Lucene search

RedHatRHSA-2022:1756

HistoryMay 10, 2022 - 4:11 a.m.

(RHSA-2022:1756) Moderate: samba security, bug fix and enhancement update

2022-05-1004:11:43

access.redhat.com

red hat gluster storage

samba

security fix

symlink error

information leak

cve-2021-20316

cve-2021-44141

upgrade

data storage

CVSS2

3.5

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:S/C:P/I:N/A:N

CVSS3

6.8

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N

EPSS

0.002

Percentile

55.2%

JSON

Red Hat Gluster Storage is a software only scale-out storage solution that provides flexible and affordable unstructured data storage. It unifies data storage and infrastructure, increases performance, and improves availability and manageability to meet enterprise-level storage challenges.

Security Fix(es):

samba: Symlink race error can allow metadata read and modify outside of the exported share (CVE-2021-20316)
samba: Information leak via symlinks of existance of files or directories outside of the exported share (CVE-2021-44141)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Users of samba with Red Hat Gluster Storage are advised to upgrade to these updated packages.

OSVersionArchitecturePackageVersionFilename
RedHat8x86_64libwbclient-debuginfo< 4.15.5-100.el8rhgslibwbclient-debuginfo-4.15.5-100.el8rhgs.x86_64.rpm
RedHat8x86_64samba-winbind-debuginfo< 4.15.5-100.el8rhgssamba-winbind-debuginfo-4.15.5-100.el8rhgs.x86_64.rpm
RedHat8x86_64samba-common-tools< 4.15.5-100.el8rhgssamba-common-tools-4.15.5-100.el8rhgs.x86_64.rpm
RedHat8x86_64python3-samba< 4.15.5-100.el8rhgspython3-samba-4.15.5-100.el8rhgs.x86_64.rpm
RedHat8x86_64samba-client-debuginfo< 4.15.5-100.el8rhgssamba-client-debuginfo-4.15.5-100.el8rhgs.x86_64.rpm
RedHat8x86_64libwbclient< 4.15.5-100.el8rhgslibwbclient-4.15.5-100.el8rhgs.x86_64.rpm
RedHat8x86_64samba-common-tools-debuginfo< 4.15.5-100.el8rhgssamba-common-tools-debuginfo-4.15.5-100.el8rhgs.x86_64.rpm
RedHat8x86_64libtevent-debuginfo< 0.11.0-1.el8rhgslibtevent-debuginfo-0.11.0-1.el8rhgs.x86_64.rpm
RedHat8x86_64python3-talloc-debuginfo< 2.3.3-2.el8rhgspython3-talloc-debuginfo-2.3.3-2.el8rhgs.x86_64.rpm
RedHat8x86_64samba-debuginfo< 4.15.5-100.el8rhgssamba-debuginfo-4.15.5-100.el8rhgs.x86_64.rpm

OS	Version	Architecture	Package	Version	Filename
RedHat	8	x86_64	libwbclient-debuginfo	< 4.15.5-100.el8rhgs	libwbclient-debuginfo-4.15.5-100.el8rhgs.x86_64.rpm
RedHat	8	x86_64	samba-winbind-debuginfo	< 4.15.5-100.el8rhgs	samba-winbind-debuginfo-4.15.5-100.el8rhgs.x86_64.rpm
RedHat	8	x86_64	samba-common-tools	< 4.15.5-100.el8rhgs	samba-common-tools-4.15.5-100.el8rhgs.x86_64.rpm
RedHat	8	x86_64	python3-samba	< 4.15.5-100.el8rhgs	python3-samba-4.15.5-100.el8rhgs.x86_64.rpm
RedHat	8	x86_64	samba-client-debuginfo	< 4.15.5-100.el8rhgs	samba-client-debuginfo-4.15.5-100.el8rhgs.x86_64.rpm
RedHat	8	x86_64	libwbclient	< 4.15.5-100.el8rhgs	libwbclient-4.15.5-100.el8rhgs.x86_64.rpm
RedHat	8	x86_64	samba-common-tools-debuginfo	< 4.15.5-100.el8rhgs	samba-common-tools-debuginfo-4.15.5-100.el8rhgs.x86_64.rpm
RedHat	8	x86_64	libtevent-debuginfo	< 0.11.0-1.el8rhgs	libtevent-debuginfo-0.11.0-1.el8rhgs.x86_64.rpm
RedHat	8	x86_64	python3-talloc-debuginfo	< 2.3.3-2.el8rhgs	python3-talloc-debuginfo-2.3.3-2.el8rhgs.x86_64.rpm
RedHat	8	x86_64	samba-debuginfo	< 4.15.5-100.el8rhgs	samba-debuginfo-4.15.5-100.el8rhgs.x86_64.rpm