Advisory ROSA-SA-2024-2451

Software: samba 4.12.3
OS: ROSA Virtualization 2.1

package_evr_string: samba-4.12.3

CVE-ID: CVE-2020-25722
BDU-ID: 2022-00004
CVE-Crit: CRITICAL.
CVE-DESC.: A vulnerability in the Active Directory Domain Controller component of the Samba networking software package is caused by a buffer overflow. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code
CVE-STATUS: Not Current
CVE-REV:

CVE-ID: CVE-2021-20254
BDU-ID: 2021-03130
CVE-Crit: HIGH
CVE-DESC.: A vulnerability in the Samba file system involves reading beyond buffer boundaries. Exploitation of the vulnerability could allow an attacker acting remotely to impact the confidentiality and integrity of protected information
CVE-STATUS: Not relevant
CVE-REV:

CVE-ID: CVE-2021-20316
BDU-ID: None
CVE-Crit: MEDIUM
CVE-DESC.: A vulnerability has been discovered in the way Samba handles file/directory metadata. This vulnerability allows an authenticated attacker with permissions to read or modify share metadata to perform this operation outside of the share.
CVE-STATUS: Not Relevant
CVE-REV:

CVE-ID: CVE-2021-23192
BDU-ID: None
CVE-Crit: HIGH
CVE-DESC.: A bug was discovered in Samba’s implementation of DCE/RPC. If a client on a Samba server sent a very large DCE/RPC request and decided to fragment it, an attacker could replace subsequent fragments with their own data, bypassing the signature requirements.
CVE-STATUS: Not relevant
CVE-REV:

CVE-ID: CVE-2021-3670
BDU-ID: None
CVE-Crit: MEDIUM
CVE-DESC.: MaxQueryDuration is not considered in Samba AD DC LDAP
CVE-STATUS: Not Relevant
CVE-REV:

CVE-ID: CVE-2021-3671
BDU-ID: 2022-06245
CVE-Crit: MEDIUM
CVE-DESC.: A vulnerability in the Samba networking software package is related to pointer dereferencing errors. Exploitation of the vulnerability allows an attacker acting remotely to cause a denial of service
CVE-STATUS: Not Current
CVE-REV:

CVE-ID: CVE-2021-3738
BDU-ID: 2021-06224
CVE-Crit: HIGH
CVE-DESC.: A vulnerability in the AD DC RPC server service of the samba software is related to the use of memory after it has been freed. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service or escalate their privileges
CVE-STATUS: Not Current
CVE-REV:

CVE-ID: CVE-2021-44141
BDU-ID: 2022-00685
CVE-Crit: MEDIUM
CVE-DESC.: A vulnerability in the Samba network file system involves incorrectly identifying a reference before accessing a file. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to sensitive information by creating a symbolic link
CVE-STATUS: Not Current
CVE-REV:

CVE-ID: CVE-2021-44142
BDU-ID: 2022-00579
CVE-Crit: HIGH
CVE-DESC.: A vulnerability in the VFS module vfs_fruit of the Samba networking software package is related to writing beyond buffer boundaries in memory. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code
CVE-STATUS: Not relevant
CVE-REV:

CVE-ID: CVE-2022-0336
BDU-ID: 2022-00684
CVE-Crit: MEDIUM
CVE-DESC.: A vulnerability in the Samba network file system is related to insufficient data authentication. Exploitation of the vulnerability could allow an attacker to cause a denial of service condition
CVE-STATUS: Not Current
CVE-REV:

CVE-ID: CVE-2022-2031
BDU-ID: 2022-05290
CVE-Crit: MEDIUM
CVE-DESC.: A vulnerability in the KDC kpasswd service of the Samba networking software suite is related to flaws in the authentication procedure. Exploitation of the vulnerability could allow an attacker acting remotely to escalate privileges on the system
CVE-STATUS: Not Current
CVE-REV:

CVE-ID: CVE-2022-32744
BDU-ID: 2022-04687
CVE-Crit: HIGH
CVE-DESC.: A vulnerability in the Samba network file system involves errors in the authentication procedure. Exploitation of the vulnerability could allow an attacker acting remotely to change the password of an arbitrary user and gain full access to the account
CVE-STATUS: Not Current
CVE-REV:

CVE-ID: CVE-2022-32746
BDU-ID: 2022-04911
CVE-Crit: MEDIUM
CVE-DESC.: A vulnerability in the ActiveDirectory/DC database audit logging module of the Samba networking software package is related to memory usage after it has been freed. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service
CVE-STATUS: Not Current
CVE-REV:

CVE-ID: CVE-2022-3437
BDU-ID: 2022-06493
CVE-Crit: MEDIUM
CVE-DESC.: A vulnerability in the unwrap_des() and unwrap_des3() functions of the Heimdal package GSSAPI library of the Samba networking program is related to a stack-based buffer overflow. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service
CVE-STATUS: Not Relevant
CVE-REV:

CVE-ID: CVE-2022-42898
BDU-ID: 2022-06933
CVE-Crit: MEDIUM
CVE-DESC.: A vulnerability in the PAC (Privileged Attribute Certificate) parameters of the krb5_parse_pac function of the Heimdal and MIT Kerberos packets of the Samba networking program is related to a stack-based buffer overflow. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service
CVE-STATUS: Not Relevant
CVE-REV:

CVE-ID: CVE-2022-45141
BDU-ID: 2023-00022
CVE-Crit: HIGH
CVE-DESC.: A vulnerability in the Heimdal Kerberos protocol implementation of the Samba networking software suite is related to the use of the RC4-HMAC cryptographic algorithm. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code
CVE-STATUS: Not Current
CVE-REV:

CVE-ID: CVE-2023-0614
BDU-ID: 2023-02012
CVE-Crit: MEDIUM
CVE-DESC.: A vulnerability in the Samba networking software package is related to a lack of service data protection. Exploitation of the vulnerability could allow an attacker acting remotely to disclose protected information
CVE-STATUS: Not Current
CVE-REV:

CVE-ID: CVE-2023-0922
BDU-ID: 2023-02011
CVE-Crit: MEDIUM
CVE-DESC.: A vulnerability in the samba-tool utility of the Samba networking software suite is related to the transmission of credentials in unencrypted form when working with an LDAP server. Exploitation of the vulnerability could allow an attacker acting remotely to gain unauthorized access to the device
CVE-STATUS: Not Applicable
CVE-REV: