Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

SUSE-SU-2023:0160-1

Опубликовано: 26 янв. 2023
Источник: suse-cvrf

Описание

Security update for samba

This update for samba fixes the following issues:

  • CVE-2021-20251: Fixed an issue where the bad password count would not be properly incremented, which could allow attackers to brute force a user's password (bsc#1206546).

  • Updated to version 4.15.13:

    • CVE-2022-37966: Fixed an issue where a weak cipher would be selected to encrypt session keys, which could lead to privilege escalation (bsc#1205385).
    • CVE-2022-37967: Fixed a potential privilege escalation issue via constrained delegation due to weak a cryptographic algorithm being selected (bsc#1205386).
    • CVE-2022-38023: Disabled weak ciphers by default in the Netlogon Secure channel (bsc#1206504).

  • Updated to version 4.15.12:

    • CVE-2022-42898: Fixed several buffer overflow vulnerabilities on 32-bit systems (bsc#1205126).

  • Updated to version 4.15.11:

    • CVE-2022-3437: Fixed a buffer overflow in Heimdal unwrap_des3() (bsc#1204254).

  • Updated to version 4.15.10:

    • Fixed a potential crash due to a concurrency issue (bsc#1200102).

  • Updated to version 4.15.9:

    • CVE-2022-32742: Fixed an information leak that could be triggered via SMB1 (bsc#1201496).
    • CVE-2022-32746: Fixed a memory corruption issue in database audit logging (bsc#1201490).
    • CVE-2022-2031: Fixed AD restrictions bypass associated with changing passwords (bsc#1201495).
    • CVE-2022-32745: Fixed a remote server crash that could be triggered with certain LDAP requests (bsc#1201492).
    • CVE-2022-32744: Fixed an issue where AD users could have forged password change requests on behalf of other users (bsc#1201493).

Other fixes:

  • Fixed a problem when using bind as samba-ad-dc backend related to the named service (bsc#1201689).

