Suggestions search

All statuses

Filter by:

With package: samba4Full

Found 16 matching suggestions

View:

Compact

Detailed

Untriaged

Permalink CVE-2023-34966

7.5 HIGH

CVSS version: 3.1
Attack vector (AV): NETWORK
Attack complexity (AC): LOW
Privileges required (PR): NONE
User interaction (UI): NONE
Scope (S): UNCHANGED
Confidentiality impact (C): NONE
Integrity impact (I): NONE
Availability impact (A): HIGH

created 6 months, 1 week ago

Samba: infinite loop in mdssvc rpc service for spotlight

An infinite loop vulnerability was found in Samba's mdssvc RPC service for Spotlight. When parsing Spotlight mdssvc RPC packets sent by the client, the core unmarshalling function sl_unpack_loop() did not validate a field in the network packet that contains the count of elements in an array-like structure. By passing 0 as the count value, the attacked function will run in an endless loop consuming 100% CPU. This flaw allows an attacker to issue a malformed RPC request, triggering an infinite loop, resulting in a denial of service condition.

References

https://www.samba.org/samba/security/CVE-2023-34966
RHSA-2023:6667 vendor-advisory x_refsource_REDHAT
RHSA-2023:7139 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2023-34966 x_refsource_REDHAT vdb-entry
RHBZ#2222793 issue-tracking x_refsource_REDHAT
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproj…
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproj…
https://security.netapp.com/advisory/ntap-20230731-0010/
https://www.debian.org/security/2023/dsa-5477
https://access.redhat.com/security/cve/CVE-2023-34966 x_refsource_REDHAT vdb-entry
RHBZ#2222793 issue-tracking x_refsource_REDHAT
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproj…
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproj…
https://security.netapp.com/advisory/ntap-20230731-0010/
https://www.debian.org/security/2023/dsa-5477
https://www.samba.org/samba/security/CVE-2023-34966
RHSA-2023:6667 vendor-advisory x_refsource_REDHAT
RHSA-2023:7139 vendor-advisory x_refsource_REDHAT
RHSA-2024:0423 vendor-advisory x_refsource_REDHAT
RHSA-2023:6667 vendor-advisory x_refsource_REDHAT
RHSA-2023:7139 vendor-advisory x_refsource_REDHAT
RHSA-2024:0423 vendor-advisory x_refsource_REDHAT
RHSA-2024:0580 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2023-34966 x_refsource_REDHAT vdb-entry
RHBZ#2222793 issue-tracking x_refsource_REDHAT
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproj…
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproj…
https://security.netapp.com/advisory/ntap-20230731-0010/
https://www.debian.org/security/2023/dsa-5477
https://www.samba.org/samba/security/CVE-2023-34966
RHSA-2023:6667 vendor-advisory x_refsource_REDHAT
RHSA-2023:7139 vendor-advisory x_refsource_REDHAT
RHSA-2024:0423 vendor-advisory x_refsource_REDHAT
RHSA-2024:0580 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2023-34966 x_refsource_REDHAT vdb-entry
RHBZ#2222793 issue-tracking x_refsource_REDHAT
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproj…
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproj…
https://security.netapp.com/advisory/ntap-20230731-0010/
https://www.debian.org/security/2023/dsa-5477
https://www.samba.org/samba/security/CVE-2023-34966
RHSA-2024:0580 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2023-34966 x_refsource_REDHAT vdb-entry
RHBZ#2222793 issue-tracking x_refsource_REDHAT
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproj…
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproj…
https://security.netapp.com/advisory/ntap-20230731-0010/
https://www.debian.org/security/2023/dsa-5477
https://www.samba.org/samba/security/CVE-2023-34966
RHSA-2023:6667 vendor-advisory x_refsource_REDHAT
RHSA-2023:7139 vendor-advisory x_refsource_REDHAT
RHSA-2024:0423 vendor-advisory x_refsource_REDHAT
RHSA-2023:6667 vendor-advisory x_refsource_REDHAT
RHSA-2023:7139 vendor-advisory x_refsource_REDHAT
RHSA-2024:0423 vendor-advisory x_refsource_REDHAT
RHSA-2024:0580 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2023-34966 x_refsource_REDHAT vdb-entry
RHBZ#2222793 issue-tracking x_refsource_REDHAT
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproj…
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproj…
https://security.netapp.com/advisory/ntap-20230731-0010/
https://www.debian.org/security/2023/dsa-5477
https://www.samba.org/samba/security/CVE-2023-34966
RHSA-2023:6667 vendor-advisory x_refsource_REDHAT
RHSA-2023:7139 vendor-advisory x_refsource_REDHAT
RHSA-2024:0423 vendor-advisory x_refsource_REDHAT
RHSA-2024:0580 vendor-advisory x_refsource_REDHAT
RHSA-2024:4101 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2023-34966 x_refsource_REDHAT vdb-entry
RHBZ#2222793 issue-tracking x_refsource_REDHAT
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproj…
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproj…
https://security.netapp.com/advisory/ntap-20230731-0010/
https://www.debian.org/security/2023/dsa-5477
https://www.samba.org/samba/security/CVE-2023-34966
https://access.redhat.com/security/cve/CVE-2023-34966 x_refsource_REDHAT vdb-entry
RHBZ#2222793 issue-tracking x_refsource_REDHAT
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproj…
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproj…
https://security.netapp.com/advisory/ntap-20230731-0010/
https://www.debian.org/security/2023/dsa-5477
https://www.samba.org/samba/security/CVE-2023-34966
RHSA-2023:6667 vendor-advisory x_refsource_REDHAT
RHSA-2023:7139 vendor-advisory x_refsource_REDHAT
RHSA-2024:0423 vendor-advisory x_refsource_REDHAT
RHSA-2024:0580 vendor-advisory x_refsource_REDHAT
RHSA-2024:4101 vendor-advisory x_refsource_REDHAT
RHSA-2023:6667 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2023:7139 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2024:0423 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2024:0580 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2024:4101 vendor-advisory x_refsource_REDHAT x_transferred
https://access.redhat.com/security/cve/CVE-2023-34966 x_transferred x_refsource_REDHAT vdb-entry
RHBZ#2222793 issue-tracking x_refsource_REDHAT x_transferred
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproj… x_transferred
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproj… x_transferred
https://security.netapp.com/advisory/ntap-20230731-0010/ x_transferred
https://www.debian.org/security/2023/dsa-5477 x_transferred
https://www.samba.org/samba/security/CVE-2023-34966 x_transferred
RHSA-2024:0423 vendor-advisory x_refsource_REDHAT
RHSA-2024:0580 vendor-advisory x_refsource_REDHAT
RHSA-2024:4101 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2023-34966 x_refsource_REDHAT vdb-entry
RHBZ#2222793 issue-tracking x_refsource_REDHAT
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproj…
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproj…
https://security.netapp.com/advisory/ntap-20230731-0010/
https://www.debian.org/security/2023/dsa-5477
https://www.samba.org/samba/security/CVE-2023-34966
RHSA-2023:6667 vendor-advisory x_refsource_REDHAT
RHSA-2023:7139 vendor-advisory x_refsource_REDHAT
