CVE-2025-10230

NameCVE-2025-10230
DescriptionA flaw was found in Samba, in the front-end WINS hook handling: NetBIOS names from registration packets are passed to a shell without proper validation or escaping. Unsanitized NetBIOS name data from WINS registration packets are inserted into a shell command and executed by the Samba Active Directory Domain Controller’s wins hook, allowing an unauthenticated network attacker to achieve remote command execution as the Samba process.
SourceCVE (at NVD; CERT, ENISA, LWN, oss-sec, fulldisc, Debian ELTS, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
samba (PTS)bullseye2:4.13.13+dfsg-1~deb11u6vulnerable
bullseye (security)2:4.13.13+dfsg-1~deb11u7vulnerable
bookworm2:4.17.12+dfsg-0+deb12u3fixed
bookworm (security)2:4.17.12+dfsg-0+deb12u1vulnerable
trixie2:4.22.6+dfsg-0+deb13u1fixed
forky, sid2:4.23.5+dfsg-1fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
sambasourcebookworm2:4.17.12+dfsg-0+deb12u3
sambasourcetrixie2:4.22.6+dfsg-0+deb13u1
sambasource(unstable)2:4.23.2+dfsg-1

Notes

[bullseye] - samba <ignored> (Domain controller functionality is EOLed, see DSA-5477-1)
https://www.samba.org/samba/security/CVE-2025-10230.html
https://bugzilla.samba.org/show_bug.cgi?id=15903
Search for package or bug name: Reporting problems