usn-8306-1
Vulnerability from osv_ubuntu
Asim Viladi Oglu Manizada discovered that Samba incorrectly handled access checks on reparse point operations. An attacker could possibly use this issue to modify reparse point extended attributes on files that should have been read-only. This issue only affected Ubuntu 25.10 and Ubuntu 26.04 LTS. (CVE-2026-1933)
Pavel Kohout discovered that Samba's vfs_worm module did not properly block file overwrites. An attacker could possibly use this issue to overwrite files that should have remained immutable. (CVE-2026-2340)
Arad Inbar, Nir Somech, and Ben Grinberg discovered that Samba incorrectly handled certificate auto-enrolment group policies over HTTP without verification. A machine-in-the-middle attacker could possibly use this issue to install a malicious CA certificate. This issue only affected Ubuntu 24.04 LTS, Ubuntu 25.10, and Ubuntu 26.04 LTS. (CVE-2026-3012)
Arad Inbar, Erez Cohen, Nir Somech, and Ben Grinberg discovered that Samba's Active Directory Domain Controller WINS server could be made to crash under certain circumstances. A remote attacker could possibly use this issue to cause a denial of service. (CVE-2026-3238)
Ron Ben Yizhak discovered that Samba's DCE/RPC SAMR server incorrectly handled a non-default password check script configuration. A remote attacker could possibly use this issue to execute arbitrary code. (CVE-2026-4408)
Ron Ben Yizhak discovered that Samba's printing subsystem incorrectly handled a non-default print command configuration. A remote attacker could possibly use this issue to execute arbitrary code. (CVE-2026-4480)
{
"affected": [
{
"database_specific": {
"cves_map": {
"cves": [
{
"id": "CVE-2026-2340",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2026-3238",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2026-4408",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2026-4480",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
}
],
"ecosystem": "Ubuntu:22.04:LTS"
}
},
"ecosystem_specific": {
"availability": "No subscription required",
"binaries": [
{
"binary_name": "ctdb",
"binary_version": "2:4.15.13+dfsg-0ubuntu1.12"
},
{
"binary_name": "libnss-winbind",
"binary_version": "2:4.15.13+dfsg-0ubuntu1.12"
},
{
"binary_name": "libpam-winbind",
"binary_version": "2:4.15.13+dfsg-0ubuntu1.12"
},
{
"binary_name": "libsmbclient",
"binary_version": "2:4.15.13+dfsg-0ubuntu1.12"
},
{
"binary_name": "libwbclient0",
"binary_version": "2:4.15.13+dfsg-0ubuntu1.12"
},
{
"binary_name": "python3-samba",
"binary_version": "2:4.15.13+dfsg-0ubuntu1.12"
},
{
"binary_name": "registry-tools",
"binary_version": "2:4.15.13+dfsg-0ubuntu1.12"
},
{
"binary_name": "samba",
"binary_version": "2:4.15.13+dfsg-0ubuntu1.12"
},
{
"binary_name": "samba-common",
"binary_version": "2:4.15.13+dfsg-0ubuntu1.12"
},
{
"binary_name": "samba-common-bin",
"binary_version": "2:4.15.13+dfsg-0ubuntu1.12"
},
{
"binary_name": "samba-dsdb-modules",
"binary_version": "2:4.15.13+dfsg-0ubuntu1.12"
},
{
"binary_name": "samba-libs",
"binary_version": "2:4.15.13+dfsg-0ubuntu1.12"
},
{
"binary_name": "samba-testsuite",
"binary_version": "2:4.15.13+dfsg-0ubuntu1.12"
},
{
"binary_name": "samba-vfs-modules",
"binary_version": "2:4.15.13+dfsg-0ubuntu1.12"
},
{
"binary_name": "smbclient",
"binary_version": "2:4.15.13+dfsg-0ubuntu1.12"
},
{
"binary_name": "winbind",
"binary_version": "2:4.15.13+dfsg-0ubuntu1.12"
}
]
},
"package": {
"ecosystem": "Ubuntu:22.04:LTS",
"name": "samba",