RHSA-2023:6667 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2023:7139 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2024:0423 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2024:0580 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2024:4101 vendor-advisory x_refsource_REDHAT x_transferred
https://access.redhat.com/security/cve/CVE-2023-34966 x_transferred x_refsource_REDHAT vdb-entry
RHBZ#2222793 issue-tracking x_refsource_REDHAT x_transferred
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproj… x_transferred
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproj… x_transferred
https://security.netapp.com/advisory/ntap-20230731-0010/ x_transferred
https://www.debian.org/security/2023/dsa-5477 x_transferred
https://www.samba.org/samba/security/CVE-2023-34966 x_transferred
https://www.debian.org/security/2023/dsa-5477
https://www.samba.org/samba/security/CVE-2023-34966
RHSA-2023:6667 vendor-advisory x_refsource_REDHAT
RHSA-2023:7139 vendor-advisory x_refsource_REDHAT
RHSA-2024:0423 vendor-advisory x_refsource_REDHAT
RHSA-2024:0580 vendor-advisory x_refsource_REDHAT
RHSA-2024:4101 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2023-34966 x_refsource_REDHAT vdb-entry
RHBZ#2222793 issue-tracking x_refsource_REDHAT
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproj…
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproj…
https://security.netapp.com/advisory/ntap-20230731-0010/
RHSA-2023:6667 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2023:7139 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2024:0423 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2024:0580 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2024:4101 vendor-advisory x_refsource_REDHAT x_transferred
https://access.redhat.com/security/cve/CVE-2023-34966 x_transferred x_refsource_REDHAT vdb-entry
RHBZ#2222793 issue-tracking x_refsource_REDHAT x_transferred
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproj… x_transferred
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproj… x_transferred
https://security.netapp.com/advisory/ntap-20230731-0010/ x_transferred
https://www.debian.org/security/2023/dsa-5477 x_transferred
https://www.samba.org/samba/security/CVE-2023-34966 x_transferred
RHSA-2023:6667 vendor-advisory x_refsource_REDHAT
RHSA-2023:7139 vendor-advisory x_refsource_REDHAT
RHSA-2024:0423 vendor-advisory x_refsource_REDHAT
RHSA-2024:0580 vendor-advisory x_refsource_REDHAT
RHSA-2024:4101 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2023-34966 x_refsource_REDHAT vdb-entry
RHBZ#2222793 issue-tracking x_refsource_REDHAT
https://www.samba.org/samba/security/CVE-2023-34966
RHBZ#2222793 issue-tracking x_refsource_REDHAT x_transferred
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproj… x_transferred
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproj… x_transferred
https://security.netapp.com/advisory/ntap-20230731-0010/ x_transferred
https://www.debian.org/security/2023/dsa-5477 x_transferred
https://www.samba.org/samba/security/CVE-2023-34966 x_transferred
RHSA-2023:6667 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2023:7139 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2024:0423 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2024:0580 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2024:4101 vendor-advisory x_refsource_REDHAT x_transferred
https://access.redhat.com/security/cve/CVE-2023-34966 x_transferred x_refsource_REDHAT vdb-entry
RHSA-2023:6667 vendor-advisory x_refsource_REDHAT
RHSA-2023:7139 vendor-advisory x_refsource_REDHAT
RHSA-2024:0423 vendor-advisory x_refsource_REDHAT
RHSA-2024:0580 vendor-advisory x_refsource_REDHAT
RHSA-2024:4101 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2023-34966 x_refsource_REDHAT vdb-entry
RHBZ#2222793 issue-tracking x_refsource_REDHAT
https://www.samba.org/samba/security/CVE-2023-34966
RHSA-2023:6667 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2023:7139 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2024:0423 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2024:0580 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2024:4101 vendor-advisory x_refsource_REDHAT x_transferred
https://access.redhat.com/security/cve/CVE-2023-34966 x_transferred x_refsource_REDHAT vdb-entry
RHBZ#2222793 issue-tracking x_refsource_REDHAT x_transferred
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproj… x_transferred
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproj… x_transferred
https://security.netapp.com/advisory/ntap-20230731-0010/ x_transferred
https://www.debian.org/security/2023/dsa-5477 x_transferred
https://www.samba.org/samba/security/CVE-2023-34966 x_transferred
https://access.redhat.com/security/cve/CVE-2023-34966 x_refsource_REDHAT vdb-entry
RHBZ#2222793 issue-tracking x_refsource_REDHAT
https://www.samba.org/samba/security/CVE-2023-34966
RHSA-2023:6667 vendor-advisory x_refsource_REDHAT
RHSA-2023:7139 vendor-advisory x_refsource_REDHAT
RHSA-2024:0423 vendor-advisory x_refsource_REDHAT
RHSA-2024:0580 vendor-advisory x_refsource_REDHAT
RHSA-2024:4101 vendor-advisory x_refsource_REDHAT
RHSA-2023:6667 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2023:7139 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2024:0423 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2024:0580 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2024:4101 vendor-advisory x_refsource_REDHAT x_transferred
https://access.redhat.com/security/cve/CVE-2023-34966 x_transferred x_refsource_REDHAT vdb-entry
RHBZ#2222793 issue-tracking x_refsource_REDHAT x_transferred
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproj… x_transferred
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproj… x_transferred
https://security.netapp.com/advisory/ntap-20230731-0010/ x_transferred
https://www.debian.org/security/2023/dsa-5477 x_transferred
https://www.samba.org/samba/security/CVE-2023-34966 x_transferred
RHSA-2023:6667 vendor-advisory x_refsource_REDHAT
RHSA-2023:7139 vendor-advisory x_refsource_REDHAT
RHSA-2024:0423 vendor-advisory x_refsource_REDHAT
RHSA-2024:0580 vendor-advisory x_refsource_REDHAT
RHSA-2024:4101 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2023-34966 x_refsource_REDHAT vdb-entry
RHBZ#2222793 issue-tracking x_refsource_REDHAT
https://www.samba.org/samba/security/CVE-2023-34966
RHSA-2023:6667 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2023:7139 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2024:0423 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2024:0580 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2024:4101 vendor-advisory x_refsource_REDHAT x_transferred
https://access.redhat.com/security/cve/CVE-2023-34966 x_transferred x_refsource_REDHAT vdb-entry
RHBZ#2222793 issue-tracking x_refsource_REDHAT x_transferred
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproj… x_transferred
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproj… x_transferred
https://security.netapp.com/advisory/ntap-20230731-0010/ x_transferred
https://www.debian.org/security/2023/dsa-5477 x_transferred
https://www.samba.org/samba/security/CVE-2023-34966 x_transferred

