Bug 52066 – (ES 4.3) samba

Bug 52066 - (ES 4.3) samba


Summary:	(ES 4.3) samba

Status:	CLOSED WONTFIX

Product:	UCS
Classification:	Unclassified
Component:	Security updates
Version:	UCS 4.3
Hardware:	All other

Importance:	P5 normal (vote)
Target Milestone:	---
Assigned To:	Quality Assurance
QA Contact:	Erik Damrose

URL:
Keywords:

Depends on:
Blocks:
	Show dependency tree / graph

Reported:	2020-09-20 21:45 CEST by Erik Damrose
Modified:	2021-06-14 09:42 CEST (History)
CC List:	2 users (show)

See Also:
What kind of report is it?:	Security Issue
What type of bug is this?:	---
Who will be affected by this bug?:	---
How will those affected feel about the bug?:	---
User Pain:
Enterprise Customer affected?:
School Customer affected?:
ISV affected?:
Waiting Support:
Flags outvoted (downgraded) after PO Review:
Ticket number:
Bug group (optional):
Max CVSS v3 score:	7.5 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Erik Damrose

2020-09-20 21:45:31 CEST

Provide samba version 2:4.10.1-1A~4.4.0.202006301635 for UCS 4.3
First imported at bug #51532

This update addresses the following issues:
* A client combining the 'ASQ' and 'VLV' LDAP
  controls can cause a NULL pointer de-reference and
  further combinations with the LDAP paged_results
  feature can give a use-after-free in Samba's AD DC
  LDAP server. (CVE-2020-10730)
* Compression of replies to NetBIOS over TCP/IP
  name resolution and DNS packets (which can be
  supplied as UDP requests) can be abused to
  consume excessive amounts of CPU on the Samba
  AD DC (only). (CVE-2020-10745)
* The use of the paged_results or VLV controls against
  the Global Catalog LDAP server on the AD DC will cause
  a use-after-free. (CVE-2020-10760)
* The AD DC NBT server in Samba 4.0 will enter a
  CPU spin and not process further requests
  once it receives a empty (zero-length) UDP
  packet to port 137. (CVE-2020-14303)

Comment 1 Erik Damrose

2020-09-21 11:51:02 CEST

See bug 51210 for information about a removal of the package version in UCS 4.3-5. This has to be fixed before providing the package as ES 4.3. I will remove the samba and ldb package from the ES 4.3 scope for now.

Comment 3 Ingo Steuwer

2021-05-14 16:49:05 CEST

should be still relevant for UCS 4.4

Comment 4 Ingo Steuwer

2021-05-14 16:49:51 CEST

(In reply to Ingo Steuwer from comment #3)
> should be still relevant for UCS 4.4

no, wrong bug -> still UCS 4.3

Comment 5 Erik Damrose

2021-06-14 09:42:10 CEST

Extended security maintenance for UCS 4.3 ended on 31 May 2021. Customers with access to 4.3 extended security maintenance did not run samba on their UCS 4.3 systems, there was no requirement to fix this in 4.3.
Bug closed.