VYPR

rpm package

suse/samba&distro=SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS

pkg:rpm/suse/samba&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-LTSS

Vulnerabilities (2)

  • CVE-2025-10230CriNov 7, 2025
    affected < 4.17.12+git.510.0efaadf376b-150500.3.34.1fixed 4.17.12+git.510.0efaadf376b-150500.3.34.1

    A flaw was found in Samba, in the front-end WINS hook handling: NetBIOS names from registration packets are passed to a shell without proper validation or escaping. Unsanitized NetBIOS name data from WINS registration packets are inserted into a shell command and executed by the

  • CVE-2025-9640MedOct 15, 2025
    affected < 4.17.12+git.510.0efaadf376b-150500.3.34.1fixed 4.17.12+git.510.0efaadf376b-150500.3.34.1

    A flaw was found in Samba, in the vfs_streams_xattr module, where uninitialized heap memory could be written into alternate data streams. This allows an authenticated user to read residual memory content that may include sensitive data, resulting in an information disclosure vuln