All errata/p10/ALT-PU-2026-8758-2
ALT-PU-2026-8758-2

Package update samba in branch p10

Version4.19.9-alt12
Task#420262
Published2026-06-18
Max severityCRITICAL
Severity:

Closed issues (8)

BDU:2026-07316
CRITICAL10.0

Уязвимость функции check password script модуля DCE/RPC SAMR server пакета программ сетевого взаимодействия Samba, позволяющая нарушителю выполнить произвольный код

Published: 2026-05-26
CVSS 3.xCRITICAL 10.0
CVSS:3.x/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
CVSS 2.0CRITICAL 10.0
CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C
References
BDU:2026-07317
CRITICAL10.0

Уязвимость подсистемы печати (printing subsystem) программ сетевого взаимодействия Samba, позволяющая нарушителю выполнить произвольный код

Published: 2026-05-26
CVSS 3.xCRITICAL 10.0
CVSS:3.x/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
CVSS 2.0CRITICAL 10.0
CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C
References
BDU:2026-07422
HIGH8.0

Уязвимость компонента управления групповыми политиками (GPO) программного обеспечения Samba, позволяющая нарушителю обойти существующие ограничения безопасности

Published: 2026-05-27Modified: 2026-05-28
CVSS 3.xHIGH 8.0
CVSS:3.x/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N
CVSS 2.0MEDIUM 6.2
CVSS:2.0/AV:A/AC:H/Au:N/C:C/I:C/A:N
References
BDU:2026-07423
HIGH7.5

Уязвимость WINS-сервера программного обеспечения Samba, позволяющая нарушителю вызвать отказ в обслуживании

Published: 2026-05-27
CVSS 3.xHIGH 7.5
CVSS:3.x/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVSS 2.0HIGH 7.8
CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:C
References
CVE-2026-3012
MEDIUM6.8

A flaw was found in Samba’s certificate auto-enrollment Group Policy handling. When certificate auto-enrollment is enabled, Samba may retrieve a CA certificate over an unencrypted HTTP connection and install it into the local trust store without proper verification. An attacker with the ability to intercept or redirect network traffic could exploit this behavior to supply a malicious certificate authority certificate, potentially allowing interception or spoofing of trusted communications.

Published: 2026-05-27Modified: 2026-06-23
CVSS 3.xMEDIUM 6.8
CVSS:3.x/CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
References
CVE-2026-3238
HIGH7.5

A flaw was found in Samba’s WINS server component when running as an Active Directory Domain Controller. The WINS protocol handlers for certain request types did not properly validate incoming packets, allowing an unauthenticated remote attacker to trigger a NULL pointer dereference and crash the WINS service using specially crafted UDP packets.

Published: 2026-06-08Modified: 2026-06-17
CVSS 3.xHIGH 7.5
CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
References
CVE-2026-4408
CRITICAL9.8

A flaw was found in Samba. A remote attacker can exploit a misconfiguration in Samba file servers and classic domain controllers that use the "check password script" feature. If this script is configured with the %u substitution character, the client-controlled username is passed without proper escaping of shell meta-characters. This vulnerability allows an attacker to achieve remote command execution on the affected system. This issue primarily affects non-standard configurations where the "check password script" is used with %u and the samba-dcerpcd service is started as a system service.

Published: 2026-05-28Modified: 2026-06-23
CVSS 3.xCRITICAL 9.8
CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
References
CVE-2026-4480
CRITICAL9.0

A flaw was found in the Samba printing subsystem. Samba passes the client-controlled job description string to the command configured with the "print command" setting via the "%J" substitution character without escaping shell meta characters. A remote attacker could exploit this vulnerability by sending a specially crafted print job description that contains unescaped shell characters. This could lead to remote code execution on the affected system.

Published: 2026-05-26Modified: 2026-06-23
CVSS 3.xCRITICAL 9.0
CVSS:3.x/CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
References