Alerts This Week
Warning Icon 1 938
Alerts This Week
Warning Icon 1 938

Fedora 43 FreeIPA Critical Samba RCE CVEs 2026-FC81581A79

fedora
Calendar Grey June 5, 2026
Dist Fedora Esm H88
Samba 4.23.8 update includes critical security fixes for multiple CVEs in Fedora 43 related to remote code execution.
Update to Samba 4.23.8 - Security fix for CVE-2026-4480, CVE-2026-2340, CVE-2026-3012, CVE-2026-1933, CVE-2026-4408, and CVE-2026-3238

Summary

IPA is an integrated solution to provide centrally managed Identity (users,

hosts, services), Authentication (SSO, 2FA), and Authorization

(host access control, SELinux user roles, services). The solution provides

features for further integration with Linux based clients (SUDO, automount)

and integration with Active Directory based infrastructures (Trusts).

Update Information:

Update to Samba 4.23.8 - Security fix for CVE-2026-4480, CVE-2026-2340, CVE-2026-3012, CVE-2026-1933, CVE-2026-4408, and CVE-2026-3238

Topics%20covered

Topics Covered

security advisory fedora critical remote code execution samba identity management

Change Log

* Fri May 29 2026 Alexander Bokovoy - 4.13.1-7 - Rebuild against Samba 4.23.8

References


[ 1 ] Bug #2481447 - CVE-2026-4480 samba: Samba: Remote Code Execution in printing subsystem via unescaped job description [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2481447 [ 2 ] Bug #2481857 - CVE-2026-3012 samba: group policy certificate enrollment uses http:// without validation [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2481857 [ 3 ] Bug #2481875 - CVE-2026-2340 samba: vfs_worm does not block directory modification [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2481875 [ 4 ] Bug #2481876 - CVE-2026-1933 samba: Missing access check on reparse point operations [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2481876

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-fc81581a79' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity
critical
Lowest
Low
Medium
High
Critical

Name: freeipa
Product: Fedora 43
Version: 4.13.1
Release: 7.fc43
URL: http://www.freeipa.org/
Summary: The Identity, Policy and Audit system

Topics%20covered

Topics Covered

security advisory fedora critical remote code execution samba identity management

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here