Affected products

samba

==4.17.10
==4.16.11
*
==4.18.5

samba4

Matching in nixpkgs

pkgs.samba4

Standard Windows interoperability suite of programs for Linux and Unix

nixos-unstable -
- nixpkgs-unstable 4.22.3

pkgs.sambamba

SAM/BAM processing tool

nixos-unstable -
- nixpkgs-unstable 1.0.1

pkgs.sambaFull

Standard Windows interoperability suite of programs for Linux and Unix

nixos-unstable -
- nixpkgs-unstable 4.22.3

pkgs.samba4Full

Standard Windows interoperability suite of programs for Linux and Unix

nixos-unstable -
- nixpkgs-unstable 4.22.3

Package maintainers

@aneeshusa Aneesh Agrawal <aneeshusa@gmail.com>
@jbedo Justin Bedő <cu@cua0.org>

Untriaged

Permalink CVE-2023-5568

5.9 MEDIUM

CVSS version: 3.1
Attack vector (AV): NETWORK
Attack complexity (AC): HIGH
Privileges required (PR): LOW
User interaction (UI): NONE
Scope (S): UNCHANGED
Confidentiality impact (C): NONE
Integrity impact (I): LOW
Availability impact (A): HIGH

created 6 months, 1 week ago

Heap buffer overflow with freshness tokens in the heimdal kdc

A heap-based Buffer Overflow flaw was discovered in Samba. It could allow a remote, authenticated attacker to exploit this vulnerability to cause a denial of service.

References

https://www.samba.org/samba/history/samba-4.19.2.html
https://access.redhat.com/security/cve/CVE-2023-5568 x_refsource_REDHAT vdb-entry
RHBZ#2245174 issue-tracking x_refsource_REDHAT
https://bugzilla.samba.org/show_bug.cgi?id=15491
https://security.netapp.com/advisory/ntap-20231124-0007/
https://bugzilla.samba.org/show_bug.cgi?id=15491
https://security.netapp.com/advisory/ntap-20231124-0007/
https://www.samba.org/samba/history/samba-4.19.2.html
https://access.redhat.com/security/cve/CVE-2023-5568 x_refsource_REDHAT vdb-entry
RHBZ#2245174 issue-tracking x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2023-5568 x_transferred x_refsource_REDHAT vdb-entry
RHBZ#2245174 issue-tracking x_refsource_REDHAT x_transferred
https://bugzilla.samba.org/show_bug.cgi?id=15491 x_transferred
https://security.netapp.com/advisory/ntap-20231124-0007/ x_transferred
https://www.samba.org/samba/history/samba-4.19.2.html x_transferred
https://access.redhat.com/security/cve/CVE-2023-5568 x_refsource_REDHAT vdb-entry
RHBZ#2245174 issue-tracking x_refsource_REDHAT
https://bugzilla.samba.org/show_bug.cgi?id=15491
https://security.netapp.com/advisory/ntap-20231124-0007/
https://www.samba.org/samba/history/samba-4.19.2.html
https://access.redhat.com/security/cve/CVE-2023-5568 x_transferred x_refsource_REDHAT vdb-entry
RHBZ#2245174 issue-tracking x_refsource_REDHAT x_transferred
https://bugzilla.samba.org/show_bug.cgi?id=15491 x_transferred
https://security.netapp.com/advisory/ntap-20231124-0007/ x_transferred
https://www.samba.org/samba/history/samba-4.19.2.html x_transferred
https://access.redhat.com/security/cve/CVE-2023-5568 x_refsource_REDHAT vdb-entry
RHBZ#2245174 issue-tracking x_refsource_REDHAT
https://bugzilla.samba.org/show_bug.cgi?id=15491
https://www.samba.org/samba/history/samba-4.19.2.html
https://access.redhat.com/security/cve/CVE-2023-5568 x_transferred x_refsource_REDHAT vdb-entry
RHBZ#2245174 issue-tracking x_refsource_REDHAT x_transferred
https://bugzilla.samba.org/show_bug.cgi?id=15491 x_transferred
https://security.netapp.com/advisory/ntap-20231124-0007/ x_transferred
https://www.samba.org/samba/history/samba-4.19.2.html x_transferred
https://access.redhat.com/security/cve/CVE-2023-5568 x_refsource_REDHAT vdb-entry
RHBZ#2245174 issue-tracking x_refsource_REDHAT
https://bugzilla.samba.org/show_bug.cgi?id=15491
https://www.samba.org/samba/history/samba-4.19.2.html
https://access.redhat.com/security/cve/CVE-2023-5568 x_transferred x_refsource_REDHAT vdb-entry
RHBZ#2245174 issue-tracking x_refsource_REDHAT x_transferred
https://bugzilla.samba.org/show_bug.cgi?id=15491 x_transferred
https://security.netapp.com/advisory/ntap-20231124-0007/ x_transferred
https://www.samba.org/samba/history/samba-4.19.2.html x_transferred
https://access.redhat.com/security/cve/CVE-2023-5568 x_refsource_REDHAT vdb-entry
RHBZ#2245174 issue-tracking x_refsource_REDHAT
https://bugzilla.samba.org/show_bug.cgi?id=15491
https://www.samba.org/samba/history/samba-4.19.2.html
https://access.redhat.com/security/cve/CVE-2023-5568 x_transferred x_refsource_REDHAT vdb-entry
RHBZ#2245174 issue-tracking x_refsource_REDHAT x_transferred
https://bugzilla.samba.org/show_bug.cgi?id=15491 x_transferred
https://security.netapp.com/advisory/ntap-20231124-0007/ x_transferred
https://www.samba.org/samba/history/samba-4.19.2.html x_transferred

