SUSE-SU-2025:03612-1

Опубликовано: 16 окт. 2025

Источник: suse-cvrf

Описание

Security update for samba

This update for samba fixes the following issues:

CVE-2025-9640: Fixed uninitialized memory disclosure via vfs_streams_xattr (bsc#1251279).
CVE-2025-10230: Fixed command Injection in WINS server hook script (bsc#1251280).

Список пакетов

SUSE Linux Enterprise High Availability Extension 15 SP6

ctdb-4.19.8+git.435.78ced6cf30d-150600.3.21.1

SUSE Linux Enterprise Module for Basesystem 15 SP6

libsamba-policy-devel-4.19.8+git.435.78ced6cf30d-150600.3.21.1

libsamba-policy-python3-devel-4.19.8+git.435.78ced6cf30d-150600.3.21.1

libsamba-policy0-python3-4.19.8+git.435.78ced6cf30d-150600.3.21.1

samba-4.19.8+git.435.78ced6cf30d-150600.3.21.1

samba-ceph-4.19.8+git.435.78ced6cf30d-150600.3.21.1

samba-client-4.19.8+git.435.78ced6cf30d-150600.3.21.1

samba-client-libs-4.19.8+git.435.78ced6cf30d-150600.3.21.1

samba-client-libs-32bit-4.19.8+git.435.78ced6cf30d-150600.3.21.1

samba-dcerpc-4.19.8+git.435.78ced6cf30d-150600.3.21.1

samba-devel-4.19.8+git.435.78ced6cf30d-150600.3.21.1

samba-gpupdate-4.19.8+git.435.78ced6cf30d-150600.3.21.1

samba-ldb-ldap-4.19.8+git.435.78ced6cf30d-150600.3.21.1

samba-libs-4.19.8+git.435.78ced6cf30d-150600.3.21.1

samba-libs-32bit-4.19.8+git.435.78ced6cf30d-150600.3.21.1

samba-libs-python3-4.19.8+git.435.78ced6cf30d-150600.3.21.1

samba-python3-4.19.8+git.435.78ced6cf30d-150600.3.21.1

samba-tool-4.19.8+git.435.78ced6cf30d-150600.3.21.1

samba-winbind-4.19.8+git.435.78ced6cf30d-150600.3.21.1

samba-winbind-libs-4.19.8+git.435.78ced6cf30d-150600.3.21.1

samba-winbind-libs-32bit-4.19.8+git.435.78ced6cf30d-150600.3.21.1

openSUSE Leap 15.6

ctdb-4.19.8+git.435.78ced6cf30d-150600.3.21.1

ctdb-pcp-pmda-4.19.8+git.435.78ced6cf30d-150600.3.21.1

libsamba-policy-devel-4.19.8+git.435.78ced6cf30d-150600.3.21.1

libsamba-policy-python3-devel-4.19.8+git.435.78ced6cf30d-150600.3.21.1

libsamba-policy0-python3-4.19.8+git.435.78ced6cf30d-150600.3.21.1

libsamba-policy0-python3-32bit-4.19.8+git.435.78ced6cf30d-150600.3.21.1

samba-4.19.8+git.435.78ced6cf30d-150600.3.21.1

samba-ceph-4.19.8+git.435.78ced6cf30d-150600.3.21.1

samba-client-4.19.8+git.435.78ced6cf30d-150600.3.21.1

samba-client-32bit-4.19.8+git.435.78ced6cf30d-150600.3.21.1

samba-client-libs-4.19.8+git.435.78ced6cf30d-150600.3.21.1

samba-client-libs-32bit-4.19.8+git.435.78ced6cf30d-150600.3.21.1

samba-dcerpc-4.19.8+git.435.78ced6cf30d-150600.3.21.1

samba-devel-4.19.8+git.435.78ced6cf30d-150600.3.21.1

samba-devel-32bit-4.19.8+git.435.78ced6cf30d-150600.3.21.1

samba-doc-4.19.8+git.435.78ced6cf30d-150600.3.21.1

samba-gpupdate-4.19.8+git.435.78ced6cf30d-150600.3.21.1

samba-ldb-ldap-4.19.8+git.435.78ced6cf30d-150600.3.21.1

samba-libs-4.19.8+git.435.78ced6cf30d-150600.3.21.1

samba-libs-32bit-4.19.8+git.435.78ced6cf30d-150600.3.21.1

