PT-2026-36334

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description In the ksmbd module, the functions set posix acl entries dacl and set ntacl dacl accumulate Access Control Entry ACE sizes using u16 variables. When a file contains numerous POSIX ACL...

[SECURITY] Fedora 42 Update: smb4k-4.0.6-1.fc42

Smb4K is an SMB/CIFS share browser for KDE. It uses the Samba software suite to access the SMB/CIFS shares of the local network neighborhood. Its purpose is to provide a program that's easy to use and has as many features as possible...

CVE-2025-69431

The ZSPACE Q2C NAS contains a vulnerability related to incorrect symbolic link following. Attackers can format a USB drive to ext4, create a symbolic link to its root directory, insert the drive into the NAS device's slot, and then access the USB drive's directory mounted on the NAS using the Sam...

CVE-2025-69431

The ZSPACE Q2C NAS contains a vulnerability related to incorrect symbolic link following. Attackers can format a USB drive to ext4, create a symbolic link to its root directory, insert the drive into the NAS device's slot, and then access the USB drive's directory mounted on the NAS using the Sam...

EUVD-2025-206719

The ZSPACE Q2C NAS contains a vulnerability related to incorrect symbolic link following. Attackers can format a USB drive to ext4, create a symbolic link to its root directory, insert the drive into the NAS device's slot, and then access the USB drive's directory mounted on the NAS using the Sam...

CVE-2025-69431

The CVE-2025-69431 entry describes an issue in the ZSPACE Q2C NAS where incorrect symbolic link following can be exploited: an attacker formats a USB drive as ext4, creates a symbolic link to the drive’s root, inserts it into the NAS, and accesses the USB-mounted directory over Samba to obtain an...

CVE-2025-69431

The ZSPACE Q2C NAS contains a vulnerability related to incorrect symbolic link following. Attackers can format a USB drive to ext4, create a symbolic link to its root directory, insert the drive into the NAS device's slot, and then access the USB drive's directory mounted on the NAS using the Sam...

[ASA-202506-3] samba: access restriction bypass

Arch Linux Security Advisory ASA-202506-3 ========================================= Severity: Low Date : 2025-06-06 CVE-ID : CVE-2025-0620 Package : samba Type : access restriction bypass Remote : Yes Link : https://security.archlinux.org/AVG-2892 Summary ======= The package samba before version...

Linux Distros Unpatched Vulnerability : CVE-2023-0225

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in Samba. An incomplete access check on dnsHostName allows authenticated but otherwise unprivileged users to delete this attribute from any...

CVE-2021-43039

An issue was discovered in Kaseya Unitrends Backup Appliance before 10.5.5. The Samba file sharing service allowed anonymous read/write access...

USN-2855-1 samba vulnerabilities

Thilo Uttendorfer discovered that the Samba LDAP server incorrectly handled certain packets. A remote attacker could use this issue to cause the LDAP server to stop responding, resulting in a denial of service. This issue only affected Ubuntu 14.04 LTS, Ubuntu 15.04 and Ubuntu 15.10. CVE-2015-322...

CVE-2015-5299

The shadowcopy2getshadowcopydata function in modules/vfsshadowcopy2.c in Samba 3.x and 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before 4.3.3 does not verify that the DIRECTORYLIST access right has been granted, which allows remote attackers to access snapshots by visiting a shadow copy...