Lucene search

CentOS ProjectCESA-2021:2313

HistoryJun 14, 2021 - 6:37 p.m.

ctdb, libsmbclient, libwbclient, samba security update

2021-06-1418:37:00

CentOS Project

lists.centos.org

617

6.8 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N

4.9 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:S/C:P/I:P/A:N

0.004 Low

EPSS

Percentile

74.0%

JSON

CentOS Errata and Security Advisory CESA-2021:2313

Samba is an open-source implementation of the Server Message Block (SMB) protocol and the related Common Internet File System (CIFS) protocol, which allow PC-compatible machines to share files, printers, and various information.

Security Fix(es):

samba: Negative idmap cache entries can cause incorrect group entries in the Samba file server process token (CVE-2021-20254)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Bug Fix(es):

smb.service stops when samba rpms are updated (BZ#1930747)
samba printing dumps core (BZ#1937867)

Merged security bulletin from advisories:
https://lists.centos.org/pipermail/centos-announce/2021-June/086110.html

Affected packages:
ctdb
ctdb-tests
libsmbclient
libsmbclient-devel
libwbclient
libwbclient-devel
samba
samba-client
samba-client-libs
samba-common
samba-common-libs
samba-common-tools
samba-dc
samba-dc-libs
samba-devel
samba-krb5-printing
samba-libs
samba-pidl
samba-python
samba-python-test
samba-test
samba-test-libs
samba-vfs-glusterfs
samba-winbind
samba-winbind-clients
samba-winbind-krb5-locator
samba-winbind-modules

Upstream details at:
https://access.redhat.com/errata/RHSA-2021:2313

OSVersionArchitecturePackageVersionFilename
CentOS7x86_64ctdb< 4.10.16-15.el7_9ctdb-4.10.16-15.el7_9.x86_64.rpm
CentOS7x86_64ctdb-tests< 4.10.16-15.el7_9ctdb-tests-4.10.16-15.el7_9.x86_64.rpm
CentOS7i686libsmbclient< 4.10.16-15.el7_9libsmbclient-4.10.16-15.el7_9.i686.rpm
CentOS7x86_64libsmbclient< 4.10.16-15.el7_9libsmbclient-4.10.16-15.el7_9.x86_64.rpm
CentOS7i686libsmbclient-devel< 4.10.16-15.el7_9libsmbclient-devel-4.10.16-15.el7_9.i686.rpm
CentOS7x86_64libsmbclient-devel< 4.10.16-15.el7_9libsmbclient-devel-4.10.16-15.el7_9.x86_64.rpm
CentOS7i686libwbclient< 4.10.16-15.el7_9libwbclient-4.10.16-15.el7_9.i686.rpm
CentOS7x86_64libwbclient< 4.10.16-15.el7_9libwbclient-4.10.16-15.el7_9.x86_64.rpm
CentOS7i686libwbclient-devel< 4.10.16-15.el7_9libwbclient-devel-4.10.16-15.el7_9.i686.rpm
CentOS7x86_64libwbclient-devel< 4.10.16-15.el7_9libwbclient-devel-4.10.16-15.el7_9.x86_64.rpm

OS	Version	Architecture	Package	Version	Filename
CentOS	7	x86_64	ctdb	< 4.10.16-15.el7_9	ctdb-4.10.16-15.el7_9.x86_64.rpm
CentOS	7	x86_64	ctdb-tests	< 4.10.16-15.el7_9	ctdb-tests-4.10.16-15.el7_9.x86_64.rpm
CentOS	7	i686	libsmbclient	< 4.10.16-15.el7_9	libsmbclient-4.10.16-15.el7_9.i686.rpm
CentOS	7	x86_64	libsmbclient	< 4.10.16-15.el7_9	libsmbclient-4.10.16-15.el7_9.x86_64.rpm
CentOS	7	i686	libsmbclient-devel	< 4.10.16-15.el7_9	libsmbclient-devel-4.10.16-15.el7_9.i686.rpm
CentOS	7	x86_64	libsmbclient-devel	< 4.10.16-15.el7_9	libsmbclient-devel-4.10.16-15.el7_9.x86_64.rpm
CentOS	7	i686	libwbclient	< 4.10.16-15.el7_9	libwbclient-4.10.16-15.el7_9.i686.rpm
CentOS	7	x86_64	libwbclient	< 4.10.16-15.el7_9	libwbclient-4.10.16-15.el7_9.x86_64.rpm
CentOS	7	i686	libwbclient-devel	< 4.10.16-15.el7_9	libwbclient-devel-4.10.16-15.el7_9.i686.rpm
CentOS	7	x86_64	libwbclient-devel	< 4.10.16-15.el7_9	libwbclient-devel-4.10.16-15.el7_9.x86_64.rpm