Univention Bugzilla – Bug 54016
samba: Multiple issues (4.4)
Last modified: 2022-01-24 10:52:21 CET
Check backport to 4.4-8 +++ This bug was initially created as a clone of Bug #54015 +++ Security update scheduled for January 10th 2022. * https://bugzilla.samba.org/show_bug.cgi?id=13979 * https://bugzilla.samba.org/show_bug.cgi?id=14842
Created attachment 10898 [details] ucs44-CVE-2021-43566-draft.patch The general mitigation is * ucr set samba/min/protocol=SMB2_02; /etc/init.d/samba restart * Don't export a samba share also via smb * Don't allow user access to share directories on server side The latter is already standard of UCS/Samba AD DCs For CVE-2021-20316 the upstream (4.15) changes are too invasive to backport. For CVE-2021-43566 there is a patch that applies to 4.13, but the code was different in 4.10. The attached draft is an absolutely untested backport of the upstream (4.13) patch 0001-s3-smbd-Fix-mkdir-race-condition-allows-share-escape.patch
(In reply to Arvid Requate from comment #1) > * Don't export a samba share also via smb The typo is rather significant, it should be Don't export a samba share also via _NFS_
We have published a security recommendation here: https://help.univention.com/t/recommendation-for-samba-security-issues-cve-2021-43566-and-cve-2021-20316/19188