Untriaged
Permalink
CVE-2023-3961
9.1 CRITICAL
- CVSS version: 3.1
- Attack vector (AV): NETWORK
- Attack complexity (AC): LOW
- Privileges required (PR): NONE
- User interaction (UI): NONE
- Scope (S): UNCHANGED
- Confidentiality impact (C): NONE
- Integrity impact (I): HIGH
- Availability impact (A): HIGH
Samba: smbd allows client access to unix domain sockets on the file system as root
A path traversal vulnerability was identified in Samba when processing client pipe names connecting to Unix domain sockets within a private directory. Samba typically uses this mechanism to connect SMB clients to remote procedure call (RPC) services like SAMR LSA or SPOOLSS, which Samba initiates on demand. However, due to inadequate sanitization of incoming client pipe names, allowing a client to send a pipe name containing Unix directory traversal characters (../). This could result in SMB clients connecting as root to Unix domain sockets outside the private directory. If an attacker or client managed to send a pipe name resolving to an external service using an existing Unix domain socket, it could potentially lead to unauthorized access to the service and consequential adverse events, including compromise or service crashes.
References
- RHSA-2023:6744 x_refsource_REDHAT vendor-advisory
- RHSA-2023:7371 x_refsource_REDHAT vendor-advisory
- RHSA-2023:7408 x_refsource_REDHAT vendor-advisory
- RHSA-2023:7464 x_refsource_REDHAT vendor-advisory
- RHSA-2023:7467 x_refsource_REDHAT vendor-advisory
- https://access.redhat.com/security/cve/CVE-2023-3961 x_refsource_REDHAT vdb-entry
- RHBZ#2241881 issue-tracking x_refsource_REDHAT
- https://bugzilla.samba.org/show_bug.cgi?id=15422
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproj…
- https://security.netapp.com/advisory/ntap-20231124-0002/
- https://www.samba.org/samba/security/CVE-2023-3961.html
- RHSA-2023:6209 x_refsource_REDHAT vendor-advisory
- RHSA-2023:6209 x_refsource_REDHAT vendor-advisory
- RHSA-2023:6744 x_refsource_REDHAT vendor-advisory
- RHSA-2023:7371 x_refsource_REDHAT vendor-advisory
- RHSA-2023:7408 x_refsource_REDHAT vendor-advisory
- RHSA-2023:7464 x_refsource_REDHAT vendor-advisory
- RHSA-2023:7467 x_refsource_REDHAT vendor-advisory
- https://access.redhat.com/security/cve/CVE-2023-3961 x_refsource_REDHAT vdb-entry
- RHBZ#2241881 issue-tracking x_refsource_REDHAT
- https://bugzilla.samba.org/show_bug.cgi?id=15422
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproj…
- https://security.netapp.com/advisory/ntap-20231124-0002/
- https://www.samba.org/samba/security/CVE-2023-3961.html
- RHSA-2023:6209 x_refsource_REDHAT vendor-advisory
- RHSA-2023:6744 x_refsource_REDHAT vendor-advisory
- RHSA-2023:7371 x_refsource_REDHAT vendor-advisory
- RHSA-2023:7408 x_refsource_REDHAT vendor-advisory
- RHSA-2023:7464 x_refsource_REDHAT vendor-advisory
- RHSA-2023:7467 x_refsource_REDHAT vendor-advisory
- https://access.redhat.com/security/cve/CVE-2023-3961 x_refsource_REDHAT vdb-entry
- RHBZ#2241881 issue-tracking x_refsource_REDHAT
- https://bugzilla.samba.org/show_bug.cgi?id=15422
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproj…
- https://security.netapp.com/advisory/ntap-20231124-0002/
- https://www.samba.org/samba/security/CVE-2023-3961.html
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproj…
- https://security.netapp.com/advisory/ntap-20231124-0002/
- https://www.samba.org/samba/security/CVE-2023-3961.html
- RHSA-2023:6209 x_refsource_REDHAT vendor-advisory
- RHSA-2023:6744 x_refsource_REDHAT vendor-advisory
- RHSA-2023:7371 x_refsource_REDHAT vendor-advisory
- RHSA-2023:7408 x_refsource_REDHAT vendor-advisory
- RHSA-2023:7464 x_refsource_REDHAT vendor-advisory
- RHSA-2023:7467 x_refsource_REDHAT vendor-advisory
- https://access.redhat.com/security/cve/CVE-2023-3961 x_refsource_REDHAT vdb-entry
