Home

Description

A flaw was found in Samba’s handling of NTFS-style reparse points on shares configured with read only = yes. Due to missing SMB-layer access checks, authenticated users with underlying filesystem write permissions may create or delete reparse point metadata through SMB operations even on read-only exports. This could allow modification of SMB-visible file behavior, including converting files into symbolic links or other reparse point types.

PUBLISHED Reserved 2026-02-04 | Published 2026-05-27 | Updated 2026-06-03 | Assigner redhat




HIGH: 7.1CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H

Problem types

Improper Access Control

Product status

Default status
affected

0:4.23.5-109.el10_2 (rpm) before *
unaffected

Default status
unknown

Default status
unknown

Default status
affected

Default status
affected

Default status
affected

Default status
affected

Timeline

2026-03-13:Reported to Red Hat.
2026-05-27:Made public.

Credits

Red Hat would like to thank Asim Viladi Oglu Manizada for reporting this issue.

References

access.redhat.com/errata/RHSA-2026:22963 (RHSA-2026:22963) vendor-advisory

access.redhat.com/security/cve/CVE-2026-1933 vdb-entry

bugzilla.redhat.com/show_bug.cgi?id=2447317 (RHBZ#2447317) issue-tracking

bugzilla.samba.org/show_bug.cgi?id=15992

cve.org (CVE-2026-1933)

nvd.nist.gov (CVE-2026-1933)

Download JSON