{"id":"ALSA-2026:22963","summary":"Critical: samba security update","details":"Samba is an open-source implementation of the Server Message Block (SMB) protocol and the related Common Internet File System (CIFS) protocol, which allow PC-compatible machines to share files, printers, and various information.  \n\nSecurity Fix(es):  \n\n  * samba: Missing access check on reparse point operations (CVE-2026-1933)\n  * samba: vfs_worm does not block directory modification (CVE-2026-2340)\n  * samba: group policy certificate enrollment uses \u003chttp://\u003e without validation (CVE-2026-3012)\n  * samba: Samba: Remote Code Execution in printing subsystem via unescaped job description (CVE-2026-4480)\n  * ngtcp2: ngtcp2: Denial of service via stack buffer overflow during QUIC handshake (CVE-2026-40170)\n  * samba: Remote Code Execution in SAMR (CVE-2026-4408)\n\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n","modified":"2026-06-04T11:44:25.429868633Z","published":"2026-06-03T00:00:00Z","related":["CVE-2026-1933","CVE-2026-2340","CVE-2026-3012","CVE-2026-40170","CVE-2026-4408","CVE-2026-4480"],"references":[{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2026:22963"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2026-1933"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2026-2340"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2026-3012"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2026-40170"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2026-4408"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2026-4480"},{"type":"REPORT","url":"https://bugzilla.redhat.com/2447317"},{"type":"REPORT","url":"https://bugzilla.redhat.com/2447318"},{"type":"REPORT","url":"https://bugzilla.redhat.com/2447319"},{"type":"REPORT","url":"https://bugzilla.redhat.com/2452232"},{"type":"REPORT","url":"https://bugzilla.redhat.com/2459061"},{"type":"REPORT","url":"https://bugzilla.redhat.com/2479762"},{"type":"ADVISORY","url":"https://errata.almalinux.org/10/ALSA-2026-22963.html"}],"affected":[{"package":{"name":"ldb-tools","ecosystem":"AlmaLinux:10","purl":"pkg:rpm/almalinux/ldb-tools"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.23.5-109.el10_2"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux10/ALSA-2026:22963.json"}},{"package":{"name":"libldb","ecosystem":"AlmaLinux:10","purl":"pkg:rpm/almalinux/libldb"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.23.5-109.el10_2"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux10/ALSA-2026:22963.json"}},{"package":{"name":"libldb-devel","ecosystem":"AlmaLinux:10","purl":"pkg:rpm/almalinux/libldb-devel"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.23.5-109.el10_2"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux10/ALSA-2026:22963.json"}},{"package":{"name":"libnetapi","ecosystem":"AlmaLinux:10","purl":"pkg:rpm/almalinux/libnetapi"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.23.5-109.el10_2"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux10/ALSA-2026:22963.json"}},{"package":{"name":"libnetapi-devel","ecosystem":"AlmaLinux:10","purl":"pkg:rpm/almalinux/libnetapi-devel"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.23.5-109.el10_2"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux10/ALSA-2026:22963.json"}},{"package":{"name":"libsmbclient","ecosystem":"AlmaLinux:10","purl":"pkg:rpm/almalinux/libsmbclient"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.23.5-109.el10_2"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux10/ALSA-2026:22963.json"}},{"package":{"name":"libsmbclient-devel","ecosystem":"AlmaLinux:10","purl":"pkg:rpm/almalinux/libsmbclient-devel"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.23.5-109.el10_2"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux10/ALSA-2026:22963.json"}},{"package":{"name":"libwbclient","ecosystem":"AlmaLinux:10","purl":"pkg:rpm/almalinux/libwbclient"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.23.5-109.el10_2"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux10/ALSA-2026:22963.json"}},{"package":{"name":"libwbclient-devel","ecosystem":"AlmaLinux:10","purl":"pkg:rpm/almalinux/libwbclient-devel"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.23.5-109.el10_2"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux10/ALSA-2026:22963.json"}},{"package":{"name":"python3-ldb","ecosystem":"AlmaLinux:10","purl":"pkg:rpm/almalinux/python3-ldb"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.23.5-109.el10_2"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux10/ALSA-2026:22963.json"}},{"package":{"name":"python3-samba","ecosystem":"AlmaLinux:10","purl":"pkg:rpm/almalinux/python3-samba"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.23.5-109.el10_2"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux10/ALSA-2026:22963.json"}},{"package":{"name":"python3-samba-dc","ecosystem":"AlmaLinux:10","purl":"pkg:rpm/almalinux/python3-samba-dc"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.23.5-109.el10_2"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux10/ALSA-2026:22963.json"}},{"package":{"name":"python3-samba-test","ecosystem":"AlmaLinux:10","purl":"pkg:rpm/almalinux/python3-samba-test"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.23.5-109.el10_2"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux10/ALSA-2026:22963.json"}},{"package":{"name":"samba","ecosystem":"AlmaLinux:10","purl":"pkg:rpm/almalinux/samba"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.23.5-109.el10_2"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux10/ALSA-2026:22963.json"}},{"package":{"name":"samba-client","ecosystem":"AlmaLinux:10","purl":"pkg:rpm/almalinux/samba-client"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.23.5-109.el10_2"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux10/ALSA-2026:22963.json"}},{"package":{"name":"samba-client-libs","ecosystem":"AlmaLinux:10","purl":"pkg:rpm/almalinux/samba-client-libs"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.23.5-109.el10_2"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux10/ALSA-2026:22963.json"}},{"package":{"name":"samba-common","ecosystem":"AlmaLinux:10","purl":"pkg:rpm/almalinux/samba-common"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.23.5-109.el10_2"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux10/ALSA-2026:22963.json"}},{"package":{"name":"samba-common-libs","ecosystem":"AlmaLinux:10","purl":"pkg:rpm/almalinux/samba-common-libs"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.23.5-109.el10_2"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux10/ALSA-2026:22963.json"}},{"package":{"name":"samba-common-tools","ecosystem":"AlmaLinux:10","purl":"pkg:rpm/almalinux/samba-common-tools"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.23.5-109.el10_2"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux10/ALSA-2026:22963.json"}},{"package":{"name":"samba-dc-libs","ecosystem":"AlmaLinux:10","purl":"pkg:rpm/almalinux/samba-dc-libs"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.23.5-109.el10_2"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux10/ALSA-2026:22963.json"}},{"package":{"name":"samba-dcerpc","ecosystem":"AlmaLinux:10","purl":"pkg:rpm/almalinux/samba-dcerpc"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.23.5-109.el10_2"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux10/ALSA-2026:22963.json"}},{"package":{"name":"samba-devel","ecosystem":"AlmaLinux:10","purl":"pkg:rpm/almalinux/samba-devel"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.23.5-109.el10_2"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux10/ALSA-2026:22963.json"}},{"package":{"name":"samba-gpupdate","ecosystem":"AlmaLinux:10","purl":"pkg:rpm/almalinux/samba-gpupdate"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.23.5-109.el10_2"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux10/ALSA-2026:22963.json"}},{"package":{"name":"samba-krb5-printing","ecosystem":"AlmaLinux:10","purl":"pkg:rpm/almalinux/samba-krb5-printing"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.23.5-109.el10_2"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux10/ALSA-2026:22963.json"}},{"package":{"name":"samba-ldb-ldap-modules","ecosystem":"AlmaLinux:10","purl":"pkg:rpm/almalinux/samba-ldb-ldap-modules"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.23.5-109.el10_2"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux10/ALSA-2026:22963.json"}},{"package":{"name":"samba-libs","ecosystem":"AlmaLinux:10","purl":"pkg:rpm/almalinux/samba-libs"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.23.5-109.el10_2"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux10/ALSA-2026:22963.json"}},{"package":{"name":"samba-pidl","ecosystem":"AlmaLinux:10","purl":"pkg:rpm/almalinux/samba-pidl"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.23.5-109.el10_2"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux10/ALSA-2026:22963.json"}},{"package":{"name":"samba-test","ecosystem":"AlmaLinux:10","purl":"pkg:rpm/almalinux/samba-test"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.23.5-109.el10_2"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux10/ALSA-2026:22963.json"}},{"package":{"name":"samba-test-libs","ecosystem":"AlmaLinux:10","purl":"pkg:rpm/almalinux/samba-test-libs"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.23.5-109.el10_2"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux10/ALSA-2026:22963.json"}},{"package":{"name":"samba-tools","ecosystem":"AlmaLinux:10","purl":"pkg:rpm/almalinux/samba-tools"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.23.5-109.el10_2"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux10/ALSA-2026:22963.json"}},{"package":{"name":"samba-usershares","ecosystem":"AlmaLinux:10","purl":"pkg:rpm/almalinux/samba-usershares"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.23.5-109.el10_2"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux10/ALSA-2026:22963.json"}},{"package":{"name":"samba-vfs-iouring","ecosystem":"AlmaLinux:10","purl":"pkg:rpm/almalinux/samba-vfs-iouring"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.23.5-109.el10_2"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux10/ALSA-2026:22963.json"}},{"package":{"name":"samba-winbind","ecosystem":"AlmaLinux:10","purl":"pkg:rpm/almalinux/samba-winbind"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.23.5-109.el10_2"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux10/ALSA-2026:22963.json"}},{"package":{"name":"samba-winbind-clients","ecosystem":"AlmaLinux:10","purl":"pkg:rpm/almalinux/samba-winbind-clients"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.23.5-109.el10_2"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux10/ALSA-2026:22963.json"}},{"package":{"name":"samba-winbind-krb5-locator","ecosystem":"AlmaLinux:10","purl":"pkg:rpm/almalinux/samba-winbind-krb5-locator"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.23.5-109.el10_2"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux10/ALSA-2026:22963.json"}},{"package":{"name":"samba-winbind-modules","ecosystem":"AlmaLinux:10","purl":"pkg:rpm/almalinux/samba-winbind-modules"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.23.5-109.el10_2"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux10/ALSA-2026:22963.json"}},{"package":{"name":"samba-winexe","ecosystem":"AlmaLinux:10","purl":"pkg:rpm/almalinux/samba-winexe"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.23.5-109.el10_2"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux10/ALSA-2026:22963.json"}}],"schema_version":"1.7.5"}