- RHBZ#2241881 issue-tracking x_refsource_REDHAT
- https://bugzilla.samba.org/show_bug.cgi?id=15422
- RHSA-2023:6209 x_refsource_REDHAT vendor-advisory
- RHSA-2023:6744 x_refsource_REDHAT vendor-advisory
- RHSA-2023:7371 x_refsource_REDHAT vendor-advisory
- RHSA-2023:7408 x_refsource_REDHAT vendor-advisory
- RHSA-2023:7464 x_refsource_REDHAT vendor-advisory
- RHSA-2023:7467 x_refsource_REDHAT vendor-advisory
- https://access.redhat.com/security/cve/CVE-2023-3961 x_refsource_REDHAT vdb-entry
- RHBZ#2241881 issue-tracking x_refsource_REDHAT
- https://bugzilla.samba.org/show_bug.cgi?id=15422
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproj…
- https://security.netapp.com/advisory/ntap-20231124-0002/
- https://www.samba.org/samba/security/CVE-2023-3961.html
- RHSA-2023:6209 x_refsource_REDHAT vendor-advisory
- RHSA-2023:6744 x_refsource_REDHAT vendor-advisory
- RHSA-2023:7371 x_refsource_REDHAT vendor-advisory
- RHSA-2023:7408 x_refsource_REDHAT vendor-advisory
- RHSA-2023:7464 x_refsource_REDHAT vendor-advisory
- RHSA-2023:7467 x_refsource_REDHAT vendor-advisory
- https://access.redhat.com/security/cve/CVE-2023-3961 x_refsource_REDHAT vdb-entry
- RHBZ#2241881 issue-tracking x_refsource_REDHAT
- https://bugzilla.samba.org/show_bug.cgi?id=15422
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproj…
- https://security.netapp.com/advisory/ntap-20231124-0002/
- https://www.samba.org/samba/security/CVE-2023-3961.html
- RHBZ#2241881 issue-tracking x_refsource_REDHAT x_transferred
- https://bugzilla.samba.org/show_bug.cgi?id=15422 x_transferred
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproj… x_transferred
- https://security.netapp.com/advisory/ntap-20231124-0002/ x_transferred
- https://www.samba.org/samba/security/CVE-2023-3961.html x_transferred
- RHSA-2023:6209 x_refsource_REDHAT vendor-advisory x_transferred
- RHSA-2023:6744 x_refsource_REDHAT vendor-advisory x_transferred
- RHSA-2023:7371 x_refsource_REDHAT vendor-advisory x_transferred
- RHSA-2023:7408 x_refsource_REDHAT vendor-advisory x_transferred
- RHSA-2023:7464 x_refsource_REDHAT vendor-advisory x_transferred
- RHSA-2023:7467 x_refsource_REDHAT vendor-advisory x_transferred
- https://access.redhat.com/security/cve/CVE-2023-3961 x_refsource_REDHAT vdb-entry x_transferred
- RHSA-2023:6209 x_refsource_REDHAT vendor-advisory
- RHSA-2023:6744 x_refsource_REDHAT vendor-advisory
- RHSA-2023:7371 x_refsource_REDHAT vendor-advisory
- RHSA-2023:7408 x_refsource_REDHAT vendor-advisory
- RHSA-2023:7464 x_refsource_REDHAT vendor-advisory
- RHSA-2023:7467 x_refsource_REDHAT vendor-advisory
- https://access.redhat.com/security/cve/CVE-2023-3961 x_refsource_REDHAT vdb-entry
- RHBZ#2241881 issue-tracking x_refsource_REDHAT
- https://bugzilla.samba.org/show_bug.cgi?id=15422
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproj…
- https://security.netapp.com/advisory/ntap-20231124-0002/
- https://www.samba.org/samba/security/CVE-2023-3961.html
- RHSA-2023:6209 x_refsource_REDHAT vendor-advisory x_transferred
- RHSA-2023:6744 x_refsource_REDHAT vendor-advisory x_transferred
- RHSA-2023:7371 x_refsource_REDHAT vendor-advisory x_transferred
- RHSA-2023:7408 x_refsource_REDHAT vendor-advisory x_transferred
- RHSA-2023:7464 x_refsource_REDHAT vendor-advisory x_transferred
- RHSA-2023:7467 x_refsource_REDHAT vendor-advisory x_transferred
- https://access.redhat.com/security/cve/CVE-2023-3961 x_refsource_REDHAT vdb-entry x_transferred
- RHBZ#2241881 issue-tracking x_refsource_REDHAT x_transferred
- https://bugzilla.samba.org/show_bug.cgi?id=15422 x_transferred
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproj… x_transferred
- https://security.netapp.com/advisory/ntap-20231124-0002/ x_transferred
- https://www.samba.org/samba/security/CVE-2023-3961.html x_transferred