"purl": "pkg:deb/ubuntu/samba@2:4.15.13+dfsg-0ubuntu1.12?arch=source\u0026distro=jammy"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2:4.15.13+dfsg-0ubuntu1.12"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"2:4.13.5+dfsg-2ubuntu2",
"2:4.13.5+dfsg-2ubuntu3",
"2:4.13.14+dfsg-0ubuntu1",
"2:4.13.14+dfsg-0ubuntu2",
"2:4.15.5~dfsg-0ubuntu1",
"2:4.15.5~dfsg-0ubuntu2",
"2:4.15.5~dfsg-0ubuntu4",
"2:4.15.5~dfsg-0ubuntu5",
"2:4.15.5~dfsg-0ubuntu5.1",
"2:4.15.9+dfsg-0ubuntu0.2",
"2:4.15.9+dfsg-0ubuntu0.3",
"2:4.15.13+dfsg-0ubuntu1",
"2:4.15.13+dfsg-0ubuntu1.1",
"2:4.15.13+dfsg-0ubuntu1.2",
"2:4.15.13+dfsg-0ubuntu1.3",
"2:4.15.13+dfsg-0ubuntu1.4",
"2:4.15.13+dfsg-0ubuntu1.5",
"2:4.15.13+dfsg-0ubuntu1.6",
"2:4.15.13+dfsg-0ubuntu1.7",
"2:4.15.13+dfsg-0ubuntu1.8",
"2:4.15.13+dfsg-0ubuntu1.9",
"2:4.15.13+dfsg-0ubuntu1.10"
]
},
{
"database_specific": {
"cves_map": {
"cves": [
{
"id": "CVE-2026-2340",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2026-3012",
"severity": [
{
"score": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
"type": "CVSS_V3"
},
{
"score": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2026-3238",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2026-4408",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2026-4480",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
}
],
"ecosystem": "Ubuntu:24.04:LTS"
}
},
"ecosystem_specific": {
"availability": "No subscription required",
"binaries": [
{
"binary_name": "ctdb",
"binary_version": "2:4.19.5+dfsg-4ubuntu9.6"
},
{
"binary_name": "ldb-tools",
"binary_version": "2:2.8.0+samba4.19.5+dfsg-4ubuntu9.6"
},
{
"binary_name": "libldb2",
"binary_version": "2:2.8.0+samba4.19.5+dfsg-4ubuntu9.6"
},
{
"binary_name": "libnss-winbind",
"binary_version": "2:4.19.5+dfsg-4ubuntu9.6"
},
{
"binary_name": "libpam-winbind",
"binary_version": "2:4.19.5+dfsg-4ubuntu9.6"
},
{
"binary_name": "libsmbclient0",
"binary_version": "2:4.19.5+dfsg-4ubuntu9.6"
},
{
"binary_name": "libwbclient0",
"binary_version": "2:4.19.5+dfsg-4ubuntu9.6"
},
{
"binary_name": "python3-ldb",
"binary_version": "2:2.8.0+samba4.19.5+dfsg-4ubuntu9.6"
},
{
"binary_name": "python3-samba",
"binary_version": "2:4.19.5+dfsg-4ubuntu9.6"
},
{
"binary_name": "registry-tools",
"binary_version": "2:4.19.5+dfsg-4ubuntu9.6"
},
{
"binary_name": "samba",
"binary_version": "2:4.19.5+dfsg-4ubuntu9.6"
},
{
"binary_name": "samba-ad-dc",
"binary_version": "2:4.19.5+dfsg-4ubuntu9.6"
},
{
"binary_name": "samba-ad-provision",
"binary_version": "2:4.19.5+dfsg-4ubuntu9.6"
},
{
"binary_name": "samba-common",
"binary_version": "2:4.19.5+dfsg-4ubuntu9.6"
},
{
"binary_name": "samba-common-bin",
"binary_version": "2:4.19.5+dfsg-4ubuntu9.6"
},
{
"binary_name": "samba-dsdb-modules",
"binary_version": "2:4.19.5+dfsg-4ubuntu9.6"
},
{
"binary_name": "samba-libs",
"binary_version": "2:4.19.5+dfsg-4ubuntu9.6"
},
{
"binary_name": "samba-testsuite",
"binary_version": "2:4.19.5+dfsg-4ubuntu9.6"
},
{
"binary_name": "samba-vfs-modules",
"binary_version": "2:4.19.5+dfsg-4ubuntu9.6"
},
{
"binary_name": "samba-vfs-modules-extra",
"binary_version": "2:4.19.5+dfsg-4ubuntu9.6"
},
{
"binary_name": "smbclient",
"binary_version": "2:4.19.5+dfsg-4ubuntu9.6"
},
{
"binary_name": "winbind",
"binary_version": "2:4.19.5+dfsg-4ubuntu9.6"
}
]
},
"package": {
"ecosystem": "Ubuntu:24.04:LTS",
"name": "samba",
