(RHSA-2023:7139) Moderate: samba security, bug fix, and enhancement update

2023-11-1408:46:27

access.redhat.com

samba

server message block

common internet file system

security fix

out-of-bounds read

infinite loop

type confusion

path disclosure

red hat enterprise linux

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

AI Score

7.2

Confidence

Low

EPSS

0.215

Percentile

96.5%

JSON

Samba is an open-source implementation of the Server Message Block (SMB) protocol and the related Common Internet File System (CIFS) protocol, which allow PC-compatible machines to share files, printers, and various information.

The following packages have been upgraded to a later upstream version: samba (4.18.6). (BZ#2190417)

Security Fix(es):

samba: out-of-bounds read in winbind AUTH_CRAP (CVE-2022-2127)
samba: infinite loop in mdssvc RPC service for spotlight (CVE-2023-34966)
samba: type confusion in mdssvc RPC service for spotlight (CVE-2023-34967)
samba: spotlight server-side share path disclosure (CVE-2023-34968)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.9 Release Notes linked from the References section.

OSVersionArchitecturePackageVersionFilename
RedHat8i686libnetapi-debuginfo< 4.18.6-1.el8libnetapi-debuginfo-4.18.6-1.el8.i686.rpm
RedHat8s390xsamba-dc-libs-debuginfo< 4.18.6-1.el8samba-dc-libs-debuginfo-4.18.6-1.el8.s390x.rpm
RedHat8s390xctdb-debuginfo< 4.18.6-1.el8ctdb-debuginfo-4.18.6-1.el8.s390x.rpm
RedHat8aarch64evolution-mapi-debuginfo< 3.28.3-8.el8evolution-mapi-debuginfo-3.28.3-8.el8.aarch64.rpm
RedHat8ppc64lesamba-test-libs< 4.18.6-1.el8samba-test-libs-4.18.6-1.el8.ppc64le.rpm
RedHat8aarch64samba-krb5-printing-debuginfo< 4.18.6-1.el8samba-krb5-printing-debuginfo-4.18.6-1.el8.aarch64.rpm
RedHat8ppc64lepython3-samba< 4.18.6-1.el8python3-samba-4.18.6-1.el8.ppc64le.rpm
RedHat8ppc64lesamba-winbind-clients-debuginfo< 4.18.6-1.el8samba-winbind-clients-debuginfo-4.18.6-1.el8.ppc64le.rpm
RedHat8aarch64samba-vfs-iouring< 4.18.6-1.el8samba-vfs-iouring-4.18.6-1.el8.aarch64.rpm
RedHat8s390xpython3-samba-dc< 4.18.6-1.el8python3-samba-dc-4.18.6-1.el8.s390x.rpm

OS	Version	Architecture	Package	Version	Filename
RedHat	8	i686	libnetapi-debuginfo	< 4.18.6-1.el8	libnetapi-debuginfo-4.18.6-1.el8.i686.rpm
RedHat	8	s390x	samba-dc-libs-debuginfo	< 4.18.6-1.el8	samba-dc-libs-debuginfo-4.18.6-1.el8.s390x.rpm
RedHat	8	s390x	ctdb-debuginfo	< 4.18.6-1.el8	ctdb-debuginfo-4.18.6-1.el8.s390x.rpm
RedHat	8	aarch64	evolution-mapi-debuginfo	< 3.28.3-8.el8	evolution-mapi-debuginfo-3.28.3-8.el8.aarch64.rpm
RedHat	8	ppc64le	samba-test-libs	< 4.18.6-1.el8	samba-test-libs-4.18.6-1.el8.ppc64le.rpm
RedHat	8	aarch64	samba-krb5-printing-debuginfo	< 4.18.6-1.el8	samba-krb5-printing-debuginfo-4.18.6-1.el8.aarch64.rpm
RedHat	8	ppc64le	python3-samba	< 4.18.6-1.el8	python3-samba-4.18.6-1.el8.ppc64le.rpm
RedHat	8	ppc64le	samba-winbind-clients-debuginfo	< 4.18.6-1.el8	samba-winbind-clients-debuginfo-4.18.6-1.el8.ppc64le.rpm
RedHat	8	aarch64	samba-vfs-iouring	< 4.18.6-1.el8	samba-vfs-iouring-4.18.6-1.el8.aarch64.rpm
RedHat	8	s390x	python3-samba-dc	< 4.18.6-1.el8	python3-samba-dc-4.18.6-1.el8.s390x.rpm