Affected products

samba

==4.19.2

Matching in nixpkgs

pkgs.samba4

Standard Windows interoperability suite of programs for Linux and Unix

nixos-unstable -
- nixpkgs-unstable 4.22.3

pkgs.sambamba

SAM/BAM processing tool

nixos-unstable -
- nixpkgs-unstable 1.0.1

pkgs.sambaFull

Standard Windows interoperability suite of programs for Linux and Unix

nixos-unstable -
- nixpkgs-unstable 4.22.3

pkgs.samba4Full

Standard Windows interoperability suite of programs for Linux and Unix

nixos-unstable -
- nixpkgs-unstable 4.22.3

Package maintainers

@aneeshusa Aneesh Agrawal <aneeshusa@gmail.com>
@jbedo Justin Bedő <cu@cua0.org>

Untriaged

Permalink CVE-2023-4091

6.5 MEDIUM

CVSS version: 3.1
Attack vector (AV): NETWORK
Attack complexity (AC): LOW
Privileges required (PR): LOW
User interaction (UI): NONE
Scope (S): UNCHANGED
Confidentiality impact (C): NONE
Integrity impact (I): HIGH
Availability impact (A): NONE

created 6 months, 1 week ago

Samba: smb clients can truncate files with read-only permissions

A vulnerability was discovered in Samba, where the flaw allows SMB clients to truncate files, even with read-only permissions when the Samba VFS module "acl_xattr" is configured with "acl_xattr:ignore system acls = yes". The SMB protocol allows opening files when the client requests read-only access but then implicitly truncates the opened file to 0 bytes if the client specifies a separate OVERWRITE create disposition request. The issue arises in configurations that bypass kernel file system permissions checks, relying solely on Samba's permissions.

