Lucene search

CentOS ProjectCESA-2021:2313

HistoryJun 14, 2021 - 6:37 p.m.

ctdb, libsmbclient, libwbclient, samba security update

2021-06-1418:37:00

CentOS Project

lists.centos.org

725

samba

security update

cve-2021-20254

smb protocol

cifs protocol

centos

libsmbclient

libwbclient

CVSS2

4.9

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:S/C:P/I:P/A:N

CVSS3

6.8

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N

EPSS

0.004

Percentile

74.4%

JSON

CentOS Errata and Security Advisory CESA-2021:2313

Samba is an open-source implementation of the Server Message Block (SMB) protocol and the related Common Internet File System (CIFS) protocol, which allow PC-compatible machines to share files, printers, and various information.

Security Fix(es):

samba: Negative idmap cache entries can cause incorrect group entries in the Samba file server process token (CVE-2021-20254)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Bug Fix(es):

smb.service stops when samba rpms are updated (BZ#1930747)
samba printing dumps core (BZ#1937867)

Merged security bulletin from advisories:
https://lists.centos.org/pipermail/centos-announce/2021-June/086110.html

Affected packages:
ctdb
ctdb-tests
libsmbclient
libsmbclient-devel
libwbclient
libwbclient-devel
samba
samba-client
samba-client-libs
samba-common
samba-common-libs
samba-common-tools
samba-dc
samba-dc-libs
samba-devel
samba-krb5-printing
samba-libs
samba-pidl
samba-python
samba-python-test
samba-test
samba-test-libs
samba-vfs-glusterfs
samba-winbind
samba-winbind-clients
samba-winbind-krb5-locator
samba-winbind-modules

Upstream details at:
https://access.redhat.com/errata/RHSA-2021:2313

OSVersionArchitecturePackageVersionFilename
CentOS7x86_64ctdb< 4.10.16-15.el7_9ctdb-4.10.16-15.el7_9.x86_64.rpm
CentOS7x86_64ctdb-tests< 4.10.16-15.el7_9ctdb-tests-4.10.16-15.el7_9.x86_64.rpm
CentOS7i686libsmbclient< 4.10.16-15.el7_9libsmbclient-4.10.16-15.el7_9.i686.rpm
CentOS7x86_64libsmbclient< 4.10.16-15.el7_9libsmbclient-4.10.16-15.el7_9.x86_64.rpm
CentOS7i686libsmbclient-devel< 4.10.16-15.el7_9libsmbclient-devel-4.10.16-15.el7_9.i686.rpm
CentOS7x86_64libsmbclient-devel< 4.10.16-15.el7_9libsmbclient-devel-4.10.16-15.el7_9.x86_64.rpm
CentOS7i686libwbclient< 4.10.16-15.el7_9libwbclient-4.10.16-15.el7_9.i686.rpm
CentOS7x86_64libwbclient< 4.10.16-15.el7_9libwbclient-4.10.16-15.el7_9.x86_64.rpm
CentOS7i686libwbclient-devel< 4.10.16-15.el7_9libwbclient-devel-4.10.16-15.el7_9.i686.rpm
CentOS7x86_64libwbclient-devel< 4.10.16-15.el7_9libwbclient-devel-4.10.16-15.el7_9.x86_64.rpm

OS	Version	Architecture	Package	Version	Filename
CentOS	7	x86_64	ctdb	< 4.10.16-15.el7_9	ctdb-4.10.16-15.el7_9.x86_64.rpm
CentOS	7	x86_64	ctdb-tests	< 4.10.16-15.el7_9	ctdb-tests-4.10.16-15.el7_9.x86_64.rpm
CentOS	7	i686	libsmbclient	< 4.10.16-15.el7_9	libsmbclient-4.10.16-15.el7_9.i686.rpm
CentOS	7	x86_64	libsmbclient	< 4.10.16-15.el7_9	libsmbclient-4.10.16-15.el7_9.x86_64.rpm
CentOS	7	i686	libsmbclient-devel	< 4.10.16-15.el7_9	libsmbclient-devel-4.10.16-15.el7_9.i686.rpm
CentOS	7	x86_64	libsmbclient-devel	< 4.10.16-15.el7_9	libsmbclient-devel-4.10.16-15.el7_9.x86_64.rpm
CentOS	7	i686	libwbclient	< 4.10.16-15.el7_9	libwbclient-4.10.16-15.el7_9.i686.rpm
CentOS	7	x86_64	libwbclient	< 4.10.16-15.el7_9	libwbclient-4.10.16-15.el7_9.x86_64.rpm
CentOS	7	i686	libwbclient-devel	< 4.10.16-15.el7_9	libwbclient-devel-4.10.16-15.el7_9.i686.rpm
CentOS	7	x86_64	libwbclient-devel	< 4.10.16-15.el7_9	libwbclient-devel-4.10.16-15.el7_9.x86_64.rpm