- RHSA-2023:6209 x_refsource_REDHAT vendor-advisory
- RHSA-2023:6744 x_refsource_REDHAT vendor-advisory
- RHSA-2023:7371 x_refsource_REDHAT vendor-advisory
- RHSA-2023:7408 x_refsource_REDHAT vendor-advisory
- RHSA-2023:7464 x_refsource_REDHAT vendor-advisory
- RHSA-2023:7467 x_refsource_REDHAT vendor-advisory
- https://access.redhat.com/security/cve/CVE-2023-3961 x_refsource_REDHAT vdb-entry
- RHBZ#2241881 issue-tracking x_refsource_REDHAT
- https://bugzilla.samba.org/show_bug.cgi?id=15422
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproj…
- https://security.netapp.com/advisory/ntap-20231124-0002/
- https://www.samba.org/samba/security/CVE-2023-3961.html
- RHSA-2023:6209 x_refsource_REDHAT vendor-advisory x_transferred
- RHSA-2023:6744 x_refsource_REDHAT vendor-advisory x_transferred
- RHSA-2023:7371 x_refsource_REDHAT vendor-advisory x_transferred
- RHSA-2023:7408 x_refsource_REDHAT vendor-advisory x_transferred
- RHSA-2023:7464 x_refsource_REDHAT vendor-advisory x_transferred
- RHSA-2023:7467 x_refsource_REDHAT vendor-advisory x_transferred
- https://access.redhat.com/security/cve/CVE-2023-3961 x_refsource_REDHAT vdb-entry x_transferred
- RHBZ#2241881 issue-tracking x_refsource_REDHAT x_transferred
- https://bugzilla.samba.org/show_bug.cgi?id=15422 x_transferred
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproj… x_transferred
- https://security.netapp.com/advisory/ntap-20231124-0002/ x_transferred
- https://www.samba.org/samba/security/CVE-2023-3961.html x_transferred
- RHSA-2023:6209 x_refsource_REDHAT vendor-advisory
- RHSA-2023:6744 x_refsource_REDHAT vendor-advisory
- RHSA-2023:7371 x_refsource_REDHAT vendor-advisory
- RHSA-2023:7408 x_refsource_REDHAT vendor-advisory
- RHSA-2023:7464 x_refsource_REDHAT vendor-advisory
- RHSA-2023:7467 x_refsource_REDHAT vendor-advisory
- https://access.redhat.com/security/cve/CVE-2023-3961 x_refsource_REDHAT vdb-entry
- RHBZ#2241881 issue-tracking x_refsource_REDHAT
- https://bugzilla.samba.org/show_bug.cgi?id=15422
- https://www.samba.org/samba/security/CVE-2023-3961.html
- RHSA-2023:6209 x_refsource_REDHAT vendor-advisory x_transferred
- RHSA-2023:6744 x_refsource_REDHAT vendor-advisory x_transferred
- RHSA-2023:7371 x_refsource_REDHAT vendor-advisory x_transferred
- RHSA-2023:7408 x_refsource_REDHAT vendor-advisory x_transferred
- RHSA-2023:7464 x_refsource_REDHAT vendor-advisory x_transferred
- RHSA-2023:7467 x_refsource_REDHAT vendor-advisory x_transferred
- https://access.redhat.com/security/cve/CVE-2023-3961 x_refsource_REDHAT vdb-entry x_transferred
- RHBZ#2241881 issue-tracking x_refsource_REDHAT x_transferred
- https://bugzilla.samba.org/show_bug.cgi?id=15422 x_transferred
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproj… x_transferred
- https://security.netapp.com/advisory/ntap-20231124-0002/ x_transferred
- https://www.samba.org/samba/security/CVE-2023-3961.html x_transferred
- RHSA-2023:6209 x_refsource_REDHAT vendor-advisory
- RHSA-2023:6744 x_refsource_REDHAT vendor-advisory
- RHSA-2023:7371 x_refsource_REDHAT vendor-advisory
- RHSA-2023:7408 x_refsource_REDHAT vendor-advisory
- RHSA-2023:7464 x_refsource_REDHAT vendor-advisory
- RHSA-2023:7467 x_refsource_REDHAT vendor-advisory
- https://access.redhat.com/security/cve/CVE-2023-3961 x_refsource_REDHAT vdb-entry
- RHBZ#2241881 issue-tracking x_refsource_REDHAT
- https://bugzilla.samba.org/show_bug.cgi?id=15422
- https://www.samba.org/samba/security/CVE-2023-3961.html
- RHSA-2023:6209 x_refsource_REDHAT vendor-advisory x_transferred
- RHSA-2023:6744 x_refsource_REDHAT vendor-advisory x_transferred
- RHSA-2023:7371 x_refsource_REDHAT vendor-advisory x_transferred
- RHSA-2023:7408 x_refsource_REDHAT vendor-advisory x_transferred
- RHSA-2023:7464 x_refsource_REDHAT vendor-advisory x_transferred
- RHSA-2023:7467 x_refsource_REDHAT vendor-advisory x_transferred
