Описание
Security update for samba
This update for samba fixes the following issues:
- CVE-2021-20251: Fixed an issue where the bad password count would not be properly incremented, which could allow attackers to brute force a user's password (bsc#1206546).
- CVE-2022-38023: Disabled weak ciphers by default in the Netlogon Secure channel (bsc#1206504).
- CVE-2022-37966: Fixed an issue where a weak cipher would be selected to encrypt session keys, which could lead to privilege escalation (bsc#1205385).
- CVE-2020-14323: Fixed a denial of service in winbindd (bsc#1173994).
- CVE-2022-32742: Fixed incorrect length check in SMB1write, SMB1write_and_close, SMB1write_and_unlock (bsc#1201496).
Список пакетов
SUSE Linux Enterprise Server 12 SP2-BCL
libdcerpc-binding0-4.4.2-38.55.1
libdcerpc-binding0-32bit-4.4.2-38.55.1
libdcerpc0-4.4.2-38.55.1
libdcerpc0-32bit-4.4.2-38.55.1
libndr-krb5pac0-4.4.2-38.55.1
libndr-krb5pac0-32bit-4.4.2-38.55.1
libndr-nbt0-4.4.2-38.55.1
libndr-nbt0-32bit-4.4.2-38.55.1
libndr-standard0-4.4.2-38.55.1
libndr-standard0-32bit-4.4.2-38.55.1
libndr0-4.4.2-38.55.1
libndr0-32bit-4.4.2-38.55.1
libnetapi0-4.4.2-38.55.1
libnetapi0-32bit-4.4.2-38.55.1
libsamba-credentials0-4.4.2-38.55.1
libsamba-credentials0-32bit-4.4.2-38.55.1
libsamba-errors0-4.4.2-38.55.1
libsamba-errors0-32bit-4.4.2-38.55.1
libsamba-hostconfig0-4.4.2-38.55.1
libsamba-hostconfig0-32bit-4.4.2-38.55.1
libsamba-passdb0-4.4.2-38.55.1
libsamba-passdb0-32bit-4.4.2-38.55.1
libsamba-util0-4.4.2-38.55.1
libsamba-util0-32bit-4.4.2-38.55.1
libsamdb0-4.4.2-38.55.1
libsamdb0-32bit-4.4.2-38.55.1
libsmbclient0-4.4.2-38.55.1
libsmbclient0-32bit-4.4.2-38.55.1
libsmbconf0-4.4.2-38.55.1
libsmbconf0-32bit-4.4.2-38.55.1
libsmbldap0-4.4.2-38.55.1
libsmbldap0-32bit-4.4.2-38.55.1
libtevent-util0-4.4.2-38.55.1
libtevent-util0-32bit-4.4.2-38.55.1
libwbclient0-4.4.2-38.55.1
libwbclient0-32bit-4.4.2-38.55.1
samba-4.4.2-38.55.1
samba-client-4.4.2-38.55.1
samba-client-32bit-4.4.2-38.55.1
samba-doc-4.4.2-38.55.1
samba-libs-4.4.2-38.55.1
samba-libs-32bit-4.4.2-38.55.1
samba-winbind-4.4.2-38.55.1
samba-winbind-32bit-4.4.2-38.55.1
Ссылки
- Link for SUSE-SU-2023:0122-1
- E-Mail link for SUSE-SU-2023:0122-1
- SUSE Security Ratings
- SUSE Bug 1173994
- SUSE Bug 1201496
- SUSE Bug 1205385
- SUSE Bug 1206504
- SUSE Bug 1206546
- SUSE CVE CVE-2020-14323 page
- SUSE CVE CVE-2021-20251 page
- SUSE CVE CVE-2022-32742 page
- SUSE CVE CVE-2022-37966 page
- SUSE CVE CVE-2022-38023 page
Описание
A null pointer dereference flaw was found in samba's Winbind service in versions before 4.11.15, before 4.12.9 and before 4.13.1. A local user could use this flaw to crash the winbind service causing denial of service.
Затронутые продукты
SUSE Linux Enterprise Server 12 SP2-BCL:libdcerpc-binding0-32bit-4.4.2-38.55.1
SUSE Linux Enterprise Server 12 SP2-BCL:libdcerpc-binding0-4.4.2-38.55.1
SUSE Linux Enterprise Server 12 SP2-BCL:libdcerpc0-32bit-4.4.2-38.55.1
SUSE Linux Enterprise Server 12 SP2-BCL:libdcerpc0-4.4.2-38.55.1
Ссылки
- CVE-2020-14323
- SUSE Bug 1173994
Описание
A flaw was found in samba. A race condition in the password lockout code may lead to the risk of brute force attacks being successful if special conditions are met.
Затронутые продукты
SUSE Linux Enterprise Server 12 SP2-BCL:libdcerpc-binding0-32bit-4.4.2-38.55.1
SUSE Linux Enterprise Server 12 SP2-BCL:libdcerpc-binding0-4.4.2-38.55.1
SUSE Linux Enterprise Server 12 SP2-BCL:libdcerpc0-32bit-4.4.2-38.55.1
SUSE Linux Enterprise Server 12 SP2-BCL:libdcerpc0-4.4.2-38.55.1
Ссылки
- CVE-2021-20251
- SUSE Bug 1206546
- SUSE Bug 1208433
- SUSE Bug 1209325
- SUSE Bug 1209664
Описание
A flaw was found in Samba. Some SMB1 write requests were not correctly range-checked to ensure the client had sent enough data to fulfill the write, allowing server memory contents to be written into the file (or printer) instead of client-supplied data. The client cannot control the area of the server memory written to the file (or printer).
Затронутые продукты
SUSE Linux Enterprise Server 12 SP2-BCL:libdcerpc-binding0-32bit-4.4.2-38.55.1
SUSE Linux Enterprise Server 12 SP2-BCL:libdcerpc-binding0-4.4.2-38.55.1
SUSE Linux Enterprise Server 12 SP2-BCL:libdcerpc0-32bit-4.4.2-38.55.1
SUSE Linux Enterprise Server 12 SP2-BCL:libdcerpc0-4.4.2-38.55.1
Ссылки
- CVE-2022-32742
- SUSE Bug 1201496
- SUSE Bug 1202815
Описание
Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability
Затронутые продукты
SUSE Linux Enterprise Server 12 SP2-BCL:libdcerpc-binding0-32bit-4.4.2-38.55.1
SUSE Linux Enterprise Server 12 SP2-BCL:libdcerpc-binding0-4.4.2-38.55.1
SUSE Linux Enterprise Server 12 SP2-BCL:libdcerpc0-32bit-4.4.2-38.55.1
SUSE Linux Enterprise Server 12 SP2-BCL:libdcerpc0-4.4.2-38.55.1
Ссылки
- CVE-2022-37966
- SUSE Bug 1205385
- SUSE Bug 1208347
- SUSE Bug 1208433
- SUSE Bug 1209664
Описание
Netlogon RPC Elevation of Privilege Vulnerability
Затронутые продукты
SUSE Linux Enterprise Server 12 SP2-BCL:libdcerpc-binding0-32bit-4.4.2-38.55.1
SUSE Linux Enterprise Server 12 SP2-BCL:libdcerpc-binding0-4.4.2-38.55.1
SUSE Linux Enterprise Server 12 SP2-BCL:libdcerpc0-32bit-4.4.2-38.55.1
SUSE Linux Enterprise Server 12 SP2-BCL:libdcerpc0-4.4.2-38.55.1
Ссылки
- CVE-2022-38023
- SUSE Bug 1206504
- SUSE Bug 1209664
- SUSE Bug 1213694