CVE-2026-3012
Publication date 26 May 2026
Last updated 6 June 2026
Ubuntu priority
Description
A flaw was found in Samba’s certificate auto-enrollment Group Policy handling. When certificate auto-enrollment is enabled, Samba may retrieve a CA certificate over an unencrypted HTTP connection and install it into the local trust store without proper verification. An attacker with the ability to intercept or redirect network traffic could exploit this behavior to supply a malicious certificate authority certificate, potentially allowing interception or spoofing of trusted communications.
Status
| Package | Ubuntu Release | Status |
|---|---|---|
| samba | 26.04 LTS resolute |
Fixed 2:4.23.6+dfsg-1ubuntu2.1
|
| 25.10 questing |
Fixed 2:4.22.3+dfsg-4ubuntu2.4
|
|
| 24.04 LTS noble |
Fixed 2:4.19.5+dfsg-4ubuntu9.6
|
|
| 22.04 LTS jammy |
Not affected
|
|
| 20.04 LTS focal |
Not affected
|
|
| 18.04 LTS bionic |
Not affected
|
|
| 16.04 LTS xenial |
Not affected
|
|
| 14.04 LTS trusty |
Not affected
|
Notes
mdeslaur
This only affects environments where Samba is used as a member in an Active Directory Domain, group policies are enabled on Samba, certificate auto-enrolment is enabled using the Windows GPME tool, and an attacker can intercept network communications.
Severity score breakdown
| Parameter | Value |
|---|---|
| Base score |
8.0 · High
|
| Attack vector | Adjacent |
| Attack complexity | High |
| Privileges required | None |
| User interaction | None |
| Scope | Changed |
| Confidentiality | High |
| Integrity impact | High |
| Availability impact | None |
| Vector | CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N |
References
Related Ubuntu Security Notices (USN)
- USN-8306-1
- Samba vulnerabilities
- 26 May 2026