(RHSA-2017:1950) Low: samba security, bug fix, and enhancement update

2017-08-0105:56:25

access.redhat.com

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:N/I:N/A:C

0.009 Low

EPSS

Percentile

82.1%

JSON

Samba is an open-source implementation of the Server Message Block (SMB) protocol and the related Common Internet File System (CIFS) protocol, which allow PC-compatible machines to share files, printers, and various information.

The following packages have been upgraded to a later upstream version: samba (4.6.2). (BZ#1391954)

Security Fix(es):

A flaw was found in the way Samba handled dangling symlinks. An authenticated malicious Samba client could use this flaw to cause the smbd daemon to enter an infinite loop and use an excessive amount of CPU and memory. (CVE-2017-9461)

Additional Changes:

For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.4 Release Notes linked from the References section.

OSVersionArchitecturePackageVersionFilename
RedHat7ppc64lelibsmbclient-devel< 4.6.2-8.el7libsmbclient-devel-4.6.2-8.el7.ppc64le.rpm
RedHat7s390xsamba-libs< 4.6.2-8.el7samba-libs-4.6.2-8.el7.s390x.rpm
RedHat7ppc64libwbclient< 4.6.2-8.el7libwbclient-4.6.2-8.el7.ppc64.rpm
RedHat7aarch64samba-libs< 4.6.2-8.el7samba-libs-4.6.2-8.el7.aarch64.rpm
RedHat7x86_64samba-python< 4.6.2-8.el7samba-python-4.6.2-8.el7.x86_64.rpm
RedHat7x86_64libsmbclient-devel< 4.6.2-8.el7libsmbclient-devel-4.6.2-8.el7.x86_64.rpm
RedHat7ppc64lesamba-debuginfo< 4.6.2-8.el7samba-debuginfo-4.6.2-8.el7.ppc64le.rpm
RedHat7ppc64samba-test< 4.6.2-8.el7samba-test-4.6.2-8.el7.ppc64.rpm
RedHat7s390libwbclient-devel< 4.6.2-8.el7libwbclient-devel-4.6.2-8.el7.s390.rpm
RedHat7x86_64samba-test-libs< 4.6.2-8.el7samba-test-libs-4.6.2-8.el7.x86_64.rpm

OS	Version	Architecture	Package	Version	Filename
RedHat	7	ppc64le	libsmbclient-devel	< 4.6.2-8.el7	libsmbclient-devel-4.6.2-8.el7.ppc64le.rpm
RedHat	7	s390x	samba-libs	< 4.6.2-8.el7	samba-libs-4.6.2-8.el7.s390x.rpm
RedHat	7	ppc64	libwbclient	< 4.6.2-8.el7	libwbclient-4.6.2-8.el7.ppc64.rpm
RedHat	7	aarch64	samba-libs	< 4.6.2-8.el7	samba-libs-4.6.2-8.el7.aarch64.rpm
RedHat	7	x86_64	samba-python	< 4.6.2-8.el7	samba-python-4.6.2-8.el7.x86_64.rpm
RedHat	7	x86_64	libsmbclient-devel	< 4.6.2-8.el7	libsmbclient-devel-4.6.2-8.el7.x86_64.rpm
RedHat	7	ppc64le	samba-debuginfo	< 4.6.2-8.el7	samba-debuginfo-4.6.2-8.el7.ppc64le.rpm
RedHat	7	ppc64	samba-test	< 4.6.2-8.el7	samba-test-4.6.2-8.el7.ppc64.rpm
RedHat	7	s390	libwbclient-devel	< 4.6.2-8.el7	libwbclient-devel-4.6.2-8.el7.s390.rpm
RedHat	7	x86_64	samba-test-libs	< 4.6.2-8.el7	samba-test-libs-4.6.2-8.el7.x86_64.rpm