Список пакетов

Image SLES15-SP4
samba-client-libs-4.15.13+git.591.ab36624310c-150400.3.19.1
samba-libs-4.15.13+git.591.ab36624310c-150400.3.19.1
Image SLES15-SP4-Azure-Basic
samba-client-libs-4.15.13+git.591.ab36624310c-150400.3.19.1
samba-libs-4.15.13+git.591.ab36624310c-150400.3.19.1
Image SLES15-SP4-Azure-Standard
samba-client-libs-4.15.13+git.591.ab36624310c-150400.3.19.1
samba-libs-4.15.13+git.591.ab36624310c-150400.3.19.1
Image SLES15-SP4-BYOS
samba-client-libs-4.15.13+git.591.ab36624310c-150400.3.19.1
Image SLES15-SP4-BYOS-Azure
samba-client-libs-4.15.13+git.591.ab36624310c-150400.3.19.1
Image SLES15-SP4-BYOS-EC2
samba-client-libs-4.15.13+git.591.ab36624310c-150400.3.19.1
Image SLES15-SP4-BYOS-GCE
samba-client-libs-4.15.13+git.591.ab36624310c-150400.3.19.1
Image SLES15-SP4-CHOST-BYOS
samba-client-libs-4.15.13+git.591.ab36624310c-150400.3.19.1
Image SLES15-SP4-CHOST-BYOS-Aliyun
samba-client-libs-4.15.13+git.591.ab36624310c-150400.3.19.1
Image SLES15-SP4-CHOST-BYOS-Azure
samba-client-libs-4.15.13+git.591.ab36624310c-150400.3.19.1
Image SLES15-SP4-CHOST-BYOS-EC2
samba-client-libs-4.15.13+git.591.ab36624310c-150400.3.19.1
Image SLES15-SP4-CHOST-BYOS-GCE
samba-client-libs-4.15.13+git.591.ab36624310c-150400.3.19.1
Image SLES15-SP4-CHOST-BYOS-SAP-CCloud
samba-client-libs-4.15.13+git.591.ab36624310c-150400.3.19.1
Image SLES15-SP4-EC2
samba-client-libs-4.15.13+git.591.ab36624310c-150400.3.19.1
samba-libs-4.15.13+git.591.ab36624310c-150400.3.19.1
Image SLES15-SP4-EC2-ECS-HVM
samba-client-libs-4.15.13+git.591.ab36624310c-150400.3.19.1
samba-libs-4.15.13+git.591.ab36624310c-150400.3.19.1
Image SLES15-SP4-GCE
samba-client-libs-4.15.13+git.591.ab36624310c-150400.3.19.1
samba-libs-4.15.13+git.591.ab36624310c-150400.3.19.1
Image SLES15-SP4-HPC
samba-client-libs-4.15.13+git.591.ab36624310c-150400.3.19.1
samba-libs-4.15.13+git.591.ab36624310c-150400.3.19.1
Image SLES15-SP4-HPC-Azure
samba-client-libs-4.15.13+git.591.ab36624310c-150400.3.19.1
samba-libs-4.15.13+git.591.ab36624310c-150400.3.19.1
Image SLES15-SP4-HPC-BYOS
samba-client-libs-4.15.13+git.591.ab36624310c-150400.3.19.1
Image SLES15-SP4-HPC-BYOS-Azure
samba-client-libs-4.15.13+git.591.ab36624310c-150400.3.19.1
Image SLES15-SP4-HPC-BYOS-EC2
samba-client-libs-4.15.13+git.591.ab36624310c-150400.3.19.1
Image SLES15-SP4-HPC-BYOS-GCE
samba-client-libs-4.15.13+git.591.ab36624310c-150400.3.19.1
Image SLES15-SP4-HPC-EC2
samba-client-libs-4.15.13+git.591.ab36624310c-150400.3.19.1
Image SLES15-SP4-HPC-GCE
samba-client-libs-4.15.13+git.591.ab36624310c-150400.3.19.1
Image SLES15-SP4-Hardened-BYOS
samba-client-libs-4.15.13+git.591.ab36624310c-150400.3.19.1
Image SLES15-SP4-Hardened-BYOS-Azure
samba-client-libs-4.15.13+git.591.ab36624310c-150400.3.19.1
Image SLES15-SP4-Hardened-BYOS-EC2
samba-client-libs-4.15.13+git.591.ab36624310c-150400.3.19.1
Image SLES15-SP4-Hardened-BYOS-GCE
samba-client-libs-4.15.13+git.591.ab36624310c-150400.3.19.1
Image SLES15-SP4-Manager-Proxy-4-3-BYOS
samba-client-libs-4.15.13+git.591.ab36624310c-150400.3.19.1
Image SLES15-SP4-Manager-Proxy-4-3-BYOS-Azure
samba-client-libs-4.15.13+git.591.ab36624310c-150400.3.19.1
Image SLES15-SP4-Manager-Proxy-4-3-BYOS-EC2
