Three new versions of Samba—4.23.2, 4.22.5, and 4.21.9—have been released, featuring essential security updates aimed at addressing critical vulnerabilities in the open-source SMB and Active Directory protocols. The updates specifically target two significant vulnerabilities: CVE-2025-9640 and CVE-2025-10230.
CVE-2025-9640 poses a risk of data breaches by exposing uninitialized memory through Samba's vfs_streams_xattr module, which is used for file serving. The flaw arises from the streams_xattr_pwrite() function failing to properly initialize memory. This oversight allows authenticated users to exploit the vulnerability by sending crafted write requests that can lead to holes in files stored on the affected Samba systems. While Samba has mechanisms in place to mitigate such data leaks—like clearing known secrets before memory is freed—these measures are insufficient. Attackers can still manipulate discarded heap memory by repeatedly sending malicious requests, raising serious security concerns.
CVE-2025-10230 presents another critical issue, primarily affecting Samba servers with WINS support enabled—a setting that is disabled by default. The vulnerability stems from how the WINS hook program executes whenever there is a change in WINS names. Unfortunately, the Samba Active Directory Domain Controller fails to validate the names sent to the WINS hook script, allowing attackers to inject harmful commands through client requests that may include shell metacharacters and other malicious code. This creates a significant security risk, permitting unauthorized command execution on compromised hosts.
Importantly, Samba servers configured as domain controllers are not impacted by this vulnerability since they do not utilize WINS in their configuration. Additionally, Samba setups without WINS support enabled are also safe from these issues.
To ensure robust security, users are strongly encouraged to update their Samba installations promptly and apply the latest patches. The source code for the updated versions can be accessed via the provided link, and the tarballs have been signed with GnuPG (ID AA99442FB680B620) for integrity verification.
In conclusion, these updates underscore the critical importance of maintaining up-to-date software, particularly for systems that manage sensitive data and network communications. Regularly monitoring for security updates and promptly applying them is essential in safeguarding against potential vulnerabilities and ensuring the integrity of Samba environments
CVE-2025-9640 poses a risk of data breaches by exposing uninitialized memory through Samba's vfs_streams_xattr module, which is used for file serving. The flaw arises from the streams_xattr_pwrite() function failing to properly initialize memory. This oversight allows authenticated users to exploit the vulnerability by sending crafted write requests that can lead to holes in files stored on the affected Samba systems. While Samba has mechanisms in place to mitigate such data leaks—like clearing known secrets before memory is freed—these measures are insufficient. Attackers can still manipulate discarded heap memory by repeatedly sending malicious requests, raising serious security concerns.
CVE-2025-10230 presents another critical issue, primarily affecting Samba servers with WINS support enabled—a setting that is disabled by default. The vulnerability stems from how the WINS hook program executes whenever there is a change in WINS names. Unfortunately, the Samba Active Directory Domain Controller fails to validate the names sent to the WINS hook script, allowing attackers to inject harmful commands through client requests that may include shell metacharacters and other malicious code. This creates a significant security risk, permitting unauthorized command execution on compromised hosts.
Importantly, Samba servers configured as domain controllers are not impacted by this vulnerability since they do not utilize WINS in their configuration. Additionally, Samba setups without WINS support enabled are also safe from these issues.
To ensure robust security, users are strongly encouraged to update their Samba installations promptly and apply the latest patches. The source code for the updated versions can be accessed via the provided link, and the tarballs have been signed with GnuPG (ID AA99442FB680B620) for integrity verification.
In conclusion, these updates underscore the critical importance of maintaining up-to-date software, particularly for systems that manage sensitive data and network communications. Regularly monitoring for security updates and promptly applying them is essential in safeguarding against potential vulnerabilities and ensuring the integrity of Samba environments
Samba 4.23.2, 4.22.5, and 4.21.9 released
Three new versions of Samba, 4.23.2, 4.22.5, and 4.21.9, have been released with critical security updates to fix serious flaws in the open-source SMB and Active Directory protocols. The updates address two vulnerabilities: CVE-2025-9640, which can lead to data breaches by exposing uninitialized memory, and CVE-2025-10230, a WINS support issue that allows attackers to send malicious commands to compromised hosts. These issues highlight the importance of keeping Samba systems up-to-date to prevent security problems. Users are advised to update their systems as soon as possible to ensure the latest security patches are installed.
Samba 4.23.2, 4.22.5, and 4.21.9 released @ Linux Compatible
