Attachment 11093 Details for Bug 56297 – Advisory

Advisory

samba.yaml (text/plain), 1.34 KB, created by Arvid Requate on 2023-07-18 08:02:22 CEST

(hide)

Description:

Filename:

MIME Type:

Creator: Arvid Requate

Created: 2023-07-18 08:02:22 CEST

Size: 1.34 KB

patch

obsolete

>product: ucs
>release: "5.0"
>version: [4]
>scope: ucs_5.0-0-errata5.0-4
>src: samba
>fix: 2:4.18.3-1A~5.0.0.202307171116
>desc: |
> This update addresses the following issues:
> * When winbind is used for NTLM authentication, a maliciously
>   crafted request can trigger an out-of-bounds read in winbind
>   and possibly crash it (CVE-2022-2127).
> * SMB2 packet signing was not enforced if an admin configured
>   "server signing = required" or for SMB2 connections to
>   Domain Controllers where SMB2 packet signing is mandatory (CVE-2023-3347).
> * An infinite loop bug in Samba's mdssvc RPC service for Spotlight
>   can be triggered by an unauthenticated attacker by issuing a
>   malformed RPC request (CVE-2023-34966).
> * Missing type validation in Samba's mdssvc RPC service for Spotlight
>   can be used by an unauthenticated attacker to trigger a process crash
>   in a shared RPC mdssvc worker process (CVE-2023-34967).
> * As part of the Spotlight protocol Samba discloses the server-side
>   absolute path of shares and files and directories in search results
>   (CVE-2023-34968).
> * After Microsoft released the July 2023 updates, Windows clients showed
>   login errors. Samba has been adjusted to handle the new behavior of
>   netlogon secure channel negotiation.
>bug: [56297, 56320]
>cve:
> - CVE-2022-2127
> - CVE-2023-3347
> - CVE-2023-34966
> - CVE-2023-34967
> - CVE-2023-34968

Actions: View

Attachments on bug 56297: 11093