Several security issues were fixed in Samba.
Software Description:
- samba: SMB/CIFS file, print, and login server for Unix
Details:
USN-8306-1 fixed vulnerabilities in Samba. This update provides the
corresponding updates for CVE-2026-3238, CVE-2026-4408, and
CVE-2026-4480 in Ubuntu 20.04 LTS.
Original advisory details:
Asim Viladi Oglu Manizada discovered that Samba incorrectly handled access
checks on reparse point operations. An attacker could possibly use this
issue to modify reparse point extended attributes on files that should
have been read-only. This issue only affected Ubuntu 25.10 and Ubuntu
26.04 LTS. (CVE-2026-1933)
Pavel Kohout discovered that Samba's vfs_worm module did not properly
block file overwrites. An attacker could possibly use this issue to
overwrite files that should have remained immutable. (CVE-2026-2340)
Arad Inbar, Nir Somech, and Ben Grinberg discovered that Samba incorrectly
handled certificate auto-enrolment group policies over HTTP...
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 20.04 LTS
ctdb 2:4.15.13+dfsg-0ubuntu0.20.04.8+esm2
Available with Ubuntu Pro
libnss-winbind 2:4.15.13+dfsg-0ubuntu0.20.04.8+esm2
Available with Ubuntu Pro
libpam-winbind 2:4.15.13+dfsg-0ubuntu0.20.04.8+esm2
Available with Ubuntu Pro
libsmbclient 2:4.15.13+dfsg-0ubuntu0.20.04.8+esm2
Available with Ubuntu Pro
libsmbclient-dev 2:4.15.13+dfsg-0ubuntu0.20.04.8+esm2
Available with Ubuntu Pro
libwbclient-dev 2:4.15.13+dfsg-0ubuntu0.20.04.8+esm2
Available with Ubuntu Pro
libwbclient0 2:4.15.13+dfsg-0ubuntu0.20.04.8+esm2
Available with Ubuntu Pro
python3-samba 2:4.15.13+dfsg-0ubuntu0.20.04.8+esm2
Available with Ubuntu Pro
registry-tools 2:4.15.13+dfsg-0ubuntu0.20.04.8+esm2
Available with Ubuntu Pro
samba 2:4.15.13+dfsg-0ubuntu0.20.04.8+esm2
Available with Ubuntu Pro
samba-common 2:4.15.13+dfsg-0ubuntu0.20.04.8+esm2
Available with Ubuntu Pro
samba-common-bin 2:4.15.13+dfsg-0ubuntu0.20.04.8+esm2
Available with Ubuntu Pro
samba-dev 2:4.15.13+dfsg-0ubuntu0.20.04.8+esm2
Available with Ubuntu Pro
samba-dsdb-modules 2:4.15.13+dfsg-0ubuntu0.20.04.8+esm2
Available with Ubuntu Pro
samba-libs 2:4.15.13+dfsg-0ubuntu0.20.04.8+esm2
Available with Ubuntu Pro
samba-vfs-modules 2:4.15.13+dfsg-0ubuntu0.20.04.8+esm2
Available with Ubuntu Pro
smbclient 2:4.15.13+dfsg-0ubuntu0.20.04.8+esm2
Available with Ubuntu Pro
winbind 2:4.15.13+dfsg-0ubuntu0.20.04.8+esm2
Available with Ubuntu Pro
In general, a standard system update will make all the necessary changes.https://ubuntu.com/security/notices/USN-8306-2
https://ubuntu.com/security/notices/USN-8306-1
CVE-2026-3238, CVE-2026-4408, CVE-2026-4480
Get the latest Linux and open source security news straight to your inbox.