First Last Prev Next    This bug is not in your last search results.
Bug 54369 - samba: Multiple issues (5.0)
samba: Multiple issues (5.0)
Status: CLOSED FIXED
Product: UCS
Classification: Unclassified
Component: Security updates
UCS 5.0
Other Linux
: P5 normal (vote)
: UCS 5.0-1-errata
Assigned To: Erik Damrose
Julia Bremer
:
Depends on:
Blocks: 54370
  Show dependency treegraph
 
Reported: 2022-01-24 10:50 CET by Erik Damrose
Modified: 2022-03-21 12:05 CET (History)
1 user (show)

See Also:
What kind of report is it?: Security Issue
What type of bug is this?: ---
Who will be affected by this bug?: ---
How will those affected feel about the bug?: ---
User Pain:
Enterprise Customer affected?:
School Customer affected?:
ISV affected?:
Waiting Support:
Flags outvoted (downgraded) after PO Review:
Ticket number:
Bug group (optional):
Max CVSS v3 score: 9.9 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:F/RL:O/RC:C

Attachments
advisory (894 bytes, application/x-yaml)
2022-01-26 15:43 CET, Erik Damrose 		Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Erik Damrose univentionstaff 2022-01-24 10:50:40 CET 
Security update scheduled for January 31st 2022.

* https://bugzilla.samba.org/show_bug.cgi?id=14911 
UNIX extensions in SMB1 disclose whether the outside target of a symlink exists (CVE-2021-44141)
CVSS:AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C/CR:L/IR:L/AR:L/MAV:N/MAC:L/MPR:L/MUI:N/MS:U/MC:H/MI:N/MA:N Base score 4.2.

* https://bugzilla.samba.org/show_bug.cgi?id=14950
Re-adding an SPN skips subsequent SPN conflict checks (CVE-2022-0336)
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Base score 8.8.

* https://bugzilla.samba.org/show_bug.cgi?id=14914
Out-of-Bound Read/Write on Samba vfs_fruit module  (CVE-2021-44142)
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:F/RL:O/RC:C Base score 9.9.
-> The module is not enabled by default on UCS
Comment 1 Erik Damrose univentionstaff 2022-01-24 22:50:59 CET 
CVE-2021-44141 patch differs to much, is too invasive and cannot be backported to samba 4.13. This is the same issue we had with the previous fix at bug 54015. Upstream bug mentions that other vendors have the same issue and will not backport this fix.

Patches for the other issues added in svn r19508
98_CVE-2021-44142-v4.13-bug-14914.quilt
98_CVE-2022-0336-v4.13-bug-14950.quilt

samba 2:4.13.13-1A~5.0.0.202201242233
Comment 2 Erik Damrose univentionstaff 2022-01-26 15:43:52 CET 
Created attachment 10907 [details]
advisory
Comment 3 Julia Bremer univentionstaff 2022-01-27 16:17:19 CET 
Patches applied: OK
Advisory: OK
Automatic Tests: OK
Verified
First Last Prev Next    This bug is not in your last search results.