samba-client-libs-4.15.13+git.591.ab36624310c-150400.3.19.1
Image SLES15-SP4-Manager-Proxy-4-3-BYOS-GCE
samba-client-libs-4.15.13+git.591.ab36624310c-150400.3.19.1
Image SLES15-SP4-Manager-Server-4-3
samba-client-libs-4.15.13+git.591.ab36624310c-150400.3.19.1
Image SLES15-SP4-Manager-Server-4-3-Azure-llc
samba-client-libs-4.15.13+git.591.ab36624310c-150400.3.19.1
Image SLES15-SP4-Manager-Server-4-3-Azure-ltd
samba-client-libs-4.15.13+git.591.ab36624310c-150400.3.19.1
Image SLES15-SP4-Manager-Server-4-3-BYOS
samba-client-libs-4.15.13+git.591.ab36624310c-150400.3.19.1
Image SLES15-SP4-Manager-Server-4-3-BYOS-Azure
samba-client-libs-4.15.13+git.591.ab36624310c-150400.3.19.1
Image SLES15-SP4-Manager-Server-4-3-BYOS-EC2
samba-client-libs-4.15.13+git.591.ab36624310c-150400.3.19.1
Image SLES15-SP4-Manager-Server-4-3-BYOS-GCE
samba-client-libs-4.15.13+git.591.ab36624310c-150400.3.19.1
Image SLES15-SP4-Manager-Server-4-3-EC2-llc
samba-client-libs-4.15.13+git.591.ab36624310c-150400.3.19.1
Image SLES15-SP4-Manager-Server-4-3-EC2-ltd
samba-client-libs-4.15.13+git.591.ab36624310c-150400.3.19.1
Image SLES15-SP4-SAP
samba-4.15.13+git.591.ab36624310c-150400.3.19.1
samba-client-4.15.13+git.591.ab36624310c-150400.3.19.1
samba-client-libs-4.15.13+git.591.ab36624310c-150400.3.19.1
samba-libs-4.15.13+git.591.ab36624310c-150400.3.19.1
Image SLES15-SP4-SAP-Azure
samba-4.15.13+git.591.ab36624310c-150400.3.19.1
samba-client-4.15.13+git.591.ab36624310c-150400.3.19.1
samba-client-libs-4.15.13+git.591.ab36624310c-150400.3.19.1
samba-libs-4.15.13+git.591.ab36624310c-150400.3.19.1
Image SLES15-SP4-SAP-Azure-LI-BYOS
ctdb-4.15.13+git.591.ab36624310c-150400.3.19.1
samba-client-libs-4.15.13+git.591.ab36624310c-150400.3.19.1
samba-libs-4.15.13+git.591.ab36624310c-150400.3.19.1
Image SLES15-SP4-SAP-Azure-LI-BYOS-Production
ctdb-4.15.13+git.591.ab36624310c-150400.3.19.1
samba-client-libs-4.15.13+git.591.ab36624310c-150400.3.19.1
samba-libs-4.15.13+git.591.ab36624310c-150400.3.19.1
Image SLES15-SP4-SAP-Azure-VLI-BYOS
ctdb-4.15.13+git.591.ab36624310c-150400.3.19.1
samba-client-libs-4.15.13+git.591.ab36624310c-150400.3.19.1
samba-libs-4.15.13+git.591.ab36624310c-150400.3.19.1
Image SLES15-SP4-SAP-Azure-VLI-BYOS-Production
ctdb-4.15.13+git.591.ab36624310c-150400.3.19.1
samba-client-libs-4.15.13+git.591.ab36624310c-150400.3.19.1
samba-libs-4.15.13+git.591.ab36624310c-150400.3.19.1
Image SLES15-SP4-SAP-BYOS
ctdb-4.15.13+git.591.ab36624310c-150400.3.19.1
samba-client-libs-4.15.13+git.591.ab36624310c-150400.3.19.1
samba-libs-4.15.13+git.591.ab36624310c-150400.3.19.1
Image SLES15-SP4-SAP-BYOS-Azure
ctdb-4.15.13+git.591.ab36624310c-150400.3.19.1
samba-client-libs-4.15.13+git.591.ab36624310c-150400.3.19.1
samba-libs-4.15.13+git.591.ab36624310c-150400.3.19.1
Image SLES15-SP4-SAP-BYOS-EC2
ctdb-4.15.13+git.591.ab36624310c-150400.3.19.1
samba-client-libs-4.15.13+git.591.ab36624310c-150400.3.19.1
samba-libs-4.15.13+git.591.ab36624310c-150400.3.19.1
Image SLES15-SP4-SAP-BYOS-GCE
ctdb-4.15.13+git.591.ab36624310c-150400.3.19.1
samba-client-libs-4.15.13+git.591.ab36624310c-150400.3.19.1
samba-libs-4.15.13+git.591.ab36624310c-150400.3.19.1
Image SLES15-SP4-SAP-EC2
