samba: Flaws in Kerberos PAC validation can trigger privilege elevation

🗓️ 23 Mar 2017 05:18:26Reported by RedHatType

redhat

redhat🔗 access.redhat.com👁 4 Views

Flaw in Samba Kerberos PAC checksum validation allows authenticated attackers to crash winbindd.

Reporter	Title	Published	Views	Family All 144
ALT Linux	Security fix for the ALT Linux 8 package samba version 4.5.3-alt1	19 Dec 201600:00	–	altlinux
ALT Linux	Security fix for the ALT Linux 7 package samba-DC version 4.5.3-alt1.M70P.1	19 Dec 201600:00	–	altlinux
ALT Linux	Security fix for the ALT Linux 7 package samba version 4.5.3-alt1.M70P.1	19 Dec 201600:00	–	altlinux
ALT Linux	Security fix for the ALT Linux 10 package samba version 4.5.3-alt1.S1	19 Dec 201600:00	–	altlinux
ALT Linux	Security fix for the ALT Linux 8 package samba-DC version 4.5.3-alt1	19 Dec 201600:00	–	altlinux
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in Open Source OpenSSL and Samba affects IBM Netezza Host Management	18 Oct 201903:10	–	ibm
IBM Security Bulletins	Security Bulletin: Samba vulnerability issue on IBM Storwize V7000 Unified (CVE-2016-2125, CVE-2016-2126)	18 Jun 201800:32	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple security vulnerabilities affect IBM WebSphere Application Server in Bluemix	15 Jun 201807:07	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in Open Source NTP and ISC BIND affect IBM Netezza Host Management	18 Oct 201903:10	–	ibm
IBM Security Bulletins	Security Bulletin: Samba vulnerability issue on IBM SONAS (CVE-2016-2125, CVE-2016-2126 )	18 Jun 201800:32	–	ibm

OS	OS Version	Architecture	Package	Package Version	Filename
Red Hat Enterprise Linux	7	x86_64	ctdb	0:4.4.6-4.el7rhgs	ctdb-0:4.4.6-4.el7rhgs.x86_64.rpm
Red Hat Enterprise Linux	7	x86_64	ctdb-tests	0:4.4.6-4.el7rhgs	ctdb-tests-0:4.4.6-4.el7rhgs.x86_64.rpm
Red Hat Enterprise Linux	7	x86_64	libsmbclient	0:4.4.6-4.el7rhgs	libsmbclient-0:4.4.6-4.el7rhgs.x86_64.rpm
Red Hat Enterprise Linux	7	x86_64	libsmbclient-devel	0:4.4.6-4.el7rhgs	libsmbclient-devel-0:4.4.6-4.el7rhgs.x86_64.rpm
Red Hat Enterprise Linux	7	x86_64	libwbclient	0:4.4.6-4.el7rhgs	libwbclient-0:4.4.6-4.el7rhgs.x86_64.rpm
Red Hat Enterprise Linux	7	x86_64	libwbclient-devel	0:4.4.6-4.el7rhgs	libwbclient-devel-0:4.4.6-4.el7rhgs.x86_64.rpm
Red Hat Enterprise Linux	7	x86_64	samba	0:4.4.6-4.el7rhgs	samba-0:4.4.6-4.el7rhgs.x86_64.rpm
Red Hat Enterprise Linux	7	x86_64	samba-client	0:4.4.6-4.el7rhgs	samba-client-0:4.4.6-4.el7rhgs.x86_64.rpm
Red Hat Enterprise Linux	7	x86_64	samba-client-libs	0:4.4.6-4.el7rhgs	samba-client-libs-0:4.4.6-4.el7rhgs.x86_64.rpm
Red Hat Enterprise Linux	7	any	samba-common	0:4.4.6-4.el7rhgs.noarch	samba-common-0:4.4.6-4.el7rhgs.noarch.noarch.rpm

Source	Link
access	www.access.redhat.com/security/cve/CVE-2016-2126
bugzilla	www.bugzilla.redhat.com/show_bug.cgi
nvd	www.nvd.nist.gov/vuln/detail/CVE-2016-2126
cve	www.cve.org/CVERecord
samba	www.samba.org/samba/security/CVE-2016-2126.html

13 May 2026 01:52Current

7.1High risk

Vulners AI Score7.1

CVSS 24

CVSS 3.16.5

EPSS0.04506

Samba Kerberos Checksum validation Winbindd crash Privilege elevation