- https://access.redhat.com/security/cve/CVE-2023-3961 x_refsource_REDHAT vdb-entry x_transferred
- RHBZ#2241881 issue-tracking x_refsource_REDHAT x_transferred
- https://bugzilla.samba.org/show_bug.cgi?id=15422 x_transferred
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproj… x_transferred
- https://security.netapp.com/advisory/ntap-20231124-0002/ x_transferred
- https://www.samba.org/samba/security/CVE-2023-3961.html x_transferred
- RHSA-2023:6209 x_refsource_REDHAT vendor-advisory
- RHSA-2023:6744 x_refsource_REDHAT vendor-advisory
- RHSA-2023:7371 x_refsource_REDHAT vendor-advisory
- RHSA-2023:7408 x_refsource_REDHAT vendor-advisory
- RHSA-2023:7464 x_refsource_REDHAT vendor-advisory
- RHSA-2023:7467 x_refsource_REDHAT vendor-advisory
- https://access.redhat.com/security/cve/CVE-2023-3961 x_refsource_REDHAT vdb-entry
- RHBZ#2241881 issue-tracking x_refsource_REDHAT
- https://bugzilla.samba.org/show_bug.cgi?id=15422
- https://www.samba.org/samba/security/CVE-2023-3961.html
- RHSA-2023:6209 x_refsource_REDHAT vendor-advisory x_transferred
- RHSA-2023:6744 x_refsource_REDHAT vendor-advisory x_transferred
- RHSA-2023:7371 x_refsource_REDHAT vendor-advisory x_transferred
- RHSA-2023:7408 x_refsource_REDHAT vendor-advisory x_transferred
- RHSA-2023:7464 x_refsource_REDHAT vendor-advisory x_transferred
- RHSA-2023:7467 x_refsource_REDHAT vendor-advisory x_transferred
- https://access.redhat.com/security/cve/CVE-2023-3961 x_refsource_REDHAT vdb-entry x_transferred
- RHBZ#2241881 issue-tracking x_refsource_REDHAT x_transferred
- https://bugzilla.samba.org/show_bug.cgi?id=15422 x_transferred
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproj… x_transferred
- https://security.netapp.com/advisory/ntap-20231124-0002/ x_transferred
- https://www.samba.org/samba/security/CVE-2023-3961.html x_transferred
- RHSA-2023:6209 x_refsource_REDHAT vendor-advisory
- RHSA-2023:6744 x_refsource_REDHAT vendor-advisory
- RHSA-2023:7371 x_refsource_REDHAT vendor-advisory
- RHSA-2023:7408 x_refsource_REDHAT vendor-advisory
- RHSA-2023:7464 x_refsource_REDHAT vendor-advisory
- RHSA-2023:7467 x_refsource_REDHAT vendor-advisory
- https://access.redhat.com/security/cve/CVE-2023-3961 x_refsource_REDHAT vdb-entry
- RHBZ#2241881 issue-tracking x_refsource_REDHAT
- https://bugzilla.samba.org/show_bug.cgi?id=15422
- https://www.samba.org/samba/security/CVE-2023-3961.html
- RHSA-2023:7408 x_refsource_REDHAT vendor-advisory x_transferred
- RHSA-2023:7464 x_refsource_REDHAT vendor-advisory x_transferred
- RHSA-2023:7467 x_refsource_REDHAT vendor-advisory x_transferred
- https://access.redhat.com/security/cve/CVE-2023-3961 x_refsource_REDHAT vdb-entry x_transferred
- RHBZ#2241881 issue-tracking x_refsource_REDHAT x_transferred
- https://bugzilla.samba.org/show_bug.cgi?id=15422 x_transferred
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproj… x_transferred
- https://security.netapp.com/advisory/ntap-20231124-0002/ x_transferred
- https://www.samba.org/samba/security/CVE-2023-3961.html x_transferred
- RHSA-2023:6209 x_refsource_REDHAT vendor-advisory x_transferred
- RHSA-2023:6744 x_refsource_REDHAT vendor-advisory x_transferred
- RHSA-2023:7371 x_refsource_REDHAT vendor-advisory x_transferred
Affected products
samba
- *
- ==4.18.8
- ==4.17.12
- ==4.19.1
samba4
Matching in nixpkgs
pkgs.samba4
Standard Windows interoperability suite of programs for Linux and Unix
-
nixos-unstable -
- nixpkgs-unstable 4.22.3
pkgs.sambaFull
Standard Windows interoperability suite of programs for Linux and Unix
-
nixos-unstable -
- nixpkgs-unstable 4.22.3
pkgs.samba4Full
Standard Windows interoperability suite of programs for Linux and Unix
-
nixos-unstable -
- nixpkgs-unstable 4.22.3
Package maintainers
-
@aneeshusa Aneesh Agrawal <aneeshusa@gmail.com>
-
@jbedo Justin Bedő <cu@cua0.org>