Suggestions search

Untriaged

Filter by:

With package: samba

Found 2 matching suggestions

View:

Compact

Detailed

Permalink CVE-2011-3585

created 1 month, 1 week ago

Multiple race conditions in the (1) mount.cifs and (2) umount.cifs …

Multiple race conditions in the (1) mount.cifs and (2) umount.cifs programs in Samba 3.6 allow local users to cause a denial of service (mounting outage) via a SIGKILL signal during a time window when the /etc/mtab~ file exists.

References

https://bugzilla.samba.org/show_bug.cgi?id=7179 x_refsource_MISC
https://bugzilla.redhat.com/show_bug.cgi?id=742907 x_refsource_MISC
https://www.openwall.com/lists/oss-security/2011/09/27/1 x_refsource_MISC
https://www.openwall.com/lists/oss-security/2011/09/30/5 x_refsource_MISC
https://git.samba.org/?p=cifs-utils.git%3Ba=commitdiff%3Bh=810f7e4e0f2dbcbee029… x_refsource_MISC
https://bugzilla.samba.org/show_bug.cgi?id=7179 x_transferred x_refsource_MISC
https://bugzilla.redhat.com/show_bug.cgi?id=742907 x_transferred x_refsource_MISC
https://www.openwall.com/lists/oss-security/2011/09/27/1 x_transferred x_refsource_MISC
https://www.openwall.com/lists/oss-security/2011/09/30/5 x_transferred x_refsource_MISC
https://git.samba.org/?p=cifs-utils.git%3Ba=commitdiff%3Bh=810f7e4e0f2dbcbee029… x_transferred x_refsource_MISC
https://bugzilla.samba.org/show_bug.cgi?id=7179 x_refsource_MISC
https://bugzilla.redhat.com/show_bug.cgi?id=742907 x_refsource_MISC
https://www.openwall.com/lists/oss-security/2011/09/27/1 x_refsource_MISC
https://www.openwall.com/lists/oss-security/2011/09/30/5 x_refsource_MISC
https://git.samba.org/?p=cifs-utils.git%3Ba=commitdiff%3Bh=810f7e4e0f2dbcbee029… x_refsource_MISC
https://bugzilla.samba.org/show_bug.cgi?id=7179 x_transferred x_refsource_MISC
https://bugzilla.redhat.com/show_bug.cgi?id=742907 x_transferred x_refsource_MISC
https://www.openwall.com/lists/oss-security/2011/09/27/1 x_transferred x_refsource_MISC
https://www.openwall.com/lists/oss-security/2011/09/30/5 x_transferred x_refsource_MISC
https://git.samba.org/?p=cifs-utils.git%3Ba=commitdiff%3Bh=810f7e4e0f2dbcbee029… x_transferred x_refsource_MISC

Affected products

Samba

==3.6

Matching in nixpkgs

pkgs.samba

Standard Windows interoperability suite of programs for Linux and Unix

nixos-unstable 4.22.7
- nixpkgs-unstable 4.22.7
- nixos-unstable-small 4.22.7
nixos-25.11 4.22.6
- nixos-25.11-small 4.22.6
- nixpkgs-25.11-darwin 4.22.6

pkgs.samba4

Standard Windows interoperability suite of programs for Linux and Unix

nixos-unstable 4.22.7
- nixpkgs-unstable 4.22.7
- nixos-unstable-small 4.22.7
nixos-25.11 4.22.6
- nixos-25.11-small 4.22.6
- nixpkgs-25.11-darwin 4.22.6

pkgs.sambamba

SAM/BAM processing tool

nixos-unstable 1.0.1
- nixpkgs-unstable 1.0.1
- nixos-unstable-small 1.0.1
nixos-25.11 1.0.1
- nixos-25.11-small 1.0.1
- nixpkgs-25.11-darwin 1.0.1

pkgs.sambaFull

Standard Windows interoperability suite of programs for Linux and Unix

nixos-unstable 4.22.7
- nixpkgs-unstable 4.22.7
- nixos-unstable-small 4.22.7
nixos-25.11 4.22.6
- nixos-25.11-small 4.22.6
- nixpkgs-25.11-darwin 4.22.6

pkgs.samba4Full

Standard Windows interoperability suite of programs for Linux and Unix

nixos-unstable 4.22.7
- nixpkgs-unstable 4.22.7
- nixos-unstable-small 4.22.7
nixos-25.11 4.22.6
- nixos-25.11-small 4.22.6
- nixpkgs-25.11-darwin 4.22.6

Package maintainers

@aneeshusa Aneesh Agrawal <aneeshusa@gmail.com>
@jbedo Justin Bedő <cu@cua0.org>

Permalink CVE-2025-9640

4.3 MEDIUM

CVSS version: 3.1
Attack vector (AV): NETWORK
Attack complexity (AC): LOW
Privileges required (PR): LOW
User interaction (UI): NONE
Scope (S): UNCHANGED
Confidentiality impact (C): LOW
Integrity impact (I): NONE
Availability impact (A): NONE

created 4 months, 1 week ago

Samba: vfs_streams_xattr uninitialized memory write possible

A flaw was found in Samba, in the vfs_streams_xattr module, where uninitialized heap memory could be written into alternate data streams. This allows an authenticated user to read residual memory content that may include sensitive data, resulting in an information disclosure vulnerability.