Corrective releases of the Samba 4.24.3, 4.23.8 and 4.22.10 package have been presented, providing an open implementation of the SMB protocols and Active Directory. These new versions address 6 vulnerabilities, two of which allow a remote, unauthenticated attacker to execute code on the server.
- CVE-2026-4408 – a vulnerability in the implementation of the SAMR (Security Account Manager) server on top of DCE/RPC. This issue affects file servers and classic domain controllers that run the samba-dcerpcd process as a system service and use the password check script specified in smb.conf. The vulnerability allows arbitrary shell commands to be executed on the server when a specially designed username is specified.
- CVE-2026-4480 – a vulnerability in the print output server that uses the setting “print command” with wildcard character “%J”. This issue allows for remote code execution when sending a print job, including in the guest mode available by default.
In addition to these vulnerabilities, the new releases also address issues such as bypassing checking access rights, secondary overwriting files, installing certificates via HTTP without verification, and causing an AD DC WINS server to crash by sending a specially crafted UDP packet.
/Reports, release notes, official announcements.