rpm package
suse/samba&distro=SUSE Linux Enterprise Module for Basesystem 15 SP6
pkg:rpm/suse/samba&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP6
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-10230 | Cri | 10.0 | < 4.19.8+git.435.78ced6cf30d-150600.3.21.1 | 4.19.8+git.435.78ced6cf30d-150600.3.21.1 | Nov 7, 2025 | A flaw was found in Samba, in the front-end WINS hook handling: NetBIOS names from registration packets are passed to a shell without proper validation or escaping. Unsanitized NetBIOS name data from WINS registration packets are inserted into a shell command and executed by the | |
| CVE-2025-9640 | Med | 4.3 | < 4.19.8+git.435.78ced6cf30d-150600.3.21.1 | 4.19.8+git.435.78ced6cf30d-150600.3.21.1 | Oct 15, 2025 | A flaw was found in Samba, in the vfs_streams_xattr module, where uninitialized heap memory could be written into alternate data streams. This allows an authenticated user to read residual memory content that may include sensitive data, resulting in an information disclosure vuln |
- affected < 4.19.8+git.435.78ced6cf30d-150600.3.21.1fixed 4.19.8+git.435.78ced6cf30d-150600.3.21.1
A flaw was found in Samba, in the front-end WINS hook handling: NetBIOS names from registration packets are passed to a shell without proper validation or escaping. Unsanitized NetBIOS name data from WINS registration packets are inserted into a shell command and executed by the
- affected < 4.19.8+git.435.78ced6cf30d-150600.3.21.1fixed 4.19.8+git.435.78ced6cf30d-150600.3.21.1
A flaw was found in Samba, in the vfs_streams_xattr module, where uninitialized heap memory could be written into alternate data streams. This allows an authenticated user to read residual memory content that may include sensitive data, resulting in an information disclosure vuln