Nixpkgs Security Tracker

Login with GitHub

Suggestion detail

Untriaged

Permalink CVE-2025-9640

created 2 months, 3 weeks ago

Samba: vfs_streams_xattr uninitialized memory write possible

A flaw was found in Samba, in the vfs_streams_xattr module, where uninitialized heap memory could be written into alternate data streams. This allows an authenticated user to read residual memory content that may include sensitive data, resulting in an information disclosure vulnerability.

Affected products

rhcos

samba

<4.23.2
<4.21.5
<4.21.9

samba4

Matching in nixpkgs

pkgs.samba

Standard Windows interoperability suite of programs for Linux and Unix

nixos-unstable -
- nixpkgs-unstable 4.22.3
- nixos-unstable-small 4.22.3

pkgs.samba4

Standard Windows interoperability suite of programs for Linux and Unix

nixos-unstable 4.22.3
- nixpkgs-unstable 4.22.3
- nixos-unstable-small 4.22.3
nixos-25.05 4.20.8
- nixos-25.05-small 4.20.8
- nixpkgs-25.05-darwin 4.20.8

pkgs.sambamba

SAM/BAM processing tool

nixos-unstable 1.0.1
- nixpkgs-unstable 1.0.1
- nixos-unstable-small 1.0.1
nixos-25.05 1.0.1
- nixos-25.05-small 1.0.1
- nixpkgs-25.05-darwin 1.0.1

pkgs.sambaFull

Standard Windows interoperability suite of programs for Linux and Unix

nixos-unstable 4.22.3
- nixpkgs-unstable 4.22.3
- nixos-unstable-small 4.22.3
nixos-25.05 4.20.8
- nixos-25.05-small 4.20.8
- nixpkgs-25.05-darwin 4.20.8

pkgs.samba4Full

Standard Windows interoperability suite of programs for Linux and Unix

nixos-unstable 4.22.3
- nixpkgs-unstable 4.22.3
- nixos-unstable-small 4.22.3
nixos-25.05 4.20.8
- nixos-25.05-small 4.20.8
- nixpkgs-25.05-darwin 4.20.8

Package maintainers

@aneeshusa Aneesh Agrawal <aneeshusa@gmail.com>
@jbedo Justin Bedő <cu@cua0.org>