Samba WINS NULL Deref via UDP (CVE-2026-3238)
CVE-2026-3238 Published on June 8, 2026

Samba: denial of service against ad dc wins server
A flaw was found in Sambas WINS server component when running as an Active Directory Domain Controller. The WINS protocol handlers for certain request types did not properly validate incoming packets, allowing an unauthenticated remote attacker to trigger a NULL pointer dereference and crash the WINS service using specially crafted UDP packets.

NVD

Vulnerability Analysis

CVE-2026-3238 is exploitable with network access, and does not require authorization privileges or user interaction. This vulnerability is considered to have a low attack complexity. The potential impact of an exploit of this vulnerability is considered to have no impact on confidentiality and integrity, and a high impact on availability.

Attack Vector:
NETWORK
Attack Complexity:
LOW
Privileges Required:
NONE
User Interaction:
NONE
Scope:
UNCHANGED
Confidentiality Impact:
NONE
Integrity Impact:
NONE
Availability Impact:
HIGH

Timeline

Reported to Red Hat.

Made public.

Weakness Type

NULL Pointer Dereference

A NULL pointer dereference occurs when the application dereferences a pointer that it expects to be valid, but is NULL, typically causing a crash or exit. NULL pointer dereference issues can occur through a number of flaws, including race conditions, and simple programming omissions.


Products Associated with CVE-2026-3238

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2026-3238 are published in these products:

Canonical Ubuntu Linux
 
Red Hat Enterprise Linux (RHEL)
 
Red Hat Openshift
 

Affected Versions

Red Hat Enterprise Linux 10: Red Hat Enterprise Linux 6: Red Hat Enterprise Linux 6: Red Hat Enterprise Linux 7: Red Hat Enterprise Linux 8: Red Hat Enterprise Linux 9: Red Hat OpenShift Container Platform 4: