(RHSA-2024:0423) Moderate: samba security update

2024-01-2414:40:29

access.redhat.com

samba

security fix

smb protocol

cifs protocol

out-of-bounds read

infinite loop

type confusion

server-side share path disclosure

gnutls gnutls_rnd()

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

AI Score

7.1

Confidence

Low

EPSS

0.215

Percentile

96.5%

JSON

Samba is an open-source implementation of the Server Message Block (SMB) protocol and the related Common Internet File System (CIFS) protocol, which allow PC-compatible machines to share files, printers, and various information.

Security Fix(es):

samba: out-of-bounds read in winbind AUTH_CRAP (CVE-2022-2127)
samba: infinite loop in mdssvc RPC service for spotlight (CVE-2023-34966)
samba: type confusion in mdssvc RPC service for spotlight (CVE-2023-34967)
samba: spotlight server-side share path disclosure (CVE-2023-34968)
samba: GnuTLS gnutls_rnd() can fail and give predictable random values (CVE-2022-1615)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

OSVersionArchitecturePackageVersionFilename
RedHat8x86_64samba-debugsource< 4.15.5-15.el8_6samba-debugsource-4.15.5-15.el8_6.x86_64.rpm
RedHat8ppc64lesamba-winbind-debuginfo< 4.15.5-15.el8_6samba-winbind-debuginfo-4.15.5-15.el8_6.ppc64le.rpm
RedHat8i686samba-libs-debuginfo< 4.15.5-15.el8_6samba-libs-debuginfo-4.15.5-15.el8_6.i686.rpm
RedHat8x86_64samba-winbind-modules< 4.15.5-15.el8_6samba-winbind-modules-4.15.5-15.el8_6.x86_64.rpm
RedHat8i686samba-debuginfo< 4.15.5-15.el8_6samba-debuginfo-4.15.5-15.el8_6.i686.rpm
RedHat8i686samba-common-tools-debuginfo< 4.15.5-15.el8_6samba-common-tools-debuginfo-4.15.5-15.el8_6.i686.rpm
RedHat8s390xlibsmbclient< 4.15.5-15.el8_6libsmbclient-4.15.5-15.el8_6.s390x.rpm
RedHat8aarch64python3-samba-debuginfo< 4.15.5-15.el8_6python3-samba-debuginfo-4.15.5-15.el8_6.aarch64.rpm
RedHat8i686samba-winbind-krb5-locator-debuginfo< 4.15.5-15.el8_6samba-winbind-krb5-locator-debuginfo-4.15.5-15.el8_6.i686.rpm
RedHat8aarch64samba-test-libs< 4.15.5-15.el8_6samba-test-libs-4.15.5-15.el8_6.aarch64.rpm

OS	Version	Architecture	Package	Version	Filename
RedHat	8	x86_64	samba-debugsource	< 4.15.5-15.el8_6	samba-debugsource-4.15.5-15.el8_6.x86_64.rpm
RedHat	8	ppc64le	samba-winbind-debuginfo	< 4.15.5-15.el8_6	samba-winbind-debuginfo-4.15.5-15.el8_6.ppc64le.rpm
RedHat	8	i686	samba-libs-debuginfo	< 4.15.5-15.el8_6	samba-libs-debuginfo-4.15.5-15.el8_6.i686.rpm
RedHat	8	x86_64	samba-winbind-modules	< 4.15.5-15.el8_6	samba-winbind-modules-4.15.5-15.el8_6.x86_64.rpm
RedHat	8	i686	samba-debuginfo	< 4.15.5-15.el8_6	samba-debuginfo-4.15.5-15.el8_6.i686.rpm
RedHat	8	i686	samba-common-tools-debuginfo	< 4.15.5-15.el8_6	samba-common-tools-debuginfo-4.15.5-15.el8_6.i686.rpm
RedHat	8	s390x	libsmbclient	< 4.15.5-15.el8_6	libsmbclient-4.15.5-15.el8_6.s390x.rpm
RedHat	8	aarch64	python3-samba-debuginfo	< 4.15.5-15.el8_6	python3-samba-debuginfo-4.15.5-15.el8_6.aarch64.rpm
RedHat	8	i686	samba-winbind-krb5-locator-debuginfo	< 4.15.5-15.el8_6	samba-winbind-krb5-locator-debuginfo-4.15.5-15.el8_6.i686.rpm
RedHat	8	aarch64	samba-test-libs	< 4.15.5-15.el8_6	samba-test-libs-4.15.5-15.el8_6.aarch64.rpm