw in the CIFS kernel subsystem allows local attackers to gain root privileges through forged authentication requests and NSS library manipulation.