Home / mailings [USN-8306-2] Samba vulnerabilities
Posted on 10 June 2026
Ubuntu Security==========================================================================Ubuntu Security Notice USN-8306-2
June 10, 2026
samba vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 20.04 LTS
Summary:
Several security issues were fixed in Samba.
Software Description:
- samba: SMB/CIFS file, print, and login server for Unix
Details:
USN-8306-1 fixed vulnerabilities in Samba. This update provides the
corresponding updates for CVE-2026-3238, CVE-2026-4408, and
CVE-2026-4480 in Ubuntu 20.04 LTS.
Original advisory details:
Asim Viladi Oglu Manizada discovered that Samba incorrectly handled access
checks on reparse point operations. An attacker could possibly use this
issue to modify reparse point extended attributes on files that should
have been read-only. This issue only affected Ubuntu 25.10 and Ubuntu
26.04 LTS. (CVE-2026-1933)
Pavel Kohout discovered that Samba's vfs_worm module did not properly
block file overwrites. An attacker could possibly use this issue to
overwrite files that should have remained immutable. (CVE-2026-2340)
Arad Inbar, Nir Somech, and Ben Grinberg discovered that Samba incorrectly
handled certificate auto-enrolment group policies over HTTP without
verification. A machine-in-the-middle attacker could possibly use this
issue to install a malicious CA certificate. This issue only affected
Ubuntu 24.04 LTS, Ubuntu 25.10, and Ubuntu 26.04 LTS. (CVE-2026-3012)
Arad Inbar, Erez Cohen, Nir Somech, and Ben Grinberg discovered that
Samba's Active Directory Domain Controller WINS server could be made to
crash under certain circumstances. A remote attacker could possibly use
this issue to cause a denial of service. (CVE-2026-3238)
Ron Ben Yizhak discovered that Samba's DCE/RPC SAMR server incorrectly
handled a non-default password check script configuration. A remote
attacker could possibly use this issue to execute arbitrary code.
(CVE-2026-4408)
Ron Ben Yizhak discovered that Samba's printing subsystem incorrectly
handled a non-default print command configuration. A remote attacker could
possibly use this issue to execute arbitrary code. (CVE-2026-4480)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 20.04 LTS
ctdb 2:4.15.13+dfsg-0ubuntu0.20.04.8+esm2
Available with Ubuntu Pro
libnss-winbind 2:4.15.13+dfsg-0ubuntu0.20.04.8+esm2
Available with Ubuntu Pro
libpam-winbind 2:4.15.13+dfsg-0ubuntu0.20.04.8+esm2
Available with Ubuntu Pro
libsmbclient 2:4.15.13+dfsg-0ubuntu0.20.04.8+esm2
Available with Ubuntu Pro
libsmbclient-dev 2:4.15.13+dfsg-0ubuntu0.20.04.8+esm2
Available with Ubuntu Pro
libwbclient-dev 2:4.15.13+dfsg-0ubuntu0.20.04.8+esm2
Available with Ubuntu Pro
libwbclient0 2:4.15.13+dfsg-0ubuntu0.20.04.8+esm2
Available with Ubuntu Pro
python3-samba 2:4.15.13+dfsg-0ubuntu0.20.04.8+esm2
Available with Ubuntu Pro
registry-tools 2:4.15.13+dfsg-0ubuntu0.20.04.8+esm2
Available with Ubuntu Pro
samba 2:4.15.13+dfsg-0ubuntu0.20.04.8+esm2
Available with Ubuntu Pro
samba-common 2:4.15.13+dfsg-0ubuntu0.20.04.8+esm2
Available with Ubuntu Pro
samba-common-bin 2:4.15.13+dfsg-0ubuntu0.20.04.8+esm2
Available with Ubuntu Pro
samba-dev 2:4.15.13+dfsg-0ubuntu0.20.04.8+esm2
Available with Ubuntu Pro
samba-dsdb-modules 2:4.15.13+dfsg-0ubuntu0.20.04.8+esm2
Available with Ubuntu Pro
samba-libs 2:4.15.13+dfsg-0ubuntu0.20.04.8+esm2
Available with Ubuntu Pro
samba-vfs-modules 2:4.15.13+dfsg-0ubuntu0.20.04.8+esm2
Available with Ubuntu Pro
smbclient 2:4.15.13+dfsg-0ubuntu0.20.04.8+esm2
Available with Ubuntu Pro
winbind 2:4.15.13+dfsg-0ubuntu0.20.04.8+esm2
Available with Ubuntu Pro
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-8306-2
https://ubuntu.com/security/notices/USN-8306-1
CVE-2026-3238, CVE-2026-4408, CVE-2026-4480
--===============9222128775149525223==Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
