SB2023012453 - SUSE update for samba 

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2023012453

SB2023012453 - SUSE update for samba

Published: January 24, 2023

Security Bulletin ID SB2023012453
Severity
High
Patch available
YES
Number of vulnerabilities 5
Exploitation vector Remote access
Highest impact Code execution

Breakdown by Severity

High 40% Medium 20% Low 40%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 5 secuirty vulnerabilities.


1) NULL pointer dereference (CVE-ID: CVE-2020-14323)

The vulnerability allows a remote user to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dereference error when processing requests in winbind in Samba. A remote user can send specially crafted request to winbind daemon, trigger a NULL pointer dereference error and crash it.


2) Race condition (CVE-ID: CVE-2021-20251)

The vulnerability allows a remote attacker to perform a brute-force attack.

The vulnerability exists due to a race condition in Samba when incrementing bad password attempts. Each connection to Samba gets a separate process, and each process loads, increments, and saves the bad password count without any coordination. A remote attacker can perform a brute-force attack using multiple threats and bypass imposed limits on the number of allowed incorrect passwords.

3) Memory leak (CVE-ID: CVE-2022-32742)

The vulnerability allows a remote user to gain access to sensitive information.

The vulnerability exists due memory leak when handling SMB1 requests. A remote user with ability to write data to a file share can force the application to leak memory and gain access to potentially sensitive information.


4) Permissions, Privileges, and Access Controls (CVE-ID: CVE-2022-37966)

The vulnerability allows a remote attacker to escalate privileges on the system.

The vulnerability exists due to application does not properly impose security restrictions in Windows Kerberos RC4-HMAC. A remote attacker can conduct a man-in-middle (MiTM) attack, which leads to security restrictions bypass and privilege escalation.


5) Use of a broken or risky cryptographic algorithm (CVE-ID: CVE-2022-38023)

The vulnerability allows a remote attacker to compromise the target system.

The vulnerability exists due to security features bypass in Netlogon RPC. A remote attacker can bypass the Netlogon cryptography feature for signing and sealing traffic during Netlogon authentication.


Remediation

Install update from vendor's website.

References