{"id":"USN-7564-1","summary":"samba vulnerability","details":"It was discovered that Samba incorrectly handled certain group membership\nchanges when using Kerberos authentication. A remote user could possibly\nuse this issue to continue to access resources after being removed by an\nadministrator.\n","modified":"2026-01-14T03:30:28.146788Z","published":"2025-06-10T13:30:31.459453Z","related":["UBUNTU-CVE-2025-0620"],"upstream":["CVE-2025-0620","UBUNTU-CVE-2025-0620"],"references":[{"type":"ADVISORY","url":"https://ubuntu.com/security/notices/USN-7564-1"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2025-0620"}],"affected":[{"package":{"name":"samba","ecosystem":"Ubuntu:25.04","purl":"pkg:deb/ubuntu/samba@2:4.21.4+dfsg-1ubuntu3.1?arch=source&distro=plucky"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2:4.21.4+dfsg-1ubuntu3.1"}]}],"versions":["2:4.20.4+dfsg-1ubuntu1","2:4.20.4+dfsg-1ubuntu2","2:4.20.4+dfsg-1ubuntu3","2:4.20.4+dfsg-1ubuntu5","2:4.21.4+dfsg-1ubuntu2","2:4.21.4+dfsg-1ubuntu3"],"ecosystem_specific":{"binaries":[{"binary_name":"ctdb","binary_version":"2:4.21.4+dfsg-1ubuntu3.1"},{"binary_name":"ldb-tools","binary_version":"2:2.10.0+samba4.21.4+dfsg-1ubuntu3.1"},{"binary_name":"libldb-dev","binary_version":"2:2.10.0+samba4.21.4+dfsg-1ubuntu3.1"},{"binary_name":"libldb2","binary_version":"2:2.10.0+samba4.21.4+dfsg-1ubuntu3.1"},{"binary_name":"libnss-winbind","binary_version":"2:4.21.4+dfsg-1ubuntu3.1"},{"binary_name":"libpam-winbind","binary_version":"2:4.21.4+dfsg-1ubuntu3.1"},{"binary_name":"libsmbclient-dev","binary_version":"2:4.21.4+dfsg-1ubuntu3.1"},{"binary_name":"libsmbclient0","binary_version":"2:4.21.4+dfsg-1ubuntu3.1"},{"binary_name":"libtalloc-dev","binary_version":"2:2.4.2+samba4.21.4+dfsg-1ubuntu3.1"},{"binary_name":"libtalloc2","binary_version":"2:2.4.2+samba4.21.4+dfsg-1ubuntu3.1"},{"binary_name":"libtdb-dev","binary_version":"2:1.4.12+samba4.21.4+dfsg-1ubuntu3.1"},{"binary_name":"libtdb1","binary_version":"2:1.4.12+samba4.21.4+dfsg-1ubuntu3.1"},{"binary_name":"libtevent-dev","binary_version":"2:0.16.1+samba4.21.4+dfsg-1ubuntu3.1"},{"binary_name":"libtevent0t64","binary_version":"2:0.16.1+samba4.21.4+dfsg-1ubuntu3.1"},{"binary_name":"libwbclient-dev","binary_version":"2:4.21.4+dfsg-1ubuntu3.1"},{"binary_name":"libwbclient0","binary_version":"2:4.21.4+dfsg-1ubuntu3.1"},{"binary_name":"python3-ldb","binary_version":"2:2.10.0+samba4.21.4+dfsg-1ubuntu3.1"},{"binary_name":"python3-samba","binary_version":"2:4.21.4+dfsg-1ubuntu3.1"},{"binary_name":"python3-talloc","binary_version":"2:2.4.2+samba4.21.4+dfsg-1ubuntu3.1"},{"binary_name":"python3-tdb","binary_version":"2:1.4.12+samba4.21.4+dfsg-1ubuntu3.1"},{"binary_name":"registry-tools","binary_version":"2:4.21.4+dfsg-1ubuntu3.1"},{"binary_name":"samba","binary_version":"2:4.21.4+dfsg-1ubuntu3.1"},{"binary_name":"samba-ad-dc","binary_version":"2:4.21.4+dfsg-1ubuntu3.1"},{"binary_name":"samba-ad-provision","binary_version":"2:4.21.4+dfsg-1ubuntu3.1"},{"binary_name":"samba-common","binary_version":"2:4.21.4+dfsg-1ubuntu3.1"},{"binary_name":"samba-common-bin","binary_version":"2:4.21.4+dfsg-1ubuntu3.1"},{"binary_name":"samba-dev","binary_version":"2:4.21.4+dfsg-1ubuntu3.1"},{"binary_name":"samba-dsdb-modules","binary_version":"2:4.21.4+dfsg-1ubuntu3.1"},{"binary_name":"samba-libs","binary_version":"2:4.21.4+dfsg-1ubuntu3.1"},{"binary_name":"samba-testsuite","binary_version":"2:4.21.4+dfsg-1ubuntu3.1"},{"binary_name":"samba-vfs-ceph","binary_version":"2:4.21.4+dfsg-1ubuntu3.1"},{"binary_name":"samba-vfs-glusterfs","binary_version":"2:4.21.4+dfsg-1ubuntu3.1"},{"binary_name":"samba-vfs-modules","binary_version":"2:4.21.4+dfsg-1ubuntu3.1"},{"binary_name":"samba-vfs-modules-extra","binary_version":"2:4.21.4+dfsg-1ubuntu3.1"},{"binary_name":"smbclient","binary_version":"2:4.21.4+dfsg-1ubuntu3.1"},{"binary_name":"tdb-tools","binary_version":"2:1.4.12+samba4.21.4+dfsg-1ubuntu3.1"},{"binary_name":"winbind","binary_version":"2:4.21.4+dfsg-1ubuntu3.1"}],"availability":"No subscription required"},"database_specific":{"cves_map":{"ecosystem":"Ubuntu:25.04","cves":[{"id":"CVE-2025-0620","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N"},{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N"},{"type":"Ubuntu","score":"medium"}]}]},"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-7564-1.json"}}],"schema_version":"1.7.3"}