samba-libs-python3-4.19.8+git.435.78ced6cf30d-150600.3.21.1

samba-libs-python3-32bit-4.19.8+git.435.78ced6cf30d-150600.3.21.1

samba-python3-4.19.8+git.435.78ced6cf30d-150600.3.21.1

samba-test-4.19.8+git.435.78ced6cf30d-150600.3.21.1

samba-tool-4.19.8+git.435.78ced6cf30d-150600.3.21.1

samba-winbind-4.19.8+git.435.78ced6cf30d-150600.3.21.1

samba-winbind-libs-4.19.8+git.435.78ced6cf30d-150600.3.21.1

samba-winbind-libs-32bit-4.19.8+git.435.78ced6cf30d-150600.3.21.1

Ссылки

https://www.suse.com/support/update/announcement/2025/suse-su-202503612-1/
Link for SUSE-SU-2025:03612-1
https://lists.suse.com/pipermail/sle-security-updates/2025-October/022916.html
E-Mail link for SUSE-SU-2025:03612-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1251279
SUSE Bug 1251279
https://bugzilla.suse.com/1251280
SUSE Bug 1251280
https://www.suse.com/security/cve/CVE-2025-10230/
SUSE CVE CVE-2025-10230 page
https://www.suse.com/security/cve/CVE-2025-9640/
SUSE CVE CVE-2025-9640 page

Описание

unknown

Затронутые продукты

SUSE Linux Enterprise High Availability Extension 15 SP6:ctdb-4.19.8+git.435.78ced6cf30d-150600.3.21.1

SUSE Linux Enterprise Module for Basesystem 15 SP6:libsamba-policy-devel-4.19.8+git.435.78ced6cf30d-150600.3.21.1

SUSE Linux Enterprise Module for Basesystem 15 SP6:libsamba-policy-python3-devel-4.19.8+git.435.78ced6cf30d-150600.3.21.1

SUSE Linux Enterprise Module for Basesystem 15 SP6:libsamba-policy0-python3-4.19.8+git.435.78ced6cf30d-150600.3.21.1

Ссылки

https://www.suse.com/security/cve/CVE-2025-10230.html
CVE-2025-10230
https://bugzilla.suse.com/1251280
SUSE Bug 1251280

Описание

A flaw was found in Samba, in the vfs_streams_xattr module, where uninitialized heap memory could be written into alternate data streams. This allows an authenticated user to read residual memory content that may include sensitive data, resulting in an information disclosure vulnerability.

Затронутые продукты

SUSE Linux Enterprise High Availability Extension 15 SP6:ctdb-4.19.8+git.435.78ced6cf30d-150600.3.21.1

SUSE Linux Enterprise Module for Basesystem 15 SP6:libsamba-policy-devel-4.19.8+git.435.78ced6cf30d-150600.3.21.1

SUSE Linux Enterprise Module for Basesystem 15 SP6:libsamba-policy-python3-devel-4.19.8+git.435.78ced6cf30d-150600.3.21.1

SUSE Linux Enterprise Module for Basesystem 15 SP6:libsamba-policy0-python3-4.19.8+git.435.78ced6cf30d-150600.3.21.1

Ссылки

https://www.suse.com/security/cve/CVE-2025-9640.html
CVE-2025-9640
https://bugzilla.suse.com/1251279
SUSE Bug 1251279

SUSE-SU-2025:03612-1

Описание

Список пакетов

SUSE Linux Enterprise High Availability Extension 15 SP6

SUSE Linux Enterprise Module for Basesystem 15 SP6

openSUSE Leap 15.6

Ссылки

Уязвимость: CVE-2025-10230

Описание

Затронутые продукты

Ссылки

Уязвимость: CVE-2025-9640

Описание

Затронутые продукты

Ссылки