1. Ubuntu Security Notices
  2. USN-7582-1

USN-7582-1: Samba vulnerabilities

Publication date

19 June 2025

Overview

Several security issues were fixed in Samba.

Releases

Packages

  • samba - SMB/CIFS file, print, and login server for Unix

Details

Evgeny Legerov discovered that Samba incorrectly handled buffers in
certain GSSAPI routines of Heimdal. A remote attacker could possibly use
this issue to cause Samba to crash, resulting in a denial of service.
(CVE-2022-3437)

Greg Hudson discovered that Samba incorrectly handled PAC parsing. On
32-bit systems, a remote attacker could use this issue to escalate
privileges, or possibly execute arbitrary code. (CVE-2022-42898)

Joseph Sutton discovered that Samba could be forced to issue rc4-hmac
encrypted Kerberos tickets. A remote attacker could possibly use this issue
to escalate privileges. This issue only affected Ubuntu 20.04 LTS and
Ubuntu 22.04 LTS. (CVE-2022-45141)

Florent Saudel discovered that Samba incorrectly handled certain Spotlight
requests. A remote attacker could possibly use this issue to...

Evgeny Legerov discovered that Samba incorrectly handled buffers in
certain GSSAPI routines of Heimdal. A remote attacker could possibly use
this issue to cause Samba to crash, resulting in a denial of service.
(CVE-2022-3437)

Greg Hudson discovered that Samba incorrectly handled PAC parsing. On
32-bit systems, a remote attacker could use this issue to escalate
privileges, or possibly execute arbitrary code. (CVE-2022-42898)

Joseph Sutton discovered that Samba could be forced to issue rc4-hmac
encrypted Kerberos tickets. A remote attacker could possibly use this issue
to escalate privileges. This issue only affected Ubuntu 20.04 LTS and
Ubuntu 22.04 LTS. (CVE-2022-45141)

Florent Saudel discovered that Samba incorrectly handled certain Spotlight
requests. A remote attacker could possibly use this issue to cause Samba to
consume resources, leading to a denial of service. (CVE-2023-34966)

Update instructions

In general, a standard system update will make all the necessary changes.

Learn more about how to get the fixes.

The problem can be corrected by updating your system to the following package versions:

Ubuntu Release Package Version
18.04 bionic samba –  2:4.7.6+dfsg~ubuntu-0ubuntu2.29+esm1  
16.04 xenial samba –  2:4.3.11+dfsg-0ubuntu0.16.04.34+esm2  
14.04 trusty samba –  2:4.3.11+dfsg-0ubuntu0.14.04.20+esm13  

Reduce your security exposure

Ubuntu Pro provides ten-year security coverage to 25,000+ packages in Main and Universe repositories, and it is free for up to five machines.

Get Ubuntu Pro

References

Have additional questions?

Talk to a member of the team ›