CVE-2025-0620

Medium CVSS: 4.9

A flaw was found in Samba. The smbd service daemon does not pick up group membership changes when re-authenticating an expired SMB session. This issue can expose file shares until clients disconnect and then connect again.

Vendor

Samba

Product

Samba

CWE

CWE-552

Yayın Tarihi

2025-06-06 14:15:21

Güncelleme

2026-01-08 04:15:52

Source Identifier

secalert@redhat.com

KEV Date Added

Kategoriler

CWE-552 Samba MEDIUM Samba 2025

Referanslar

https://access.redhat.com/security/cve/CVE-2025-0620 https://bugzilla.redhat.com/show_bug.cgi?id=2370453 https://www.samba.org/samba/security/CVE-2025-0620.html http://www.openwall.com/lists/oss-security/2025/06/03/8

Benzer Kayıtlar

Critical

CVE-2024-12084

A heap-based buffer overflow flaw was found in the rsync daemon. This issue is due to improper handling of attacker-cont…

High

CVE-2024-12085

A flaw was found in rsync which could be triggered when rsync compares file checksums. This flaw allows an attacker to m…

Medium

CVE-2024-12086

A flaw was found in rsync. It could allow a server to enumerate the contents of an arbitrary file from the client's mach…

Medium

CVE-2024-12087

A path traversal vulnerability exists in rsync. It stems from behavior enabled by the `--inc-recursive` option, a defaul…

Medium

CVE-2024-12088

A flaw was found in rsync. When using the `--safe-links` option, the rsync client fails to properly verify if a symbolic…