"purl": "pkg:deb/ubuntu/samba@2:4.19.5+dfsg-4ubuntu9.6?arch=source\u0026distro=noble"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2:4.19.5+dfsg-4ubuntu9.6"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"2:4.18.6+dfsg-1ubuntu2",
"2:4.18.6+dfsg-1ubuntu2.1",
"2:4.18.6+dfsg-1ubuntu2.2",
"2:4.19.4+dfsg-3ubuntu1",
"2:4.19.5+dfsg-1ubuntu1",
"2:4.19.5+dfsg-4ubuntu7",
"2:4.19.5+dfsg-4ubuntu8",
"2:4.19.5+dfsg-4ubuntu9",
"2:4.19.5+dfsg-4ubuntu9.2",
"2:4.19.5+dfsg-4ubuntu9.3",
"2:4.19.5+dfsg-4ubuntu9.4"
]
},
{
"database_specific": {
"cves_map": {
"cves": [
{
"id": "CVE-2026-1933",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2026-2340",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2026-3012",
"severity": [
{
"score": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
"type": "CVSS_V3"
},
{
"score": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2026-3238",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2026-4408",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2026-4480",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
}
],
"ecosystem": "Ubuntu:25.10"
}
},
"ecosystem_specific": {
"availability": "No subscription required",
"binaries": [
{
"binary_name": "ctdb",
"binary_version": "2:4.22.3+dfsg-4ubuntu2.4"
},
{
"binary_name": "ldb-tools",
"binary_version": "2:2.11.0+samba4.22.3+dfsg-4ubuntu2.4"
},
{
"binary_name": "libldb2",
"binary_version": "2:2.11.0+samba4.22.3+dfsg-4ubuntu2.4"
},
{
"binary_name": "libnss-winbind",
"binary_version": "2:4.22.3+dfsg-4ubuntu2.4"
},
{
"binary_name": "libpam-winbind",
"binary_version": "2:4.22.3+dfsg-4ubuntu2.4"
},
{
"binary_name": "libsmbclient0",
"binary_version": "2:4.22.3+dfsg-4ubuntu2.4"
},
{
"binary_name": "libtalloc2",
"binary_version": "2:2.4.3+samba4.22.3+dfsg-4ubuntu2.4"
},
{
"binary_name": "libtdb1",
"binary_version": "2:1.4.13+samba4.22.3+dfsg-4ubuntu2.4"
},
{
"binary_name": "libtevent0t64",
"binary_version": "2:0.16.2+samba4.22.3+dfsg-4ubuntu2.4"
},
{
"binary_name": "libwbclient0",
"binary_version": "2:4.22.3+dfsg-4ubuntu2.4"
},
{
"binary_name": "python3-ldb",
"binary_version": "2:2.11.0+samba4.22.3+dfsg-4ubuntu2.4"
},
{
"binary_name": "python3-samba",
"binary_version": "2:4.22.3+dfsg-4ubuntu2.4"
},
{
"binary_name": "python3-talloc",
"binary_version": "2:2.4.3+samba4.22.3+dfsg-4ubuntu2.4"
},
{
"binary_name": "python3-tdb",
"binary_version": "2:1.4.13+samba4.22.3+dfsg-4ubuntu2.4"
},
{
"binary_name": "registry-tools",
"binary_version": "2:4.22.3+dfsg-4ubuntu2.4"
},
{
"binary_name": "samba",
"binary_version": "2:4.22.3+dfsg-4ubuntu2.4"
},
{
"binary_name": "samba-ad-dc",
"binary_version": "2:4.22.3+dfsg-4ubuntu2.4"
},
{
"binary_name": "samba-ad-provision",
"binary_version": "2:4.22.3+dfsg-4ubuntu2.4"
},
{
"binary_name": "samba-common",
"binary_version": "2:4.22.3+dfsg-4ubuntu2.4"
},
{
"binary_name": "samba-common-bin",
"binary_version": "2:4.22.3+dfsg-4ubuntu2.4"
},
{
"binary_name": "samba-dsdb-modules",
"binary_version": "2:4.22.3+dfsg-4ubuntu2.4"
},
{
"binary_name": "samba-libs",
"binary_version": "2:4.22.3+dfsg-4ubuntu2.4"
},
{
"binary_name": "samba-testsuite",
"binary_version": "2:4.22.3+dfsg-4ubuntu2.4"
},
{
"binary_name": "samba-vfs-ceph",
"binary_version": "2:4.22.3+dfsg-4ubuntu2.4"
},
{
"binary_name": "samba-vfs-glusterfs",
"binary_version": "2:4.22.3+dfsg-4ubuntu2.4"
},
{
"binary_name": "samba-vfs-modules",
"binary_version": "2:4.22.3+dfsg-4ubuntu2.4"
},
{
"binary_name": "samba-vfs-modules-extra",
"binary_version": "2:4.22.3+dfsg-4ubuntu2.4"
},
{
"binary_name": "smbclient",
"binary_version": "2:4.22.3+dfsg-4ubuntu2.4"
},
{
