Packages
- samba - SMB/CIFS file, print, and login server for Unix
Details
Asim Viladi Oglu Manizada discovered that Samba incorrectly handled access
checks on reparse point operations. An attacker could possibly use this
issue to modify reparse point extended attributes on files that should have
been read-only. This issue only affected Ubuntu 25.10 and Ubuntu 26.04 LTS.
(CVE-2026-1933)
Pavel Kohout discovered that Samba's vfs_worm module did not properly block
file overwrites. An attacker could possibly use this issue to overwrite
files that should have remained immutable. (CVE-2026-2340)
Arad Inbar, Nir Somech, and Ben Grinberg discovered that Samba incorrectly
handled certificate auto-enrolment group policies over HTTP without
verification. A machine-in-the-middle attacker could possibly use this
issue to install a malicious CA certificate. This issue only affected
Ubuntu 24.04 LTS, Ubuntu 25.10, and Ubuntu 26.04 LTS. (
Asim Viladi Oglu Manizada discovered that Samba incorrectly handled access
checks on reparse point operations. An attacker could possibly use this
issue to modify reparse point extended attributes on files that should have
been read-only. This issue only affected Ubuntu 25.10 and Ubuntu 26.04 LTS.
(CVE-2026-1933)
Pavel Kohout discovered that Samba's vfs_worm module did not properly block
file overwrites. An attacker could possibly use this issue to overwrite
files that should have remained immutable. (CVE-2026-2340)
Arad Inbar, Nir Somech, and Ben Grinberg discovered that Samba incorrectly
handled certificate auto-enrolment group policies over HTTP without
verification. A machine-in-the-middle attacker could possibly use this
issue to install a malicious CA certificate. This issue only affected
Ubuntu 24.04 LTS, Ubuntu 25.10, and Ubuntu 26.04 LTS. (CVE-2026-3012)
Arad Inbar, Erez Cohen, Nir Somech, and Ben Grinberg discovered that
Samba's Active Directory Domain Controller WINS server could be made to
crash under certain circumstances. A remote attacker could possibly use
this issue to cause a denial of service. (CVE-2026-3238)
Ron Ben Yizhak discovered that Samba's DCE/RPC SAMR server incorrectly
handled a non-default password check script configuration. A remote
attacker could possibly use this issue to execute arbitrary code.
(CVE-2026-4408)
Ron Ben Yizhak discovered that Samba's printing subsystem incorrectly
handled a non-default print command configuration. A remote attacker could
possibly use this issue to execute arbitrary code. (CVE-2026-4480)
Update instructions
In general, a standard system update will make all the necessary changes.
Learn more about how to get the fixes.The problem can be corrected by updating your system to the following package versions:
| Ubuntu Release | Package Version | ||
|---|---|---|---|
| 26.04 LTS resolute | samba – 2:4.23.6+dfsg-1ubuntu2.1 | ||
| 25.10 questing | samba – 2:4.22.3+dfsg-4ubuntu2.4 | ||
| 24.04 LTS noble | samba – 2:4.19.5+dfsg-4ubuntu9.6 | ||
| 22.04 LTS jammy | samba – 2:4.15.13+dfsg-0ubuntu1.12 | ||
Reduce your security exposure
Ubuntu Pro provides ten-year security coverage to 25,000+ packages in Main and Universe repositories, and it is free for up to five machines.