Ubuntu 26.04 LTS Samba Critical Update Denial of Service USN-8306-1

ubuntu

May 26, 2026

Several security issues were fixed in Samba.

Summary

Several security issues were fixed in Samba.

Software Description:

- samba: SMB/CIFS file, print, and login server for Unix

Details:

Asim Viladi Oglu Manizada discovered that Samba incorrectly handled access

checks on reparse point operations. An attacker could possibly use this

issue to modify reparse point extended attributes on files that should have

been read-only. This issue only affected Ubuntu 25.10 and Ubuntu 26.04 LTS.

(CVE-2026-1933)

Pavel Kohout discovered that Samba's vfs_worm module did not properly block

file overwrites. An attacker could possibly use this issue to overwrite

files that should have remained immutable. (CVE-2026-2340)

Arad Inbar, Nir Somech, and Ben Grinberg discovered that Samba incorrectly

handled certificate auto-enrolment group policies over HTTP without

verification. A machine-in-the-middle attacker could possibly use this

issue to install a malicious CA certificate. This issue only affected

Ubuntu 24.04 LTS, Ubuntu 25.10, and Ubuntu 26.04 LTS...

Read the Full Advisory

Topics Covered

security advisory denial of service certificate management arbitrary code execution samba Ubuntu

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 26.04 LTS
  samba                           2:4.23.6+dfsg-1ubuntu2.1

Ubuntu 25.10
  samba                           2:4.22.3+dfsg-4ubuntu2.4

Ubuntu 24.04 LTS
  samba                           2:4.19.5+dfsg-4ubuntu9.6

Ubuntu 22.04 LTS
  samba                           2:4.15.13+dfsg-0ubuntu1.12

In general, a standard system update will make all the necessary changes.