samba-4.15.13+git.591.ab36624310c-150400.3.19.1
samba-client-4.15.13+git.591.ab36624310c-150400.3.19.1
samba-client-libs-4.15.13+git.591.ab36624310c-150400.3.19.1
samba-libs-4.15.13+git.591.ab36624310c-150400.3.19.1
Image SLES15-SP4-SAP-GCE
samba-4.15.13+git.591.ab36624310c-150400.3.19.1
samba-client-4.15.13+git.591.ab36624310c-150400.3.19.1
samba-client-libs-4.15.13+git.591.ab36624310c-150400.3.19.1
samba-libs-4.15.13+git.591.ab36624310c-150400.3.19.1
Image SLES15-SP4-SAP-Hardened
ctdb-4.15.13+git.591.ab36624310c-150400.3.19.1
samba-client-libs-4.15.13+git.591.ab36624310c-150400.3.19.1
samba-libs-4.15.13+git.591.ab36624310c-150400.3.19.1
Image SLES15-SP4-SAP-Hardened-Azure
ctdb-4.15.13+git.591.ab36624310c-150400.3.19.1
samba-client-libs-4.15.13+git.591.ab36624310c-150400.3.19.1
samba-libs-4.15.13+git.591.ab36624310c-150400.3.19.1
Image SLES15-SP4-SAP-Hardened-BYOS
ctdb-4.15.13+git.591.ab36624310c-150400.3.19.1
samba-client-libs-4.15.13+git.591.ab36624310c-150400.3.19.1
samba-libs-4.15.13+git.591.ab36624310c-150400.3.19.1
Image SLES15-SP4-SAP-Hardened-BYOS-Azure
ctdb-4.15.13+git.591.ab36624310c-150400.3.19.1
samba-client-libs-4.15.13+git.591.ab36624310c-150400.3.19.1
samba-libs-4.15.13+git.591.ab36624310c-150400.3.19.1
Image SLES15-SP4-SAP-Hardened-BYOS-EC2
ctdb-4.15.13+git.591.ab36624310c-150400.3.19.1
samba-client-libs-4.15.13+git.591.ab36624310c-150400.3.19.1
samba-libs-4.15.13+git.591.ab36624310c-150400.3.19.1
Image SLES15-SP4-SAP-Hardened-BYOS-GCE
ctdb-4.15.13+git.591.ab36624310c-150400.3.19.1
samba-client-libs-4.15.13+git.591.ab36624310c-150400.3.19.1
samba-libs-4.15.13+git.591.ab36624310c-150400.3.19.1
Image SLES15-SP4-SAP-Hardened-EC2
ctdb-4.15.13+git.591.ab36624310c-150400.3.19.1
samba-client-libs-4.15.13+git.591.ab36624310c-150400.3.19.1
samba-libs-4.15.13+git.591.ab36624310c-150400.3.19.1
Image SLES15-SP4-SAP-Hardened-GCE
ctdb-4.15.13+git.591.ab36624310c-150400.3.19.1
samba-client-libs-4.15.13+git.591.ab36624310c-150400.3.19.1
samba-libs-4.15.13+git.591.ab36624310c-150400.3.19.1
Image SLES15-SP4-SAPCAL
samba-4.15.13+git.591.ab36624310c-150400.3.19.1
samba-client-4.15.13+git.591.ab36624310c-150400.3.19.1
samba-client-libs-4.15.13+git.591.ab36624310c-150400.3.19.1
samba-libs-4.15.13+git.591.ab36624310c-150400.3.19.1
Image SLES15-SP4-SAPCAL-Azure
samba-4.15.13+git.591.ab36624310c-150400.3.19.1
samba-client-4.15.13+git.591.ab36624310c-150400.3.19.1
samba-client-libs-4.15.13+git.591.ab36624310c-150400.3.19.1
samba-libs-4.15.13+git.591.ab36624310c-150400.3.19.1
Image SLES15-SP4-SAPCAL-EC2
samba-4.15.13+git.591.ab36624310c-150400.3.19.1
samba-client-4.15.13+git.591.ab36624310c-150400.3.19.1
samba-client-libs-4.15.13+git.591.ab36624310c-150400.3.19.1
samba-libs-4.15.13+git.591.ab36624310c-150400.3.19.1
Image SLES15-SP4-SAPCAL-GCE
samba-4.15.13+git.591.ab36624310c-150400.3.19.1
samba-client-4.15.13+git.591.ab36624310c-150400.3.19.1
samba-client-libs-4.15.13+git.591.ab36624310c-150400.3.19.1
samba-libs-4.15.13+git.591.ab36624310c-150400.3.19.1
SUSE Linux Enterprise High Availability Extension 15 SP4
ctdb-4.15.13+git.591.ab36624310c-150400.3.19.1
SUSE Linux Enterprise Micro 5.3
samba-client-libs-4.15.13+git.591.ab36624310c-150400.3.19.1
