CVE-2025-9640 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

A flaw was found in Samba, in the vfs_streams_xattr module, where uninitialized heap memory could be written into alternate data streams. This allows an authent…
Medium CVSS: 4.3

CVE-2025-9640

A flaw was found in Samba, in the vfs_streams_xattr module, where uninitialized heap memory could be written into alternate data streams. This allows an authenticated user to read residual memory content that may include sensitive data, resulting in an information disclosure vulnerability.
Vendor
-
Product
-
CWE
CWE-908
Yayın Tarihi
2025-10-15 13:16:01
Güncelleme
2025-11-26 21:15:47
Source Identifier
secalert@redhat.com
KEV Date Added
-

Kategoriler

CWE-908 MEDIUM 2025

Referanslar

https://access.redhat.com/security/cve/CVE-2025-9640 https://bugzilla.redhat.com/show_bug.cgi?id=2391698 https://www.samba.org/samba/history/security.html http://www.openwall.com/lists/oss-security/2025/10/15/2 http://www.openwall.com/lists/oss-security/2025/10/16/2 https://lists.debian.org/debian-lts-announce/2025/11/msg00027.html