PatchSiren cyber security CVE debrief
CVE-2026-3238 Red Hat CVE debrief
CVE-2026-3238 is a HIGH severity vulnerability in Samba's WINS server component. An unauthenticated remote attacker can trigger a NULL pointer dereference and crash the WINS service using specially crafted UDP packets. The vulnerability has a CVSS score of 7.5 and was published on [cvePublishedAt](https://www.cve.org/CVERecord?id=CVE-2026-3238).
- Vendor
- Red Hat
- Product
- Red Hat Enterprise Linux 10
- CVSS
- HIGH 7.5
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-06-08
- Original CVE updated
- 2026-06-08
- Advisory published
- 2026-06-08
- Advisory updated
- 2026-06-08
Who should care
Administrators of Samba installations, particularly those running as an Active Directory Domain Controller, should be aware of this vulnerability and take steps to mitigate it.
Technical summary
The WINS protocol handlers for certain request types did not properly validate incoming packets, allowing an unauthenticated remote attacker to trigger a NULL pointer dereference and crash the WINS service.
Defensive priority
HIGH
Recommended defensive actions
- Apply patches or updates from the Samba project or relevant vendors, such as Red Hat, as soon as possible.
- Review and update network configurations to limit exposure to untrusted UDP traffic.
- Monitor Samba WINS server logs for suspicious activity.
Evidence notes
The vendor is listed as Unknown Vendor, but evidence suggests a potential connection to Red Hat.
Official resources
CVE-2026-3238 was published on 2026-06-08T09:16:30.160Z and modified on 2026-06-08T14:59:24.257Z.