SUSE Linux Enterprise Module for Basesystem 15 SP4
libsamba-policy-devel-4.15.13+git.591.ab36624310c-150400.3.19.1
libsamba-policy-python3-devel-4.15.13+git.591.ab36624310c-150400.3.19.1
libsamba-policy0-python3-4.15.13+git.591.ab36624310c-150400.3.19.1
samba-4.15.13+git.591.ab36624310c-150400.3.19.1
samba-ad-dc-libs-4.15.13+git.591.ab36624310c-150400.3.19.1
samba-ceph-4.15.13+git.591.ab36624310c-150400.3.19.1
samba-client-4.15.13+git.591.ab36624310c-150400.3.19.1
samba-client-libs-4.15.13+git.591.ab36624310c-150400.3.19.1
samba-client-libs-32bit-4.15.13+git.591.ab36624310c-150400.3.19.1
samba-devel-4.15.13+git.591.ab36624310c-150400.3.19.1
samba-dsdb-modules-4.15.13+git.591.ab36624310c-150400.3.19.1
samba-gpupdate-4.15.13+git.591.ab36624310c-150400.3.19.1
samba-ldb-ldap-4.15.13+git.591.ab36624310c-150400.3.19.1
samba-libs-4.15.13+git.591.ab36624310c-150400.3.19.1
samba-libs-32bit-4.15.13+git.591.ab36624310c-150400.3.19.1
samba-libs-python3-4.15.13+git.591.ab36624310c-150400.3.19.1
samba-python3-4.15.13+git.591.ab36624310c-150400.3.19.1
samba-tool-4.15.13+git.591.ab36624310c-150400.3.19.1
samba-winbind-4.15.13+git.591.ab36624310c-150400.3.19.1
samba-winbind-libs-4.15.13+git.591.ab36624310c-150400.3.19.1
openSUSE Leap 15.4
ctdb-4.15.13+git.591.ab36624310c-150400.3.19.1
ctdb-pcp-pmda-4.15.13+git.591.ab36624310c-150400.3.19.1
libsamba-policy-devel-4.15.13+git.591.ab36624310c-150400.3.19.1
libsamba-policy-python3-devel-4.15.13+git.591.ab36624310c-150400.3.19.1
libsamba-policy0-python3-4.15.13+git.591.ab36624310c-150400.3.19.1
libsamba-policy0-python3-32bit-4.15.13+git.591.ab36624310c-150400.3.19.1
samba-4.15.13+git.591.ab36624310c-150400.3.19.1
samba-ad-dc-4.15.13+git.591.ab36624310c-150400.3.19.1
samba-ad-dc-libs-4.15.13+git.591.ab36624310c-150400.3.19.1
samba-ad-dc-libs-32bit-4.15.13+git.591.ab36624310c-150400.3.19.1
samba-ceph-4.15.13+git.591.ab36624310c-150400.3.19.1
samba-client-4.15.13+git.591.ab36624310c-150400.3.19.1
samba-client-32bit-4.15.13+git.591.ab36624310c-150400.3.19.1
samba-client-libs-4.15.13+git.591.ab36624310c-150400.3.19.1
samba-client-libs-32bit-4.15.13+git.591.ab36624310c-150400.3.19.1
samba-devel-4.15.13+git.591.ab36624310c-150400.3.19.1
samba-devel-32bit-4.15.13+git.591.ab36624310c-150400.3.19.1
samba-doc-4.15.13+git.591.ab36624310c-150400.3.19.1
samba-dsdb-modules-4.15.13+git.591.ab36624310c-150400.3.19.1
samba-gpupdate-4.15.13+git.591.ab36624310c-150400.3.19.1
samba-ldb-ldap-4.15.13+git.591.ab36624310c-150400.3.19.1
samba-libs-4.15.13+git.591.ab36624310c-150400.3.19.1
samba-libs-32bit-4.15.13+git.591.ab36624310c-150400.3.19.1
samba-libs-python3-4.15.13+git.591.ab36624310c-150400.3.19.1
samba-libs-python3-32bit-4.15.13+git.591.ab36624310c-150400.3.19.1
samba-python3-4.15.13+git.591.ab36624310c-150400.3.19.1
samba-test-4.15.13+git.591.ab36624310c-150400.3.19.1
samba-tool-4.15.13+git.591.ab36624310c-150400.3.19.1
samba-winbind-4.15.13+git.591.ab36624310c-150400.3.19.1
samba-winbind-libs-4.15.13+git.591.ab36624310c-150400.3.19.1
samba-winbind-libs-32bit-4.15.13+git.591.ab36624310c-150400.3.19.1
openSUSE Leap Micro 5.3
samba-client-libs-4.15.13+git.591.ab36624310c-150400.3.19.1

