Samba Team releases security updates to patch two vulnerabilities. The first vulnerability impacts Samba versions 4.9 and 4.10, while the other vulnerability impacts all versions of Samba from v4.10 onwards.
The first vulnerability
Samba Team has released security updates to patch the vulnerability in the latest versions 4.9.9 and 4.10.5. Samba administrators are advised to update the latest versions.
The second vulnerability
“Specifically, while in Samba 4.10 the default is for one process per connected client, site-specific configuration trigger can change this. Samba 4.10 also supports the 'prefork' process model and by using the -M option to 'samba' and a 'single' process model. Both of these share on process between multiple clients,” the advisory read.
Publisher