References

RHSA-2023:7464 vendor-advisory x_refsource_REDHAT
RHSA-2023:7467 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2023-4091 x_refsource_REDHAT vdb-entry
RHBZ#2241882 issue-tracking x_refsource_REDHAT
https://bugzilla.samba.org/show_bug.cgi?id=15439
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproj…
https://security.netapp.com/advisory/ntap-20231124-0002/
https://www.samba.org/samba/security/CVE-2023-4091.html
RHSA-2023:6209 vendor-advisory x_refsource_REDHAT
RHSA-2023:6744 vendor-advisory x_refsource_REDHAT
RHSA-2023:7371 vendor-advisory x_refsource_REDHAT
RHSA-2023:7408 vendor-advisory x_refsource_REDHAT
RHSA-2023:6209 vendor-advisory x_refsource_REDHAT
RHSA-2023:6744 vendor-advisory x_refsource_REDHAT
RHSA-2023:7371 vendor-advisory x_refsource_REDHAT
RHSA-2023:7408 vendor-advisory x_refsource_REDHAT
RHSA-2023:7464 vendor-advisory x_refsource_REDHAT
RHSA-2023:7467 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2023-4091 x_refsource_REDHAT vdb-entry
RHBZ#2241882 issue-tracking x_refsource_REDHAT
https://bugzilla.samba.org/show_bug.cgi?id=15439
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproj…
https://www.samba.org/samba/security/CVE-2023-4091.html
https://security.netapp.com/advisory/ntap-20231124-0002/
https://lists.debian.org/debian-lts-announce/2024/04/msg00015.html
RHSA-2023:6209 vendor-advisory x_refsource_REDHAT
RHSA-2023:6744 vendor-advisory x_refsource_REDHAT
RHSA-2023:7371 vendor-advisory x_refsource_REDHAT
RHSA-2023:7408 vendor-advisory x_refsource_REDHAT
RHSA-2023:7464 vendor-advisory x_refsource_REDHAT
RHSA-2023:7467 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2023-4091 x_refsource_REDHAT vdb-entry
RHBZ#2241882 issue-tracking x_refsource_REDHAT
https://bugzilla.samba.org/show_bug.cgi?id=15439
https://lists.debian.org/debian-lts-announce/2024/04/msg00015.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproj…
https://security.netapp.com/advisory/ntap-20231124-0002/
https://www.samba.org/samba/security/CVE-2023-4091.html
RHSA-2023:6209 vendor-advisory x_refsource_REDHAT
RHSA-2023:6744 vendor-advisory x_refsource_REDHAT
RHSA-2023:7371 vendor-advisory x_refsource_REDHAT
RHSA-2023:7408 vendor-advisory x_refsource_REDHAT
RHSA-2023:7464 vendor-advisory x_refsource_REDHAT
RHSA-2023:7467 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2023-4091 x_refsource_REDHAT vdb-entry
RHBZ#2241882 issue-tracking x_refsource_REDHAT
https://bugzilla.samba.org/show_bug.cgi?id=15439
https://lists.debian.org/debian-lts-announce/2024/04/msg00015.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproj…
https://security.netapp.com/advisory/ntap-20231124-0002/
https://www.samba.org/samba/security/CVE-2023-4091.html
RHSA-2023:6209 vendor-advisory x_refsource_REDHAT
RHSA-2023:6744 vendor-advisory x_refsource_REDHAT
RHSA-2023:7371 vendor-advisory x_refsource_REDHAT
RHSA-2023:7408 vendor-advisory x_refsource_REDHAT
RHSA-2023:7464 vendor-advisory x_refsource_REDHAT
RHSA-2023:7467 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2023-4091 x_refsource_REDHAT vdb-entry
RHBZ#2241882 issue-tracking x_refsource_REDHAT
https://bugzilla.samba.org/show_bug.cgi?id=15439
https://lists.debian.org/debian-lts-announce/2024/04/msg00015.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproj…
https://security.netapp.com/advisory/ntap-20231124-0002/
https://www.samba.org/samba/security/CVE-2023-4091.html
https://lists.debian.org/debian-lts-announce/2024/04/msg00015.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproj…
https://security.netapp.com/advisory/ntap-20231124-0002/
https://www.samba.org/samba/security/CVE-2023-4091.html
RHSA-2023:6209 vendor-advisory x_refsource_REDHAT
RHSA-2023:6744 vendor-advisory x_refsource_REDHAT
RHSA-2023:7371 vendor-advisory x_refsource_REDHAT
RHSA-2023:7408 vendor-advisory x_refsource_REDHAT
RHSA-2023:7464 vendor-advisory x_refsource_REDHAT
RHSA-2023:7467 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2023-4091 x_refsource_REDHAT vdb-entry
RHBZ#2241882 issue-tracking x_refsource_REDHAT
https://bugzilla.samba.org/show_bug.cgi?id=15439
RHSA-2023:6209 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2023:6744 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2023:7371 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2023:7408 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2023:7464 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2023:7467 vendor-advisory x_refsource_REDHAT x_transferred
https://access.redhat.com/security/cve/CVE-2023-4091 x_transferred x_refsource_REDHAT vdb-entry
RHBZ#2241882 issue-tracking x_refsource_REDHAT x_transferred
https://bugzilla.samba.org/show_bug.cgi?id=15439 x_transferred
https://lists.debian.org/debian-lts-announce/2024/04/msg00015.html x_transferred
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproj… x_transferred
https://security.netapp.com/advisory/ntap-20231124-0002/ x_transferred
https://www.samba.org/samba/security/CVE-2023-4091.html x_transferred
RHSA-2023:7467 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2023-4091 x_refsource_REDHAT vdb-entry
RHBZ#2241882 issue-tracking x_refsource_REDHAT
https://bugzilla.samba.org/show_bug.cgi?id=15439
https://lists.debian.org/debian-lts-announce/2024/04/msg00015.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproj…
https://security.netapp.com/advisory/ntap-20231124-0002/
https://www.samba.org/samba/security/CVE-2023-4091.html
RHSA-2023:6209 vendor-advisory x_refsource_REDHAT
RHSA-2023:6744 vendor-advisory x_refsource_REDHAT
RHSA-2023:7371 vendor-advisory x_refsource_REDHAT
RHSA-2023:7408 vendor-advisory x_refsource_REDHAT
RHSA-2023:7464 vendor-advisory x_refsource_REDHAT
RHSA-2023:6209 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2023:6744 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2023:7371 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2023:7408 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2023:7464 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2023:7467 vendor-advisory x_refsource_REDHAT x_transferred
https://access.redhat.com/security/cve/CVE-2023-4091 x_transferred x_refsource_REDHAT vdb-entry
RHBZ#2241882 issue-tracking x_refsource_REDHAT x_transferred
https://bugzilla.samba.org/show_bug.cgi?id=15439 x_transferred
https://lists.debian.org/debian-lts-announce/2024/04/msg00015.html x_transferred
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproj… x_transferred
https://security.netapp.com/advisory/ntap-20231124-0002/ x_transferred
https://www.samba.org/samba/security/CVE-2023-4091.html x_transferred
RHSA-2023:6209 vendor-advisory x_refsource_REDHAT
RHSA-2023:6744 vendor-advisory x_refsource_REDHAT
RHSA-2023:7371 vendor-advisory x_refsource_REDHAT
RHSA-2023:7408 vendor-advisory x_refsource_REDHAT
RHSA-2023:7464 vendor-advisory x_refsource_REDHAT
RHSA-2023:7467 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2023-4091 x_refsource_REDHAT vdb-entry
