Samba 4.18.8 Available for Download

Samba 4.18.8 (gzipped)

Patch (gzipped) against Samba 4.18.7

                   Release Notes for Samba 4.18.8
                          October 10, 2023

This is a security release in order to address the following defects:

o CVE-2023-3961:  Unsanitized pipe names allow SMB clients to connect as root to
                  existing unix domain sockets on the file system.

o CVE-2023-4091:  SMB client can truncate files to 0 bytes by opening files with
                  OVERWRITE disposition when using the acl_xattr Samba VFS
                  module with the smb.conf setting
                  "acl_xattr:ignore system acls = yes"

o CVE-2023-4154:  An RODC and a user with the GET_CHANGES right can view all
                  attributes, including secrets and passwords.  Additionally,
                  the access check fails open on error conditions.

o CVE-2023-42669: Calls to the rpcecho server on the AD DC can request that the
                  server block for a user-defined amount of time, denying

o CVE-2023-42670: Samba can be made to start multiple incompatible RPC
                  listeners, disrupting service on the AD DC.

Changes since 4.18.7

o  Jeremy Allison <>
   * BUG 15422: CVE-2023-3961.

o  Andrew Bartlett <>
   * BUG 15424: CVE-2023-4154.
   * BUG 15473: CVE-2023-42670.
   * BUG 15474: CVE-2023-42669.

o  Ralph Boehme <>
   * BUG 15439: CVE-2023-4091.

o  Stefan Metzmacher <>
   * BUG 15424: CVE-2023-4154.

o  Joseph Sutton <>
   * BUG 15424: CVE-2023-4154.