Alerts This Week
Warning Icon 1 1,149
Alerts This Week
Warning Icon 1 1,149

Mageia 9 Samba Security Advisory 2026-0142 CVE-2018-14628 and more

mageia
Calendar Grey May 16, 2026
Dist Mageia Esm H88
Mageia security advisory 2026-0142 highlights Samba package vulnerabilities and provides fixes for critical issues.
MGASA-2026-0142 - Updated samba packages fix security vulnerabilities

Summary

Description: An information leak vulnerability was discovered in Samba's LDAP server. Due to missing access control checks, an authenticated but unprivileged attacker could discover the names and preserved attributes of deleted objects in the LDAP store. (CVE-2018-14628) Command injection in wins server hook script. (CVE-2025-10230) vfs_streams_xattr uninitialized memory write possible. (CVE-2025-9640)

References

- https://bugs.mageia.org/show_bug.cgi?id=34672

- https://www.openwall.com/lists/oss-security/2025/10/15/2

- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14628

- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-10230

- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-9640

Resolution

SRPMS

- 9/core/samba-4.17.12-1.2.mga9

Severity
important
Lowest
Low
Medium
High
Critical

Publication date: 16 May 2026
URL: https://advisories.mageia.org/MGASA-2026-0142.html
Type: security
CVE: CVE-2018-14628, CVE-2025-10230, CVE-2025-9640

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here