RHBZ#2241882 issue-tracking x_refsource_REDHAT
https://bugzilla.samba.org/show_bug.cgi?id=15439
https://lists.debian.org/debian-lts-announce/2024/04/msg00015.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproj…
https://security.netapp.com/advisory/ntap-20231124-0002/
https://www.samba.org/samba/security/CVE-2023-4091.html
RHSA-2023:7467 vendor-advisory x_refsource_REDHAT x_transferred
https://access.redhat.com/security/cve/CVE-2023-4091 x_transferred x_refsource_REDHAT vdb-entry
RHBZ#2241882 issue-tracking x_refsource_REDHAT x_transferred
https://bugzilla.samba.org/show_bug.cgi?id=15439 x_transferred
https://lists.debian.org/debian-lts-announce/2024/04/msg00015.html x_transferred
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproj… x_transferred
https://security.netapp.com/advisory/ntap-20231124-0002/ x_transferred
https://www.samba.org/samba/security/CVE-2023-4091.html x_transferred
RHSA-2023:6209 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2023:6744 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2023:7371 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2023:7408 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2023:7464 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2023:6209 vendor-advisory x_refsource_REDHAT
RHSA-2023:6744 vendor-advisory x_refsource_REDHAT
RHSA-2023:7371 vendor-advisory x_refsource_REDHAT
RHSA-2023:7408 vendor-advisory x_refsource_REDHAT
RHSA-2023:7464 vendor-advisory x_refsource_REDHAT
RHSA-2023:7467 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2023-4091 x_refsource_REDHAT vdb-entry
RHBZ#2241882 issue-tracking x_refsource_REDHAT
https://bugzilla.samba.org/show_bug.cgi?id=15439
https://www.samba.org/samba/security/CVE-2023-4091.html
https://lists.debian.org/debian-lts-announce/2024/04/msg00015.html x_transferred
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproj… x_transferred
https://security.netapp.com/advisory/ntap-20231124-0002/ x_transferred
https://www.samba.org/samba/security/CVE-2023-4091.html x_transferred
RHSA-2023:6209 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2023:6744 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2023:7371 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2023:7408 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2023:7464 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2023:7467 vendor-advisory x_refsource_REDHAT x_transferred
https://access.redhat.com/security/cve/CVE-2023-4091 x_transferred x_refsource_REDHAT vdb-entry
RHBZ#2241882 issue-tracking x_refsource_REDHAT x_transferred
https://bugzilla.samba.org/show_bug.cgi?id=15439 x_transferred
RHBZ#2241882 issue-tracking x_refsource_REDHAT
https://bugzilla.samba.org/show_bug.cgi?id=15439
https://www.samba.org/samba/security/CVE-2023-4091.html
RHSA-2023:6209 vendor-advisory x_refsource_REDHAT
RHSA-2023:6744 vendor-advisory x_refsource_REDHAT
RHSA-2023:7371 vendor-advisory x_refsource_REDHAT
RHSA-2023:7408 vendor-advisory x_refsource_REDHAT
RHSA-2023:7464 vendor-advisory x_refsource_REDHAT
RHSA-2023:7467 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2023-4091 x_refsource_REDHAT vdb-entry
RHSA-2023:6209 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2023:6744 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2023:7371 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2023:7408 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2023:7464 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2023:7467 vendor-advisory x_refsource_REDHAT x_transferred
https://access.redhat.com/security/cve/CVE-2023-4091 x_transferred x_refsource_REDHAT vdb-entry
RHBZ#2241882 issue-tracking x_refsource_REDHAT x_transferred
https://bugzilla.samba.org/show_bug.cgi?id=15439 x_transferred
https://lists.debian.org/debian-lts-announce/2024/04/msg00015.html x_transferred
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproj… x_transferred
https://security.netapp.com/advisory/ntap-20231124-0002/ x_transferred
https://www.samba.org/samba/security/CVE-2023-4091.html x_transferred
RHSA-2023:6209 vendor-advisory x_refsource_REDHAT
RHSA-2023:6744 vendor-advisory x_refsource_REDHAT
RHSA-2023:7371 vendor-advisory x_refsource_REDHAT
RHSA-2023:7408 vendor-advisory x_refsource_REDHAT
RHSA-2023:7464 vendor-advisory x_refsource_REDHAT
RHSA-2023:7467 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2023-4091 x_refsource_REDHAT vdb-entry
RHBZ#2241882 issue-tracking x_refsource_REDHAT
https://bugzilla.samba.org/show_bug.cgi?id=15439
https://www.samba.org/samba/security/CVE-2023-4091.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproj… x_transferred
https://security.netapp.com/advisory/ntap-20231124-0002/ x_transferred
https://www.samba.org/samba/security/CVE-2023-4091.html x_transferred
RHSA-2023:6209 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2023:6744 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2023:7371 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2023:7408 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2023:7464 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2023:7467 vendor-advisory x_refsource_REDHAT x_transferred
https://access.redhat.com/security/cve/CVE-2023-4091 x_transferred x_refsource_REDHAT vdb-entry
RHBZ#2241882 issue-tracking x_refsource_REDHAT x_transferred
https://bugzilla.samba.org/show_bug.cgi?id=15439 x_transferred
https://lists.debian.org/debian-lts-announce/2024/04/msg00015.html x_transferred
https://bugzilla.samba.org/show_bug.cgi?id=15439
https://www.samba.org/samba/security/CVE-2023-4091.html
RHSA-2023:6209 vendor-advisory x_refsource_REDHAT
RHSA-2023:6744 vendor-advisory x_refsource_REDHAT
RHSA-2023:7371 vendor-advisory x_refsource_REDHAT
RHSA-2023:7408 vendor-advisory x_refsource_REDHAT
RHSA-2023:7464 vendor-advisory x_refsource_REDHAT
RHSA-2023:7467 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2023-4091 x_refsource_REDHAT vdb-entry
RHBZ#2241882 issue-tracking x_refsource_REDHAT
RHSA-2023:6209 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2023:6744 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2023:7371 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2023:7408 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2023:7464 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2023:7467 vendor-advisory x_refsource_REDHAT x_transferred
https://access.redhat.com/security/cve/CVE-2023-4091 x_transferred x_refsource_REDHAT vdb-entry
RHBZ#2241882 issue-tracking x_refsource_REDHAT x_transferred
https://bugzilla.samba.org/show_bug.cgi?id=15439 x_transferred
https://lists.debian.org/debian-lts-announce/2024/04/msg00015.html x_transferred
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproj… x_transferred
https://security.netapp.com/advisory/ntap-20231124-0002/ x_transferred
https://www.samba.org/samba/security/CVE-2023-4091.html x_transferred

