Alerts This Week
Warning Icon 1 540
Alerts This Week
Warning Icon 1 540

Ubuntu 18.04 LTS USN-7582-1 critical: Samba denial of service escalation

Calendar Jun 19, 2025 User Avatar LinuxSecurity Advisories
1 - 2 min read
Ubuntu Large Esm H500
Topics%20covered

Topics Covered

security advisory denial of service privilege escalation samba important ubuntu
Several security issues were fixed in Samba. 
==========================================================================
Ubuntu Security Notice USN-7582-1
June 19, 2025

samba vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 18.04 LTS
- Ubuntu 16.04 LTS
- Ubuntu 14.04 LTS

Summary:

Several security issues were fixed in Samba.

Software Description:
- samba: SMB/CIFS file, print, and login server for Unix

Details:

Evgeny Legerov discovered that Samba incorrectly handled buffers in
certain GSSAPI routines of Heimdal. A remote attacker could possibly use
this issue to cause Samba to crash, resulting in a denial of service.
(CVE-2022-3437)

Greg Hudson discovered that Samba incorrectly handled PAC parsing. On
32-bit systems, a remote attacker could use this issue to escalate
privileges, or possibly execute arbitrary code. (CVE-2022-42898)

Joseph Sutton discovered that Samba could be forced to issue rc4-hmac
encrypted Kerberos tickets. A remote attacker could possibly use this issue
to escalate privileges. This issue only affected Ubuntu 20.04 LTS and
Ubuntu 22.04 LTS. (CVE-2022-45141)

Florent Saudel discovered that Samba incorrectly handled certain Spotlight
requests. A remote attacker could possibly use this issue to cause Samba to
consume resources, leading to a denial of service. (CVE-2023-34966)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 18.04 LTS
  samba                           2:4.7.6+dfsg~ubuntu-0ubuntu2.29+esm1
                                  Available with Ubuntu Pro

Ubuntu 16.04 LTS
  samba                           2:4.3.11+dfsg-0ubuntu0.16.04.34+esm2
                                  Available with Ubuntu Pro

Ubuntu 14.04 LTS
  samba                           2:4.3.11+dfsg-0ubuntu0.14.04.20+esm13
                                  Available with Ubuntu Pro

In general, a standard system update will make all the necessary changes.

References:
  https://ubuntu.com/security/notices/USN-7582-1
  CVE-2022-3437, CVE-2022-42898, CVE-2022-45141, CVE-2023-34966

Ubuntu 18.04 LTS USN-7582-1 critical: Samba denial of service escalation

ubuntu
Calendar Grey June 19, 2025
Dist Ubuntu Esm H88
Updates rectify several Samba vulnerabilities across different Ubuntu releases, reducing the threats of denial-of-service and privilege escalation.
Several security issues were fixed in Samba.

Summary

A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 18.04 LTS - Ubuntu 16.04 LTS - Ubuntu 14.04 LTS Summary: Several security issues were fixed in Samba. Software Description: - samba: SMB/CIFS file, print, and login server for Unix Details: Evgeny Legerov discovered that Samba incorrectly handled buffers in certain GSSAPI routines of Heimdal. A remote attacker could possibly use this issue to cause Samba to crash, resulting in a denial of service. (CVE-2022-3437) Greg Hudson discovered that Samba incorrectly handled PAC parsing. On 32-bit systems, a remote attacker could use this issue to escalate privileges, or possibly execute arbitrary code. (CVE-2022-42898) Joseph Sutton discovered that Samba could be forced to issue rc4-hmac encrypted Kerberos tickets. A remote attacker could possibly use this issue to escalate privileges. This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2022-45141) Florent Saudel discovered that Samba ...

Read the Full Advisory

Topics%20covered

Topics Covered

security advisory denial of service privilege escalation samba important ubuntu

Update Instructions

The problem can be corrected by updating your system to the following package versions: Ubuntu 18.04 LTS samba 2:4.7.6+dfsg~ubuntu-0ubuntu2.29+esm1 Available with Ubuntu Pro Ubuntu 16.04 LTS samba 2:4.3.11+dfsg-0ubuntu0.16.04.34+esm2 Available with Ubuntu Pro Ubuntu 14.04 LTS samba 2:4.3.11+dfsg-0ubuntu0.14.04.20+esm13 Available with Ubuntu Pro In general, a standard system update will make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-7582-1

CVE-2022-3437, CVE-2022-42898, CVE-2022-45141, CVE-2023-34966

Severity
critical
Lowest
Low
Medium
High
Critical

Ubuntu Security Notice USN-7582-1

Topics%20covered

Topics Covered

security advisory denial of service privilege escalation samba important ubuntu

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here