Alerts This Week
Warning Icon 1 727
Alerts This Week
Warning Icon 1 727

Fedora 42: Advisory for Samba CVE-2025-10230 Critical Command Injection

fedora
Calendar Grey November 3, 2025
Dist Fedora Esm H88
Samba 4.22.6 update for Fedora 42 addresses critical CVE-2025-9640 and CVE-2025-10230 security issues. Update recommended.
Update to Samba 4.22.6 - Security fix for CVE-2025-9640 and CVE-2025-10230

Summary

Samba is the standard Windows interoperability suite of programs for Linux and

Unix.

Update Information:

Update to Samba 4.22.6 - Security fix for CVE-2025-9640 and CVE-2025-10230

Topics%20covered

Topics Covered

security advisory fedora critical samba command injection memory exploit

Change Log

* Fri Oct 17 2025 Gnther Deschner - 2:4.22.6-1 - Update to Samba 4.22.6 * Fri Oct 17 2025 Gnther Deschner - 2:4.22.5-1 - Update to Samba 4.22.5 - resolves: rhbz#2391698 - Security fix for CVE-2025-9640 - resolves: rhbz#2394377 - Security fix for CVE-2025-10230

References


[ 1 ] Bug #2391698 - CVE-2025-9640 samba: vfs_streams_xattr uninitialized memory write possible https://bugzilla.redhat.com/show_bug.cgi?id=2391698 [ 2 ] Bug #2394377 - CVE-2025-10230 samba: Command Injection in WINS Server Hook Script https://bugzilla.redhat.com/show_bug.cgi?id=2394377

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-7d890563f6' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity
critical
Lowest
Low
Medium
High
Critical

Name: samba
Product: Fedora 42
Version: 4.22.6
Release: 1.fc42
URL:
Summary: Server and Client software to interoperate with Windows machines

Topics%20covered

Topics Covered

security advisory fedora critical samba command injection memory exploit

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here