Ссылки

Описание

A flaw was found in samba. A race condition in the password lockout code may lead to the risk of brute force attacks being successful if special conditions are met.

Затронутые продукты
Image SLES15-SP4-Azure-Basic:samba-client-libs-4.15.13+git.591.ab36624310c-150400.3.19.1
Image SLES15-SP4-Azure-Basic:samba-libs-4.15.13+git.591.ab36624310c-150400.3.19.1
Image SLES15-SP4-Azure-Standard:samba-client-libs-4.15.13+git.591.ab36624310c-150400.3.19.1
Image SLES15-SP4-Azure-Standard:samba-libs-4.15.13+git.591.ab36624310c-150400.3.19.1
Ссылки

Описание

A flaw was found in Samba. The security vulnerability occurs when KDC and the kpasswd service share a single account and set of keys, allowing them to decrypt each other's tickets. A user who has been requested to change their password, can exploit this flaw to obtain and use tickets to other services.

Затронутые продукты
Image SLES15-SP4-Azure-Basic:samba-client-libs-4.15.13+git.591.ab36624310c-150400.3.19.1
Image SLES15-SP4-Azure-Basic:samba-libs-4.15.13+git.591.ab36624310c-150400.3.19.1
Image SLES15-SP4-Azure-Standard:samba-client-libs-4.15.13+git.591.ab36624310c-150400.3.19.1
Image SLES15-SP4-Azure-Standard:samba-libs-4.15.13+git.591.ab36624310c-150400.3.19.1
Ссылки

Описание

A flaw was found in Samba. Some SMB1 write requests were not correctly range-checked to ensure the client had sent enough data to fulfill the write, allowing server memory contents to be written into the file (or printer) instead of client-supplied data. The client cannot control the area of the server memory written to the file (or printer).

Затронутые продукты
Image SLES15-SP4-Azure-Basic:samba-client-libs-4.15.13+git.591.ab36624310c-150400.3.19.1
Image SLES15-SP4-Azure-Basic:samba-libs-4.15.13+git.591.ab36624310c-150400.3.19.1
Image SLES15-SP4-Azure-Standard:samba-client-libs-4.15.13+git.591.ab36624310c-150400.3.19.1
Image SLES15-SP4-Azure-Standard:samba-libs-4.15.13+git.591.ab36624310c-150400.3.19.1
Ссылки

Описание

A flaw was found in Samba. The KDC accepts kpasswd requests encrypted with any key known to it. By encrypting forged kpasswd requests with its own key, a user can change other users' passwords, enabling full domain takeover.

Затронутые продукты
Image SLES15-SP4-Azure-Basic:samba-client-libs-4.15.13+git.591.ab36624310c-150400.3.19.1
Image SLES15-SP4-Azure-Basic:samba-libs-4.15.13+git.591.ab36624310c-150400.3.19.1
Image SLES15-SP4-Azure-Standard:samba-client-libs-4.15.13+git.591.ab36624310c-150400.3.19.1
Image SLES15-SP4-Azure-Standard:samba-libs-4.15.13+git.591.ab36624310c-150400.3.19.1
Ссылки

Описание

A flaw was found in Samba. Samba AD users can cause the server to access uninitialized data with an LDAP add or modify the request, usually resulting in a segmentation fault.

Затронутые продукты
Image SLES15-SP4-Azure-Basic:samba-client-libs-4.15.13+git.591.ab36624310c-150400.3.19.1
Image SLES15-SP4-Azure-Basic:samba-libs-4.15.13+git.591.ab36624310c-150400.3.19.1
Image SLES15-SP4-Azure-Standard:samba-client-libs-4.15.13+git.591.ab36624310c-150400.3.19.1
Image SLES15-SP4-Azure-Standard:samba-libs-4.15.13+git.591.ab36624310c-150400.3.19.1
Ссылки

Описание

A flaw was found in the Samba AD LDAP server. The AD DC database audit logging module can access LDAP message values freed by a preceding database module, resulting in a use-after-free issue. This issue is only possible when modifying certain privileged attributes, such as userAccountControl.

