[CLSA-2026:1781181291] Fix CVE(s): CVE-2026-4408
Type:
security
Severity:
Critical
Release date:
2026-06-11 12:35:13 UTC
Description:
* SECURITY UPDATE: shell injection in "check password script" via %u substitution. Samba did not sanitize or quote the username before substituting it into the configured check password script, allowing crafted usernames containing shell metacharacters to inject arbitrary commands executed by smbd. - debian/patches/CVE-2026-4408.patch - CVE-2026-4408
CVEs fixed:
Updated packages:
  • ctdb_4.15.13+dfsg-0ubuntu0.20.04.8+tuxcare.els3_amd64.deb
    sha:25607c30c82215146f83c316bc27828f5cb8f9b2
  • libnss-winbind_4.15.13+dfsg-0ubuntu0.20.04.8+tuxcare.els3_amd64.deb
    sha:b10c0c75d735967645aa9d83b83125e62450ec2d
  • libpam-winbind_4.15.13+dfsg-0ubuntu0.20.04.8+tuxcare.els3_amd64.deb
    sha:3884b90d47cf6a2e4a9973818a877abbb646e7c5
  • libsmbclient_4.15.13+dfsg-0ubuntu0.20.04.8+tuxcare.els3_amd64.deb
    sha:27b55e5f15217f14d1619d47958243dfcb46f679
  • libsmbclient-dev_4.15.13+dfsg-0ubuntu0.20.04.8+tuxcare.els3_amd64.deb
    sha:bbfaf06c51136bbc7525d5ed13e2dbff57c09930
  • libwbclient-dev_4.15.13+dfsg-0ubuntu0.20.04.8+tuxcare.els3_amd64.deb
    sha:bb5e2d4c0a8e61c2df97853f7cf1bd130529c976
  • libwbclient0_4.15.13+dfsg-0ubuntu0.20.04.8+tuxcare.els3_amd64.deb
    sha:ed65fc5cfe0f4a36435fe22ae72406deec985e86
  • python3-samba_4.15.13+dfsg-0ubuntu0.20.04.8+tuxcare.els3_amd64.deb
    sha:4a0e44bea14cec622ea1765a327d922dd1c10917
  • registry-tools_4.15.13+dfsg-0ubuntu0.20.04.8+tuxcare.els3_amd64.deb
    sha:3a2258b5a615a527513e252c512d5d8b89adddeb
  • samba_4.15.13+dfsg-0ubuntu0.20.04.8+tuxcare.els3_amd64.deb
    sha:33b850542b4056d89f01cfabcfb518d0327d68cc
  • samba-common_4.15.13+dfsg-0ubuntu0.20.04.8+tuxcare.els3_all.deb
    sha:8982a03d445d35f92f533686fef0fc9f5fc7833b
  • samba-common-bin_4.15.13+dfsg-0ubuntu0.20.04.8+tuxcare.els3_amd64.deb
    sha:fa8132bdbefa71aba335bb07ae0c92b949688d68
  • samba-dev_4.15.13+dfsg-0ubuntu0.20.04.8+tuxcare.els3_amd64.deb
    sha:9643dc6c2415bc21889f5152fbf98abece2a8ec8
  • samba-dsdb-modules_4.15.13+dfsg-0ubuntu0.20.04.8+tuxcare.els3_amd64.deb
    sha:f9ff0196fb0f42c8fa7686d46b0d34a7d96524d7
  • samba-libs_4.15.13+dfsg-0ubuntu0.20.04.8+tuxcare.els3_amd64.deb
    sha:06d66e7a082f78337468b7ba308e99e2fa3d10b7
  • samba-testsuite_4.15.13+dfsg-0ubuntu0.20.04.8+tuxcare.els3_amd64.deb
    sha:637707f564afd1dab922b0d70a09da5e33eb4fab
  • samba-vfs-modules_4.15.13+dfsg-0ubuntu0.20.04.8+tuxcare.els3_amd64.deb
    sha:9388be8d3da6b3050ac1c97075e2827122273fab
  • smbclient_4.15.13+dfsg-0ubuntu0.20.04.8+tuxcare.els3_amd64.deb
    sha:cbd1f114e836dce0d9765c84c0eda53d080ef7a2
  • winbind_4.15.13+dfsg-0ubuntu0.20.04.8+tuxcare.els3_amd64.deb
    sha:dd1b949697863e36cfd969627f4308c17c5172f2
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.