Fedora 41 Samba Critical Update for CVE-2025-9640 and CVE-2025-10230
fedora
October 23, 2025
Security fix for CVE-2025-9640 and CVE-2025-10230
Summary
Samba is the standard Windows interoperability suite of programs for Linux and
Unix.
Update Information:
Security fix for CVE-2025-9640 and CVE-2025-10230
Topics Covered
Change Log
* Fri Oct 17 2025 Gnther Deschner
References
[ 1 ] Bug #2391698 - CVE-2025-9640 samba: vfs_streams_xattr uninitialized memory write possible
https://bugzilla.redhat.com/show_bug.cgi?id=2391698
[ 2 ] Bug #2394377 - CVE-2025-10230 samba: Command Injection in WINS Server Hook Script
https://bugzilla.redhat.com/show_bug.cgi?id=2394377
Update Instructions
This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-c0830ff9f4' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
Name: samba
Product: Fedora 41
Version: 4.21.9
Release: 1.fc41
URL:
Summary: Server and Client software to interoperate with Windows machines
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!