Затронутые продукты
Image SLES15-SP4-Azure-Basic:samba-client-libs-4.15.13+git.591.ab36624310c-150400.3.19.1
Image SLES15-SP4-Azure-Basic:samba-libs-4.15.13+git.591.ab36624310c-150400.3.19.1
Image SLES15-SP4-Azure-Standard:samba-client-libs-4.15.13+git.591.ab36624310c-150400.3.19.1
Image SLES15-SP4-Azure-Standard:samba-libs-4.15.13+git.591.ab36624310c-150400.3.19.1
Ссылки

Описание

A heap-based buffer overflow vulnerability was found in Samba within the GSSAPI unwrap_des() and unwrap_des3() routines of Heimdal. The DES and Triple-DES decryption routines in the Heimdal GSSAPI library allow a length-limited write buffer overflow on malloc() allocated memory when presented with a maliciously small packet. This flaw allows a remote user to send specially crafted malicious data to the application, possibly resulting in a denial of service (DoS) attack.

Затронутые продукты
Image SLES15-SP4-Azure-Basic:samba-client-libs-4.15.13+git.591.ab36624310c-150400.3.19.1
Image SLES15-SP4-Azure-Basic:samba-libs-4.15.13+git.591.ab36624310c-150400.3.19.1
Image SLES15-SP4-Azure-Standard:samba-client-libs-4.15.13+git.591.ab36624310c-150400.3.19.1
Image SLES15-SP4-Azure-Standard:samba-libs-4.15.13+git.591.ab36624310c-150400.3.19.1
Ссылки

Описание

Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability

Затронутые продукты
Image SLES15-SP4-Azure-Basic:samba-client-libs-4.15.13+git.591.ab36624310c-150400.3.19.1
Image SLES15-SP4-Azure-Basic:samba-libs-4.15.13+git.591.ab36624310c-150400.3.19.1
Image SLES15-SP4-Azure-Standard:samba-client-libs-4.15.13+git.591.ab36624310c-150400.3.19.1
Image SLES15-SP4-Azure-Standard:samba-libs-4.15.13+git.591.ab36624310c-150400.3.19.1
Ссылки

Описание

Windows Kerberos Elevation of Privilege Vulnerability

Затронутые продукты
Image SLES15-SP4-Azure-Basic:samba-client-libs-4.15.13+git.591.ab36624310c-150400.3.19.1
Image SLES15-SP4-Azure-Basic:samba-libs-4.15.13+git.591.ab36624310c-150400.3.19.1
Image SLES15-SP4-Azure-Standard:samba-client-libs-4.15.13+git.591.ab36624310c-150400.3.19.1
Image SLES15-SP4-Azure-Standard:samba-libs-4.15.13+git.591.ab36624310c-150400.3.19.1
Ссылки

Описание

Netlogon RPC Elevation of Privilege Vulnerability

Затронутые продукты
Image SLES15-SP4-Azure-Basic:samba-client-libs-4.15.13+git.591.ab36624310c-150400.3.19.1
Image SLES15-SP4-Azure-Basic:samba-libs-4.15.13+git.591.ab36624310c-150400.3.19.1
Image SLES15-SP4-Azure-Standard:samba-client-libs-4.15.13+git.591.ab36624310c-150400.3.19.1
Image SLES15-SP4-Azure-Standard:samba-libs-4.15.13+git.591.ab36624310c-150400.3.19.1
Ссылки

Описание

PAC parsing in MIT Kerberos 5 (aka krb5) before 1.19.4 and 1.20.x before 1.20.1 has integer overflows that may lead to remote code execution (in KDC, kadmind, or a GSS or Kerberos application server) on 32-bit platforms (which have a resultant heap-based buffer overflow), and cause a denial of service on other platforms. This occurs in krb5_pac_parse in lib/krb5/krb/pac.c. Heimdal before 7.7.1 has "a similar bug."

Затронутые продукты
Image SLES15-SP4-Azure-Basic:samba-client-libs-4.15.13+git.591.ab36624310c-150400.3.19.1
Image SLES15-SP4-Azure-Basic:samba-libs-4.15.13+git.591.ab36624310c-150400.3.19.1
Image SLES15-SP4-Azure-Standard:samba-client-libs-4.15.13+git.591.ab36624310c-150400.3.19.1
Image SLES15-SP4-Azure-Standard:samba-libs-4.15.13+git.591.ab36624310c-150400.3.19.1
Ссылки
Уязвимость SUSE-SU-2023:0160-1