"binary_name": "tdb-tools",
"binary_version": "2:1.4.13+samba4.22.3+dfsg-4ubuntu2.4"
},
{
"binary_name": "winbind",
"binary_version": "2:4.22.3+dfsg-4ubuntu2.4"
}
]
},
"package": {
"ecosystem": "Ubuntu:25.10",
"name": "samba",
"purl": "pkg:deb/ubuntu/samba@2:4.22.3+dfsg-4ubuntu2.4?arch=source\u0026distro=questing"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2:4.22.3+dfsg-4ubuntu2.4"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"2:4.21.4+dfsg-1ubuntu3",
"2:4.21.4+dfsg-1ubuntu4",
"2:4.21.4+dfsg-1ubuntu5",
"2:4.22.2+dfsg-1ubuntu1",
"2:4.22.3+dfsg-4ubuntu1",
"2:4.22.3+dfsg-4ubuntu2",
"2:4.22.3+dfsg-4ubuntu2.1",
"2:4.22.3+dfsg-4ubuntu2.2"
]
},
{
"database_specific": {
"cves_map": {
"cves": [
{
"id": "CVE-2026-1933",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2026-2340",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2026-3012",
"severity": [
{
"score": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
"type": "CVSS_V3"
},
{
"score": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2026-3238",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2026-4408",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2026-4480",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
}
],
"ecosystem": "Ubuntu:26.04:LTS"
}
},
"ecosystem_specific": {
"availability": "No subscription required",
"binaries": [
{
"binary_name": "ctdb",
"binary_version": "2:4.23.6+dfsg-1ubuntu2.1"
},
{
"binary_name": "ldb-tools",
"binary_version": "2:2.11.0+samba4.23.6+dfsg-1ubuntu2.1"
},
{
"binary_name": "libldb2",
"binary_version": "2:2.11.0+samba4.23.6+dfsg-1ubuntu2.1"
},
{
"binary_name": "libnss-winbind",
"binary_version": "2:4.23.6+dfsg-1ubuntu2.1"
},
{
"binary_name": "libpam-winbind",
"binary_version": "2:4.23.6+dfsg-1ubuntu2.1"
},
{
"binary_name": "libsmbclient0",
"binary_version": "2:4.23.6+dfsg-1ubuntu2.1"
},
{
"binary_name": "libtalloc2",
"binary_version": "2:2.4.3+samba4.23.6+dfsg-1ubuntu2.1"
},
{
"binary_name": "libtdb1",
"binary_version": "2:1.4.14+samba4.23.6+dfsg-1ubuntu2.1"
},
{
"binary_name": "libtevent0t64",
"binary_version": "2:0.17.1+samba4.23.6+dfsg-1ubuntu2.1"
},
{
"binary_name": "libwbclient0",
"binary_version": "2:4.23.6+dfsg-1ubuntu2.1"
},
{
"binary_name": "python3-ldb",
"binary_version": "2:2.11.0+samba4.23.6+dfsg-1ubuntu2.1"
},
{
"binary_name": "python3-samba",
"binary_version": "2:4.23.6+dfsg-1ubuntu2.1"
},
{
"binary_name": "python3-talloc",
"binary_version": "2:2.4.3+samba4.23.6+dfsg-1ubuntu2.1"
},
{
"binary_name": "python3-tdb",
"binary_version": "2:1.4.14+samba4.23.6+dfsg-1ubuntu2.1"
},
{
"binary_name": "registry-tools",
"binary_version": "2:4.23.6+dfsg-1ubuntu2.1"
},
{
"binary_name": "samba",
"binary_version": "2:4.23.6+dfsg-1ubuntu2.1"
},
{
"binary_name": "samba-ad-dc",
"binary_version": "2:4.23.6+dfsg-1ubuntu2.1"
},
{
"binary_name": "samba-ad-provision",
"binary_version": "2:4.23.6+dfsg-1ubuntu2.1"
},
{
"binary_name": "samba-common",
"binary_version": "2:4.23.6+dfsg-1ubuntu2.1"
},
{
"binary_name": "samba-common-bin",
"binary_version": "2:4.23.6+dfsg-1ubuntu2.1"
},
{
"binary_name": "samba-dsdb-modules",
"binary_version": "2:4.23.6+dfsg-1ubuntu2.1"
},
{
"binary_name": "samba-libs",
"binary_version": "2:4.23.6+dfsg-1ubuntu2.1"
},
{
"binary_name": "samba-testsuite",
"binary_version": "2:4.23.6+dfsg-1ubuntu2.1"
},
{
"binary_name": "samba-vfs-ceph",
"binary_version": "2:4.23.6+dfsg-1ubuntu2.1"
},
{
"binary_name": "samba-vfs-glusterfs",
"binary_version": "2:4.23.6+dfsg-1ubuntu2.1"
},
{
