CVE-2026-3238

NameCVE-2026-3238
DescriptionA flaw was found in Samba’s WINS server component when running as an Active Directory Domain Controller. The WINS protocol handlers for certain request types did not properly validate incoming packets, allowing an unauthenticated remote attacker to trigger a NULL pointer dereference and crash the WINS service using specially crafted UDP packets.
SourceCVE (at NVD; CERT, ENISA, LWN, oss-sec, fulldisc, Debian ELTS, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
ReferencesDSA-6297-1

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
samba (PTS)bullseye2:4.13.13+dfsg-1~deb11u6vulnerable
bullseye (security)2:4.13.13+dfsg-1~deb11u7vulnerable
bookworm2:4.17.12+dfsg-0+deb12u3vulnerable
bookworm (security)2:4.17.12+dfsg-0+deb12u4fixed
trixie2:4.22.8+dfsg-0+deb13u1vulnerable
trixie (security)2:4.22.8+dfsg-0+deb13u2fixed
forky, sid2:4.24.3+dfsg-1fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
sambasourcebookworm2:4.17.12+dfsg-0+deb12u4DSA-6297-1
sambasourcetrixie2:4.22.8+dfsg-0+deb13u2DSA-6297-1
sambasource(unstable)2:4.24.3+dfsg-1

Notes

https://www.samba.org/samba/security/CVE-2026-3238.html
Search for package or bug name: Reporting problems