[Samba] CVE-2024-26248 and CVE-2024-29056
Rowland Penny
rpenny at samba.org
Wed Jun 4 12:19:23 UTC 2025
On Wed, 4 Jun 2025 14:04:19 +0200
Andrea Cucciarre via samba <samba at lists.samba.org> wrote:
> Hello,
>
> I have Samba server release 4.13.17 that join a Windows AD domain, so
> it acts as a domain member.
> The Microsoft security patches from April 2025 remove the
> compatibility mode on the domain controllers, which could be used to
> bypass the changed security settings regarding CVE-2024-26248 and
> CVE-2024-29056. Do these patching affect the ability of the Samba
> server to join the AD domain?
> Do these patching affect the ability of the Windows client to access
> the share on the Samba server?
>
> Thanks
> Andrea
You seem to be concerned about a security risk, but yet you are using a
dead (from the Samba point of view) version of Samba and presumably a
dead version of your distro (working on Samba 4.13.17 meaning Ubuntu
20.04).
As for your questions, I have heard of no problems with Windows clients
joining or accessing Samba servers running a supported version of Samba.
Rowland
More information about the samba
mailing list