"binary_name": "samba-vfs-modules",
"binary_version": "2:4.23.6+dfsg-1ubuntu2.1"
},
{
"binary_name": "samba-vfs-modules-extra",
"binary_version": "2:4.23.6+dfsg-1ubuntu2.1"
},
{
"binary_name": "smbclient",
"binary_version": "2:4.23.6+dfsg-1ubuntu2.1"
},
{
"binary_name": "tdb-tools",
"binary_version": "2:1.4.14+samba4.23.6+dfsg-1ubuntu2.1"
},
{
"binary_name": "winbind",
"binary_version": "2:4.23.6+dfsg-1ubuntu2.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:26.04:LTS",
"name": "samba",
"purl": "pkg:deb/ubuntu/samba@2:4.23.6+dfsg-1ubuntu2.1?arch=source\u0026distro=resolute"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2:4.23.6+dfsg-1ubuntu2.1"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"2:4.22.3+dfsg-4ubuntu2",
"2:4.22.3+dfsg-4ubuntu2.1",
"2:4.22.3+dfsg-4ubuntu3",
"2:4.22.3+dfsg-4ubuntu4",
"2:4.23.4+dfsg-1ubuntu1",
"2:4.23.5+dfsg-1ubuntu2",
"2:4.23.6+dfsg-1ubuntu1",
"2:4.23.6+dfsg-1ubuntu2"
]
}
],
"aliases": [],
"details": "Asim Viladi Oglu Manizada discovered that Samba incorrectly handled access\nchecks on reparse point operations. An attacker could possibly use this\nissue to modify reparse point extended attributes on files that should have\nbeen read-only. This issue only affected Ubuntu 25.10 and Ubuntu 26.04 LTS.\n(CVE-2026-1933)\n\nPavel Kohout discovered that Samba\u0027s vfs_worm module did not properly block\nfile overwrites. An attacker could possibly use this issue to overwrite\nfiles that should have remained immutable. (CVE-2026-2340)\n\nArad Inbar, Nir Somech, and Ben Grinberg discovered that Samba incorrectly\nhandled certificate auto-enrolment group policies over HTTP without\nverification. A machine-in-the-middle attacker could possibly use this\nissue to install a malicious CA certificate. This issue only affected\nUbuntu 24.04 LTS, Ubuntu 25.10, and Ubuntu 26.04 LTS. (CVE-2026-3012)\n\nArad Inbar, Erez Cohen, Nir Somech, and Ben Grinberg discovered that\nSamba\u0027s Active Directory Domain Controller WINS server could be made to\ncrash under certain circumstances. A remote attacker could possibly use\nthis issue to cause a denial of service. (CVE-2026-3238)\n\nRon Ben Yizhak discovered that Samba\u0027s DCE/RPC SAMR server incorrectly\nhandled a non-default password check script configuration. A remote\nattacker could possibly use this issue to execute arbitrary code.\n(CVE-2026-4408)\n\nRon Ben Yizhak discovered that Samba\u0027s printing subsystem incorrectly\nhandled a non-default print command configuration. A remote attacker could\npossibly use this issue to execute arbitrary code. (CVE-2026-4480)",
"id": "USN-8306-1",
"modified": "2026-06-09T19:00:59Z",
"published": "2026-05-26T13:32:31Z",
"references": [
{
"type": "ADVISORY",
"url": "https://ubuntu.com/security/notices/USN-8306-1"
},
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2026-1933"
},
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2026-2340"
},
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2026-3012"
},
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2026-3238"
},
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2026-4408"
},
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2026-4480"
}
],
"related": [],
"schema_version": "1.7.0",
"summary": "samba vulnerabilities",
"upstream": [
"UBUNTU-CVE-2026-1933",
"UBUNTU-CVE-2026-2340",
"UBUNTU-CVE-2026-3012",
"UBUNTU-CVE-2026-3238",
"UBUNTU-CVE-2026-4408",
"UBUNTU-CVE-2026-4480"
]
}
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.