OESA-2026-2577 samba security update

Samba is a suite of programs for Linux and Unix to interoperate with Windows. Security Fixes: '-------- Forwarded Message --------', 'Date: Tue, 26 May 2026 14:29:50 +0200', 'Reply-To: Stefan Metzmacher metze samba org', 'Release Announcements\n---------------------\n\nThis is a security release ...

Critical: Red Hat Security Advisory: samba security update

An update for samba is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

ALSA-2026:22963 Critical: samba security update

Samba is an open-source implementation of the Server Message Block SMB protocol and the related Common Internet File System CIFS protocol, which allow PC-compatible machines to share files, printers, and various information. Security Fixes: samba: Missing access check on reparse point operations...

Security update for samba

This update for samba fixes the following issues CVE-2026-2340: vfsworm does not block directory modification bsc1261158. CVE-2026-3238: unauthenticated udp packet crashes AD DC nbt server bsc1261160. CVE-2026-4408: Remote Code Execution in SAMR bsc1261163. CVE-2026-4480: Unauthenticated Remote...

SUSE-SU-2026:2108-1 Security update for samba

This update for samba fixes the following issues - CVE-2026-2340: vfsworm does not block directory modification bsc1261158. - CVE-2026-3238: unauthenticated udp packet crashes AD DC nbt server bsc1261160. - CVE-2026-4408: Remote Code Execution in SAMR bsc1261163. - CVE-2026-4480: Unauthenticated...

SUSE-SU-2026:2076-1 Security update for samba

This update for samba fixes the following issues Security issues: - CVE-2026-1933: Missing access check on reparse point operations bsc1261188. - CVE-2026-2340: vfsworm does not block directory modification bsc1261158. - CVE-2026-3012: group policy certificate enrollment uses http: // without...

SUSE-SU-2026:2074-1 Security update for samba

This update for samba fixes the following issues - CVE-2026-2340: vfsworm does not block directory modification bsc1261158. - CVE-2026-3012: group policy certificate enrollment uses http: // without validation bsc1261159. - CVE-2026-3238: unauthenticated udp packet crashes AD DC nbt server...

Denial of service against AD DC WINS server

Description The Windows Internet Naming Service 1 is an unauthenticated service for registering and looking up names in a NetBIOS network running on TCP and UDP 2. The protocol handlers for the RELEASE and MULTIHOMEREG packets in the WINS server running when Samba is configured as an Active...

Astra Linux – Vulnerability in cifs-utils

It was discovered that cifs-utils’ mount.cifs function invoked a shell when requesting the Samba password, which could be exploited to inject arbitrary commands. An attacker who had special permissions, such as those through sudo rules, could use this vulnerability to escalate their privileges...

EUVD-2026-26513

In the Linux kernel, the following vulnerability has been resolved: ksmbd: use checkaddoverflow to prevent u16 DACL size overflow setposixaclentriesdacl and setntacldacl accumulate ACE sizes in u16 variables. When a file has many POSIX ACL entries, the accumulated size can wrap past 65535, causin...

OESA-2025-2539 samba security update

Samba is a suite of programs for Linux and Unix to interoperate with Windows. Security Fixes: A vulnerability has been found in Samba File Transfer Software the affected version is unknown and classified as critical.The CWE definition for the vulnerability is CWE-77. The product constructs all or...

OESA-2025-2511 samba security update

Samba is a suite of programs for Linux and Unix to interoperate with Windows. Security Fixes: A vulnerability has been found in Samba File Transfer Software the affected version is unknown and classified as critical.The CWE definition for the vulnerability is CWE-77. The product constructs all or...

[SECURITY] Fedora 41 Update: samba-4.21.9-1.fc41

Samba is the standard Windows interoperability suite of programs for Linux and Unix...

[slackware-security] samba

New samba packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: extra/samba-4.22.5-i586-1slack15.0.txz: Upgraded. This is a security release in order to address the following defects: Uninitialized memory disclosure...

EUVD-2018-11710

Malware in sbrugna...

EUVD-2006-1063

Malware in sbrugna...

EUVD-2017-18394

Malware in sbrugna...

EUVD-2018-6534

Malware in sbrugna...

EUVD-2023-54034

Malicious code in bioql PyPI...

Samba 4.21.x < 4.21.6 / 4.22.x < 4.22.2 Security Bypass Vulnerability

The version of Samba installed on the remote host is 4.21.x prior to 4.21.6, or 4.22.x prior to 4.22.2. It is, therefore, affected by a security bypass vulnerability. A flaw exists with smbd when using Kerberos authentication with smb, due to using the cached user group permissions when...