Affected products

samba

*
==4.18.8
==4.17.12
==4.19.1

samba4

Matching in nixpkgs

pkgs.samba4

Standard Windows interoperability suite of programs for Linux and Unix

nixos-unstable -
- nixpkgs-unstable 4.22.3

pkgs.sambamba

SAM/BAM processing tool

nixos-unstable -
- nixpkgs-unstable 1.0.1

pkgs.sambaFull

Standard Windows interoperability suite of programs for Linux and Unix

nixos-unstable -
- nixpkgs-unstable 4.22.3

pkgs.samba4Full

Standard Windows interoperability suite of programs for Linux and Unix

nixos-unstable -
- nixpkgs-unstable 4.22.3

Package maintainers

@aneeshusa Aneesh Agrawal <aneeshusa@gmail.com>
@jbedo Justin Bedő <cu@cua0.org>

Untriaged

Permalink CVE-2023-4154

7.5 HIGH

CVSS version: 3.1
Attack vector (AV): NETWORK
Attack complexity (AC): HIGH
Privileges required (PR): LOW
User interaction (UI): NONE
Scope (S): UNCHANGED
Confidentiality impact (C): HIGH
Integrity impact (I): HIGH
Availability impact (A): HIGH

created 6 months, 1 week ago

Samba: ad dc password exposure to privileged users and rodcs

A design flaw was found in Samba's DirSync control implementation, which exposes passwords and secrets in Active Directory to privileged users and Read-Only Domain Controllers (RODCs). This flaw allows RODCs and users possessing the GET_CHANGES right to access all attributes, including sensitive secrets and passwords. Even in a default setup, RODC DC accounts, which should only replicate some passwords, can gain access to all domain secrets, including the vital krbtgt, effectively eliminating the RODC / DC distinction. Furthermore, the vulnerability fails to account for error conditions (fail open), like out-of-memory situations, potentially granting access to secret attributes, even under low-privileged attacker influence.

References

https://bugzilla.samba.org/show_bug.cgi?id=15424
https://security.netapp.com/advisory/ntap-20231124-0002/
https://www.samba.org/samba/security/CVE-2023-4154.html
https://access.redhat.com/security/cve/CVE-2023-4154 x_refsource_REDHAT vdb-entry
RHBZ#2241883 issue-tracking x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2023-4154 x_refsource_REDHAT vdb-entry
RHBZ#2241883 issue-tracking x_refsource_REDHAT
https://bugzilla.samba.org/show_bug.cgi?id=15424
https://security.netapp.com/advisory/ntap-20231124-0002/
https://www.samba.org/samba/security/CVE-2023-4154.html
https://access.redhat.com/security/cve/CVE-2023-4154 x_transferred x_refsource_REDHAT vdb-entry
RHBZ#2241883 issue-tracking x_refsource_REDHAT x_transferred
https://bugzilla.samba.org/show_bug.cgi?id=15424 x_transferred
https://security.netapp.com/advisory/ntap-20231124-0002/ x_transferred
https://www.samba.org/samba/security/CVE-2023-4154.html x_transferred

Affected products

samba

==4.18.8
==4.17.12
==4.19.1

samba4

Matching in nixpkgs

pkgs.samba4

Standard Windows interoperability suite of programs for Linux and Unix

nixos-unstable -
- nixpkgs-unstable 4.22.3

pkgs.sambamba

SAM/BAM processing tool

nixos-unstable -
- nixpkgs-unstable 1.0.1

pkgs.sambaFull

Standard Windows interoperability suite of programs for Linux and Unix

nixos-unstable -
- nixpkgs-unstable 4.22.3

pkgs.samba4Full

Standard Windows interoperability suite of programs for Linux and Unix

nixos-unstable -
- nixpkgs-unstable 4.22.3

Package maintainers

@aneeshusa Aneesh Agrawal <aneeshusa@gmail.com>
@jbedo Justin Bedő <cu@cua0.org>

Untriaged

Permalink CVE-2023-42670

6.5 MEDIUM

CVSS version: 3.1
Attack vector (AV): NETWORK
Attack complexity (AC): LOW
Privileges required (PR): LOW
User interaction (UI): NONE
Scope (S): UNCHANGED
Confidentiality impact (C): NONE
Integrity impact (I): NONE
Availability impact (A): HIGH

created 6 months, 1 week ago

Ad dc busy rpc multiple listener dos

A flaw was found in Samba. It is susceptible to a vulnerability where multiple incompatible RPC listeners can be initiated, causing disruptions in the AD DC service. When Samba's RPC server experiences a high load or unresponsiveness, servers intended for non-AD DC purposes (for example, NT4-emulation "classic DCs") can erroneously start and compete for the same unix domain sockets. This issue leads to partial query responses from the AD DC, causing issues such as "The procedure number is out of range" when using tools like Active Directory Users. This flaw allows an attacker to disrupt AD DC services.

