rpm package
suse/samba&distro=SUSE Linux Enterprise Micro 5.5
pkg:rpm/suse/samba&distro=SUSE%20Linux%20Enterprise%20Micro%205.5
Vulnerabilities (7)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-10230 | Cri | 10.0 | < 4.17.12+git.510.0efaadf376b-150500.3.34.1 | 4.17.12+git.510.0efaadf376b-150500.3.34.1 | Nov 7, 2025 | A flaw was found in Samba, in the front-end WINS hook handling: NetBIOS names from registration packets are passed to a shell without proper validation or escaping. Unsanitized NetBIOS name data from WINS registration packets are inserted into a shell command and executed by the | |
| CVE-2025-9640 | Med | 4.3 | < 4.17.12+git.510.0efaadf376b-150500.3.34.1 | 4.17.12+git.510.0efaadf376b-150500.3.34.1 | Oct 15, 2025 | A flaw was found in Samba, in the vfs_streams_xattr module, where uninitialized heap memory could be written into alternate data streams. This allows an authenticated user to read residual memory content that may include sensitive data, resulting in an information disclosure vuln | |
| CVE-2023-4154 | — | < 4.17.9+git.421.abde31ca5c2-150500.3.11.1 | 4.17.9+git.421.abde31ca5c2-150500.3.11.1 | Nov 7, 2023 | A design flaw was found in Samba's DirSync control implementation, which exposes passwords and secrets in Active Directory to privileged users and Read-Only Domain Controllers (RODCs). This flaw allows RODCs and users possessing the GET_CHANGES right to access all attributes, inc | ||
| CVE-2023-42669 | — | < 4.17.9+git.421.abde31ca5c2-150500.3.11.1 | 4.17.9+git.421.abde31ca5c2-150500.3.11.1 | Nov 6, 2023 | A vulnerability was found in Samba's "rpcecho" development server, a non-Windows RPC server used to test Samba's DCE/RPC stack elements. This vulnerability stems from an RPC function that can be blocked indefinitely. The issue arises because the "rpcecho" service operates with on | ||
| CVE-2023-3961 | — | < 4.17.9+git.421.abde31ca5c2-150500.3.11.1 | 4.17.9+git.421.abde31ca5c2-150500.3.11.1 | Nov 3, 2023 | A path traversal vulnerability was identified in Samba when processing client pipe names connecting to Unix domain sockets within a private directory. Samba typically uses this mechanism to connect SMB clients to remote procedure call (RPC) services like SAMR LSA or SPOOLSS, whic | ||
| CVE-2023-42670 | — | < 4.17.9+git.421.abde31ca5c2-150500.3.11.1 | 4.17.9+git.421.abde31ca5c2-150500.3.11.1 | Nov 3, 2023 | A flaw was found in Samba. It is susceptible to a vulnerability where multiple incompatible RPC listeners can be initiated, causing disruptions in the AD DC service. When Samba's RPC server experiences a high load or unresponsiveness, servers intended for non-AD DC purposes (for | ||
| CVE-2023-4091 | — | < 4.17.9+git.421.abde31ca5c2-150500.3.11.1 | 4.17.9+git.421.abde31ca5c2-150500.3.11.1 | Nov 3, 2023 | A vulnerability was discovered in Samba, where the flaw allows SMB clients to truncate files, even with read-only permissions when the Samba VFS module "acl_xattr" is configured with "acl_xattr:ignore system acls = yes". The SMB protocol allows opening files when the client reque |
- affected < 4.17.12+git.510.0efaadf376b-150500.3.34.1fixed 4.17.12+git.510.0efaadf376b-150500.3.34.1
A flaw was found in Samba, in the front-end WINS hook handling: NetBIOS names from registration packets are passed to a shell without proper validation or escaping. Unsanitized NetBIOS name data from WINS registration packets are inserted into a shell command and executed by the
- affected < 4.17.12+git.510.0efaadf376b-150500.3.34.1fixed 4.17.12+git.510.0efaadf376b-150500.3.34.1
A flaw was found in Samba, in the vfs_streams_xattr module, where uninitialized heap memory could be written into alternate data streams. This allows an authenticated user to read residual memory content that may include sensitive data, resulting in an information disclosure vuln
- CVE-2023-4154Nov 7, 2023affected < 4.17.9+git.421.abde31ca5c2-150500.3.11.1fixed 4.17.9+git.421.abde31ca5c2-150500.3.11.1
A design flaw was found in Samba's DirSync control implementation, which exposes passwords and secrets in Active Directory to privileged users and Read-Only Domain Controllers (RODCs). This flaw allows RODCs and users possessing the GET_CHANGES right to access all attributes, inc
- CVE-2023-42669Nov 6, 2023affected < 4.17.9+git.421.abde31ca5c2-150500.3.11.1fixed 4.17.9+git.421.abde31ca5c2-150500.3.11.1
A vulnerability was found in Samba's "rpcecho" development server, a non-Windows RPC server used to test Samba's DCE/RPC stack elements. This vulnerability stems from an RPC function that can be blocked indefinitely. The issue arises because the "rpcecho" service operates with on
- CVE-2023-3961Nov 3, 2023affected < 4.17.9+git.421.abde31ca5c2-150500.3.11.1fixed 4.17.9+git.421.abde31ca5c2-150500.3.11.1
A path traversal vulnerability was identified in Samba when processing client pipe names connecting to Unix domain sockets within a private directory. Samba typically uses this mechanism to connect SMB clients to remote procedure call (RPC) services like SAMR LSA or SPOOLSS, whic
- CVE-2023-42670Nov 3, 2023affected < 4.17.9+git.421.abde31ca5c2-150500.3.11.1fixed 4.17.9+git.421.abde31ca5c2-150500.3.11.1
A flaw was found in Samba. It is susceptible to a vulnerability where multiple incompatible RPC listeners can be initiated, causing disruptions in the AD DC service. When Samba's RPC server experiences a high load or unresponsiveness, servers intended for non-AD DC purposes (for
- CVE-2023-4091Nov 3, 2023affected < 4.17.9+git.421.abde31ca5c2-150500.3.11.1fixed 4.17.9+git.421.abde31ca5c2-150500.3.11.1
A vulnerability was discovered in Samba, where the flaw allows SMB clients to truncate files, even with read-only permissions when the Samba VFS module "acl_xattr" is configured with "acl_xattr:ignore system acls = yes". The SMB protocol allows opening files when the client reque