Your submission was sent successfully! Close

Thank you for contacting us. A member of our team will be in touch shortly. Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

Search CVE reports


Toggle filters

1 – 10 of 187 results


CVE-2023-5568

Low priority
Not affected

A heap-based Buffer Overflow flaw was discovered in Samba. It could allow a remote, authenticated attacker to exploit this vulnerability to cause a denial of service.

1 affected packages

samba

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
samba Not affected Not affected Not affected Not affected
Show less packages

CVE-2023-42670

Medium priority
Fixed

A flaw was found in Samba. It is susceptible to a vulnerability where multiple incompatible RPC listeners can be initiated, causing disruptions in the AD DC service. When Samba's RPC server experiences a high load...

1 affected packages

samba

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
samba Fixed Not affected Not affected Not affected
Show less packages

CVE-2023-42669

Medium priority

Some fixes available 6 of 9

A vulnerability was found in Samba's "rpcecho" development server, a non-Windows RPC server used to test Samba's DCE/RPC stack elements. This vulnerability stems from an RPC function that can be blocked indefinitely. The issue...

1 affected packages

samba

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
samba Fixed Fixed Fixed Needs evaluation Needs evaluation
Show less packages

CVE-2023-4154

Medium priority

Some fixes available 6 of 9

A design flaw was found in Samba's DirSync control implementation, which exposes passwords and secrets in Active Directory to privileged users and Read-Only Domain Controllers (RODCs). This flaw allows RODCs and users possessing...

1 affected packages

samba

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
samba Fixed Fixed Fixed Needs evaluation Needs evaluation
Show less packages

CVE-2023-4091

Medium priority

Some fixes available 6 of 9

A vulnerability was discovered in Samba, where the flaw allows SMB clients to truncate files, even with read-only permissions when the Samba VFS module "acl_xattr" is configured with "acl_xattr:ignore system acls = yes". The SMB...

1 affected packages

samba

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
samba Fixed Fixed Fixed Needs evaluation Needs evaluation
Show less packages

CVE-2023-3961

Medium priority
Not affected

A path traversal vulnerability was identified in Samba when processing client pipe names connecting to Unix domain sockets within a private directory. Samba typically uses this mechanism to connect SMB clients to remote procedure...

1 affected packages

samba

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
samba Not affected Not affected Not affected Not affected
Show less packages

CVE-2023-34968

Medium priority

Some fixes available 7 of 10

A path disclosure vulnerability was found in Samba. As part of the Spotlight protocol, Samba discloses the server-side absolute path of shares, files, and directories in the results for search queries. This flaw allows a malicious...

1 affected packages

samba

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
samba Fixed Fixed Fixed Needs evaluation Needs evaluation
Show less packages

CVE-2023-34967

Medium priority
Fixed

A Type Confusion vulnerability was found in Samba's mdssvc RPC service for Spotlight. When parsing Spotlight mdssvc RPC packets, one encoded data structure is a key-value style dictionary where the keys are character strings, and...

1 affected packages

samba

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
samba Fixed Fixed Not affected Not affected
Show less packages

CVE-2023-34966

Medium priority

Some fixes available 7 of 10

An infinite loop vulnerability was found in Samba's mdssvc RPC service for Spotlight. When parsing Spotlight mdssvc RPC packets sent by the client, the core unmarshalling function sl_unpack_loop() did not validate a field in the...

1 affected packages

samba

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
samba Fixed Fixed Fixed Needs evaluation Needs evaluation
Show less packages

CVE-2023-3347

Medium priority
Fixed

A vulnerability was found in Samba's SMB2 packet signing mechanism. The SMB2 packet signing is not enforced if an admin configured "server signing = required" or for SMB2 connections to Domain Controllers where SMB2 packet signing...

1 affected packages

samba

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
samba Not affected Not affected Not affected Not affected
Show less packages