References

https://access.redhat.com/security/cve/CVE-2023-42670 x_refsource_REDHAT vdb-entry
RHBZ#2241885 issue-tracking x_refsource_REDHAT
https://bugzilla.samba.org/show_bug.cgi?id=15473
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproj…
https://security.netapp.com/advisory/ntap-20231124-0002/
https://www.samba.org/samba/security/CVE-2023-42670.html
https://access.redhat.com/security/cve/CVE-2023-42670 x_refsource_REDHAT vdb-entry
RHBZ#2241885 issue-tracking x_refsource_REDHAT
https://bugzilla.samba.org/show_bug.cgi?id=15473
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproj…
https://security.netapp.com/advisory/ntap-20231124-0002/
https://www.samba.org/samba/security/CVE-2023-42670.html
https://access.redhat.com/security/cve/CVE-2023-42670 x_transferred x_refsource_REDHAT vdb-entry
RHBZ#2241885 issue-tracking x_refsource_REDHAT x_transferred
https://bugzilla.samba.org/show_bug.cgi?id=15473 x_transferred
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproj… x_transferred
https://security.netapp.com/advisory/ntap-20231124-0002/ x_transferred
https://www.samba.org/samba/security/CVE-2023-42670.html x_transferred
https://bugzilla.samba.org/show_bug.cgi?id=15473
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproj…
https://security.netapp.com/advisory/ntap-20231124-0002/
https://www.samba.org/samba/security/CVE-2023-42670.html
https://access.redhat.com/security/cve/CVE-2023-42670 x_refsource_REDHAT vdb-entry
RHBZ#2241885 issue-tracking x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2023-42670 x_transferred x_refsource_REDHAT vdb-entry
RHBZ#2241885 issue-tracking x_refsource_REDHAT x_transferred
https://bugzilla.samba.org/show_bug.cgi?id=15473 x_transferred
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproj… x_transferred
https://security.netapp.com/advisory/ntap-20231124-0002/ x_transferred
https://www.samba.org/samba/security/CVE-2023-42670.html x_transferred
https://www.samba.org/samba/security/CVE-2023-42670.html
https://access.redhat.com/security/cve/CVE-2023-42670 x_refsource_REDHAT vdb-entry
RHBZ#2241885 issue-tracking x_refsource_REDHAT
https://bugzilla.samba.org/show_bug.cgi?id=15473
https://access.redhat.com/security/cve/CVE-2023-42670 x_transferred x_refsource_REDHAT vdb-entry
RHBZ#2241885 issue-tracking x_refsource_REDHAT x_transferred
https://bugzilla.samba.org/show_bug.cgi?id=15473 x_transferred
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproj… x_transferred
https://security.netapp.com/advisory/ntap-20231124-0002/ x_transferred
https://www.samba.org/samba/security/CVE-2023-42670.html x_transferred
https://bugzilla.samba.org/show_bug.cgi?id=15473
https://www.samba.org/samba/security/CVE-2023-42670.html
https://access.redhat.com/security/cve/CVE-2023-42670 x_refsource_REDHAT vdb-entry
RHBZ#2241885 issue-tracking x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2023-42670 x_transferred x_refsource_REDHAT vdb-entry
RHBZ#2241885 issue-tracking x_refsource_REDHAT x_transferred
https://bugzilla.samba.org/show_bug.cgi?id=15473 x_transferred
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproj… x_transferred
https://security.netapp.com/advisory/ntap-20231124-0002/ x_transferred
https://www.samba.org/samba/security/CVE-2023-42670.html x_transferred
RHBZ#2241885 issue-tracking x_refsource_REDHAT
https://bugzilla.samba.org/show_bug.cgi?id=15473
https://www.samba.org/samba/security/CVE-2023-42670.html
https://access.redhat.com/security/cve/CVE-2023-42670 x_refsource_REDHAT vdb-entry
https://access.redhat.com/security/cve/CVE-2023-42670 x_transferred x_refsource_REDHAT vdb-entry
RHBZ#2241885 issue-tracking x_refsource_REDHAT x_transferred
https://bugzilla.samba.org/show_bug.cgi?id=15473 x_transferred
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproj… x_transferred
https://security.netapp.com/advisory/ntap-20231124-0002/ x_transferred
https://www.samba.org/samba/security/CVE-2023-42670.html x_transferred
https://access.redhat.com/security/cve/CVE-2023-42670 x_refsource_REDHAT vdb-entry
RHBZ#2241885 issue-tracking x_refsource_REDHAT
https://bugzilla.samba.org/show_bug.cgi?id=15473
https://www.samba.org/samba/security/CVE-2023-42670.html
https://access.redhat.com/security/cve/CVE-2023-42670 x_transferred x_refsource_REDHAT vdb-entry
RHBZ#2241885 issue-tracking x_refsource_REDHAT x_transferred
https://bugzilla.samba.org/show_bug.cgi?id=15473 x_transferred
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproj… x_transferred
https://security.netapp.com/advisory/ntap-20231124-0002/ x_transferred
https://www.samba.org/samba/security/CVE-2023-42670.html x_transferred

Affected products

samba

==4.18.8
==4.17.12
<4.17.12
<4.18.8
==4.19.0
==4.19.1

samba4

Matching in nixpkgs

pkgs.samba4

Standard Windows interoperability suite of programs for Linux and Unix

nixos-unstable -
- nixpkgs-unstable 4.22.3

pkgs.sambamba

SAM/BAM processing tool

nixos-unstable -
- nixpkgs-unstable 1.0.1

pkgs.sambaFull

Standard Windows interoperability suite of programs for Linux and Unix

nixos-unstable -
- nixpkgs-unstable 4.22.3

pkgs.samba4Full

Standard Windows interoperability suite of programs for Linux and Unix

nixos-unstable -
- nixpkgs-unstable 4.22.3

Package maintainers

@aneeshusa Aneesh Agrawal <aneeshusa@gmail.com>
@jbedo Justin Bedő <cu@cua0.org>

Untriaged

Permalink CVE-2023-3961

9.1 CRITICAL

CVSS version: 3.1
Attack vector (AV): NETWORK
Attack complexity (AC): LOW
Privileges required (PR): NONE
User interaction (UI): NONE
Scope (S): UNCHANGED
Confidentiality impact (C): NONE
Integrity impact (I): HIGH
Availability impact (A): HIGH

created 6 months, 1 week ago

Samba: smbd allows client access to unix domain sockets on the file system as root

A path traversal vulnerability was identified in Samba when processing client pipe names connecting to Unix domain sockets within a private directory. Samba typically uses this mechanism to connect SMB clients to remote procedure call (RPC) services like SAMR LSA or SPOOLSS, which Samba initiates on demand. However, due to inadequate sanitization of incoming client pipe names, allowing a client to send a pipe name containing Unix directory traversal characters (../). This could result in SMB clients connecting as root to Unix domain sockets outside the private directory. If an attacker or client managed to send a pipe name resolving to an external service using an existing Unix domain socket, it could potentially lead to unauthorized access to the service and consequential adverse events, including compromise or service crashes.