Lucene search

RedHatRHSA-2023:6667

HistoryNov 07, 2023 - 6:11 a.m.

(RHSA-2023:6667) Moderate: samba security, bug fix, and enhancement update

2023-11-0706:11:31

access.redhat.com

samba

server message block

cifs

upstream version

security fix

cve-2022-2127

cve-2023-34966

cve-2023-34967

cve-2023-34968

red hat enterprise linux 9.3

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

6.7 Medium

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.027 Low

EPSS

Percentile

90.4%

JSON

Samba is an open-source implementation of the Server Message Block (SMB) protocol and the related Common Internet File System (CIFS) protocol, which allow PC-compatible machines to share files, printers, and various information.

The following packages have been upgraded to a later upstream version: samba (4.18.6). (BZ#2190415)

Security Fix(es):

samba: out-of-bounds read in winbind AUTH_CRAP (CVE-2022-2127)
samba: infinite loop in mdssvc RPC service for spotlight (CVE-2023-34966)
samba: type confusion in mdssvc RPC service for spotlight (CVE-2023-34967)
samba: spotlight server-side share path disclosure (CVE-2023-34968)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the Red Hat Enterprise Linux 9.3 Release Notes linked from the References section.

OSVersionArchitecturePackageVersionFilename
RedHat9aarch64samba-winbind-krb5-locator-debuginfo< 4.18.6-100.el9samba-winbind-krb5-locator-debuginfo-4.18.6-100.el9.aarch64.rpm
RedHat9aarch64libnetapi-debuginfo< 4.18.6-100.el9libnetapi-debuginfo-4.18.6-100.el9.aarch64.rpm
RedHat9x86_64openchange-debuginfo< 2.3-41.el9openchange-debuginfo-2.3-41.el9.x86_64.rpm
RedHat9ppc64lesamba-dcerpc< 4.18.6-100.el9samba-dcerpc-4.18.6-100.el9.ppc64le.rpm
RedHat9x86_64samba-common-tools< 4.18.6-100.el9samba-common-tools-4.18.6-100.el9.x86_64.rpm
RedHat9ppc64leevolution-mapi< 3.40.1-6.el9evolution-mapi-3.40.1-6.el9.ppc64le.rpm
RedHat9s390xsamba-dcerpc-debuginfo< 4.18.6-100.el9samba-dcerpc-debuginfo-4.18.6-100.el9.s390x.rpm
RedHat9x86_64samba-libs-debuginfo< 4.18.6-100.el9samba-libs-debuginfo-4.18.6-100.el9.x86_64.rpm
RedHat9ppc64lesamba-client-libs< 4.18.6-100.el9samba-client-libs-4.18.6-100.el9.ppc64le.rpm
RedHat9x86_64samba-devel< 4.18.6-100.el9samba-devel-4.18.6-100.el9.x86_64.rpm

OS	Version	Architecture	Package	Version	Filename
RedHat	9	aarch64	samba-winbind-krb5-locator-debuginfo	< 4.18.6-100.el9	samba-winbind-krb5-locator-debuginfo-4.18.6-100.el9.aarch64.rpm
RedHat	9	aarch64	libnetapi-debuginfo	< 4.18.6-100.el9	libnetapi-debuginfo-4.18.6-100.el9.aarch64.rpm
RedHat	9	x86_64	openchange-debuginfo	< 2.3-41.el9	openchange-debuginfo-2.3-41.el9.x86_64.rpm
RedHat	9	ppc64le	samba-dcerpc	< 4.18.6-100.el9	samba-dcerpc-4.18.6-100.el9.ppc64le.rpm
RedHat	9	x86_64	samba-common-tools	< 4.18.6-100.el9	samba-common-tools-4.18.6-100.el9.x86_64.rpm
RedHat	9	ppc64le	evolution-mapi	< 3.40.1-6.el9	evolution-mapi-3.40.1-6.el9.ppc64le.rpm
RedHat	9	s390x	samba-dcerpc-debuginfo	< 4.18.6-100.el9	samba-dcerpc-debuginfo-4.18.6-100.el9.s390x.rpm
RedHat	9	x86_64	samba-libs-debuginfo	< 4.18.6-100.el9	samba-libs-debuginfo-4.18.6-100.el9.x86_64.rpm
RedHat	9	ppc64le	samba-client-libs	< 4.18.6-100.el9	samba-client-libs-4.18.6-100.el9.ppc64le.rpm
RedHat	9	x86_64	samba-devel	< 4.18.6-100.el9	samba-devel-4.18.6-100.el9.x86_64.rpm