Advisory ROSA-SA-2024-2450

Software: samba 4.12.3
OS: ROSA Virtualization 2.1

package_evr_string: samba-4.12.3

CVE-ID: CVE-2016-2124
BDU-ID: 2021-05993
CVE-Crit: MEDIUM.
CVE-DESC.: A vulnerability was discovered in the way Samba implemented SMB1 authentication. An attacker could use this vulnerability to extract the public password sent over the network, even if Kerberos authentication was required.
CVE-STATUS: Not Relevant
CVE-REV:

CVE-ID: CVE-2018-14628
BDU-ID: None
CVE-Crit: MEDIUM
CVE-DESC.: An information leakage vulnerability has been discovered in the Samba LDAP server. Due to the lack of access control checks, an authenticated but unprivileged attacker could discover the names and stored attributes of remote objects in the LDAP store.
CVE-STATUS: Not Relevant
CVE-REV:

CVE-ID: CVE-2018-14629
BDU-ID: None
CVE-Crit: Medium
CVE-DESC.: A denial of service vulnerability has been discovered in the Samba LDAP server. A CNAME loop could lead to infinite recursion on the server. An unprivileged local attacker could create such an entry, resulting in a denial of service.
CVE-STATUS: Not Relevant
CVE-REV:

CVE-ID: CVE-2018-16841
BDU-ID: None
CVE-Crit: MEDIUM
CVE-DESC.: Samba is vulnerable to denial of service. When configured to accept KDC smartcard authentication, Samba will call talloc_free() twice in the same memory if the principal in a validly signed certificate does not match the principal in the AS-REQ. This is only possible after authentication with a trusted certificate. talloc is resistant to further corruption due to the double release with talloc_free() and directly calls abort(), terminating the KDC process.
CVE-STATUS: Not Relevant
CVE-REV:

CVE-ID: CVE-2018-16851
BDU-ID: None
CVE-Crit: MEDIUM
CVE-DESC.: Samba is vulnerable to denial of service. During LDAP lookup processing, before the Samba AD domain controller returns LDAP entries to the client, the entries are cached in a single memory object with a maximum size of 256 MB. When this size is reached, the Samba process providing the LDAP service will follow the NULL pointer, terminating the process. There are no other vulnerabilities associated with this issue, only a denial of service.
CVE-STATUS: Not Relevant
CVE-REV:

CVE-ID: CVE-2018-16852
BDU-ID: 2020-00695
CVE-Crit: MEDIUM.
CVE-DESC.: A vulnerability in the DNS zone processing component of the DNS zone on the Samba Networking Program Server is related to null pointer dereferencing. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service
CVE-STATUS: Not Current
CVE-REV:

CVE-ID: CVE-2018-16853
BDU-ID: 2020-00696
CVE-Crit: MEDIUM
CVE-DESC.: A vulnerability in the MIT Kerberos Kerberos Samba AD DC assembly component of the Samba AD DC networking programs is associated with an uncontrolled consumption of system resources. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service
CVE-STATUS: Not Current
CVE-REV:

CVE-ID: CVE-2018-16857
BDU-ID: 2020-00697
CVE-Crit: MEDIUM
CVE-DESC.: An AD DC configuration vulnerability in the Samba networking programs is related to the incorrect implementation of security checks for standard system elements. Exploitation of the vulnerability could allow an attacker acting remotely to impact the integrity of information
CVE-STATUS: Not Current
CVE-REV:

CVE-ID: CVE-2018-16860
BDU-ID: 2019-01870
CVE-Crit: HIGH
CVE-DESC.: A vulnerability in the Heimdal implementation of the Kerberos 5 protocol of the Samba networking software package is due to errors in the implementation of security checks for standard elements. Exploitation of the vulnerability could allow an attacker acting remotely to disclose protected information or cause a denial of service
CVE-STATUS: Not Current
CVE-REV:

CVE-ID: CVE-2020-17049
BDU-ID: 2020-0532
CVE-Crit: HIGH
CVE-DESC.: A vulnerability in the Kerberos KDC component of Windows operating systems is related to access control weaknesses. Exploitation of the vulnerability could allow an attacker acting remotely to bypass existing security restrictions and gain unauthorized access to the application
CVE-STATUS: Not Applicable
CVE-REV:

CVE-ID: CVE-2020-25717
BDU-ID: 2021-06022
CVE-Crit: HIGH
CVE-DESC.: A vulnerability in the MachineAccountQuota domain account creation functionality of Samba networking programs is related to the ability to create accounts with elevated permissions. Exploitation of the vulnerability could allow an attacker acting remotely to escalate their privileges
CVE-STATUS: Not relevant
CVE-REV:

CVE-ID: CVE-2020-25718
BDU-ID: 2021-05958
CVE-Crit: HIGH
CVE-DESC.: A vulnerability in the MIT Kerberos Kerberos Samba AD DC assembly component of the Samba AD DC networking programs is related to the ability to support RODC functionality. Exploitation of the vulnerability could allow an attacker acting remotely to elevate their privileges
CVE-STATUS: Not Applicable
CVE-REV:

CVE-ID: CVE-2020-25719
BDU-ID: 2022-05701
CVE-Crit: HIGH
CVE-DESC.: A vulnerability in the Samba networking software package is related to flaws in the authentication procedure. Exploitation of the vulnerability allows an attacker acting remotely to gain access to sensitive data, compromise its integrity, and cause denial of service
CVE-STATUS: Not Current
CVE-REV: