Description:
An information leak vulnerability was discovered in Samba's LDAP server.
Due to missing access control checks, an authenticated but unprivileged
attacker could discover the names and preserved attributes of deleted
objects in the LDAP store. (CVE-2018-14628)
Command injection in wins server hook script. (CVE-2025-10230)
vfs_streams_xattr uninitialized memory write possible. (CVE-2025-9640)
- https://bugs.mageia.org/show_bug.cgi?id=34672
- https://www.openwall.com/lists/oss-security/2025/10/15/2
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14628
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-10230
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-9640
- 9/core/samba-4.17.12-1.2.mga9
Get the latest Linux and open source security news straight to your inbox.