SUSE update for samba



Published: 2024-02-27
Risk Medium
Patch available YES
Number of vulnerabilities 4
CVE-ID CVE-2022-2127
CVE-2023-34966
CVE-2023-34967
CVE-2023-34968
CWE-ID CWE-125
CWE-835
CWE-843
CWE-200
Exploitation vector Network
Public exploit N/A
Vulnerable software
Subscribe 		openSUSE Leap Micro
Operating systems & Components / Operating system

SUSE Linux Enterprise Micro for Rancher
Operating systems & Components / Operating system

SUSE Linux Enterprise High Availability Extension 15
Operating systems & Components / Operating system

SUSE Linux Enterprise Micro
Operating systems & Components / Operating system

SUSE Linux Enterprise Server for SAP Applications 15
Operating systems & Components / Operating system

SUSE Linux Enterprise Server 15
Operating systems & Components / Operating system

SUSE Linux Enterprise Real Time 15
Operating systems & Components / Operating system

SUSE Linux Enterprise High Performance Computing 15
Operating systems & Components / Operating system

SUSE Linux Enterprise Desktop 15
Operating systems & Components / Operating system

Basesystem Module
Operating systems & Components / Operating system

SUSE Manager Retail Branch Server
Operating systems & Components / Operating system

SUSE Manager Server
Operating systems & Components / Operating system

SUSE Manager Proxy
Operating systems & Components / Operating system

openSUSE Leap
Operating systems & Components / Operating system

libsamba-policy0-python3-64bit
Operating systems & Components / Operating system package or component

samba-client-libs-64bit-debuginfo
Operating systems & Components / Operating system package or component

samba-libs-python3-64bit-debuginfo
Operating systems & Components / Operating system package or component

samba-client-64bit
Operating systems & Components / Operating system package or component

samba-ad-dc-libs-64bit-debuginfo
Operating systems & Components / Operating system package or component

samba-libs-64bit
Operating systems & Components / Operating system package or component

samba-client-libs-64bit
Operating systems & Components / Operating system package or component

samba-devel-64bit
Operating systems & Components / Operating system package or component

samba-winbind-libs-64bit
Operating systems & Components / Operating system package or component

samba-libs-python3-64bit
Operating systems & Components / Operating system package or component

samba-libs-64bit-debuginfo
Operating systems & Components / Operating system package or component

samba-client-64bit-debuginfo
Operating systems & Components / Operating system package or component

libsamba-policy0-python3-64bit-debuginfo
Operating systems & Components / Operating system package or component

samba-ad-dc-libs-64bit
Operating systems & Components / Operating system package or component

samba-winbind-libs-64bit-debuginfo
Operating systems & Components / Operating system package or component

samba-ceph
Operating systems & Components / Operating system package or component

samba-ceph-debuginfo
Operating systems & Components / Operating system package or component

samba-doc
Operating systems & Components / Operating system package or component

samba-ad-dc-libs-32bit-debuginfo
Operating systems & Components / Operating system package or component

samba-devel-32bit
Operating systems & Components / Operating system package or component

libsamba-policy0-python3-32bit-debuginfo
Operating systems & Components / Operating system package or component

samba-libs-python3-32bit-debuginfo
Operating systems & Components / Operating system package or component

samba-client-32bit-debuginfo
Operating systems & Components / Operating system package or component

samba-libs-32bit-debuginfo
Operating systems & Components / Operating system package or component

samba-client-32bit
Operating systems & Components / Operating system package or component

samba-winbind-libs-32bit
Operating systems & Components / Operating system package or component

samba-client-libs-32bit
Operating systems & Components / Operating system package or component

samba-client-libs-32bit-debuginfo
Operating systems & Components / Operating system package or component

samba-ad-dc-libs-32bit
Operating systems & Components / Operating system package or component

samba-winbind-libs-32bit-debuginfo
Operating systems & Components / Operating system package or component

samba-libs-python3-32bit
Operating systems & Components / Operating system package or component

samba-libs-32bit
Operating systems & Components / Operating system package or component

libsamba-policy0-python3-32bit
Operating systems & Components / Operating system package or component

samba-python3
Operating systems & Components / Operating system package or component

samba-test
Operating systems & Components / Operating system package or component

samba-libs-python3-debuginfo
Operating systems & Components / Operating system package or component

samba-client-debuginfo
Operating systems & Components / Operating system package or component

samba-libs-python3
Operating systems & Components / Operating system package or component

libsamba-policy0-python3-debuginfo
Operating systems & Components / Operating system package or component

samba-libs-debuginfo
Operating systems & Components / Operating system package or component

libsamba-policy0-python3
Operating systems & Components / Operating system package or component

samba-tool
Operating systems & Components / Operating system package or component

samba-winbind-debuginfo
Operating systems & Components / Operating system package or component

ctdb-pcp-pmda
Operating systems & Components / Operating system package or component

samba
Operating systems & Components / Operating system package or component

samba-ad-dc-libs
Operating systems & Components / Operating system package or component

samba-ad-dc
Operating systems & Components / Operating system package or component

samba-winbind-libs-debuginfo
Operating systems & Components / Operating system package or component

samba-ldb-ldap-debuginfo
Operating systems & Components / Operating system package or component

samba-debuginfo
Operating systems & Components / Operating system package or component

samba-test-debuginfo
Operating systems & Components / Operating system package or component

samba-libs
Operating systems & Components / Operating system package or component

samba-ldb-ldap
Operating systems & Components / Operating system package or component

samba-debugsource
Operating systems & Components / Operating system package or component

samba-ad-dc-libs-debuginfo
Operating systems & Components / Operating system package or component

samba-client-libs
Operating systems & Components / Operating system package or component

samba-winbind-libs
Operating systems & Components / Operating system package or component

samba-python3-debuginfo
Operating systems & Components / Operating system package or component

ctdb-debuginfo
Operating systems & Components / Operating system package or component

samba-gpupdate
Operating systems & Components / Operating system package or component

samba-client-libs-debuginfo
Operating systems & Components / Operating system package or component

libsamba-policy-devel
Operating systems & Components / Operating system package or component

samba-dsdb-modules
Operating systems & Components / Operating system package or component

ctdb
Operating systems & Components / Operating system package or component

samba-winbind
Operating systems & Components / Operating system package or component

samba-client
Operating systems & Components / Operating system package or component

libsamba-policy-python3-devel
Operating systems & Components / Operating system package or component

samba-dsdb-modules-debuginfo
Operating systems & Components / Operating system package or component

ctdb-pcp-pmda-debuginfo
Operating systems & Components / Operating system package or component

samba-ad-dc-debuginfo
Operating systems & Components / Operating system package or component

samba-devel
Operating systems & Components / Operating system package or component

Vendor SUSE

Security Bulletin

This security bulletin contains information about 4 vulnerabilities.

1) Out-of-bounds read

EUVDB-ID: #VU78577

Risk: Medium

CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-2127

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to sensitive information or perform denial of service (DoS) attack.

The vulnerability exists due to a boundary condition in winbindd_pam_auth_crap.c in winbind AUTH_CRAP when performing NTLM authentication. A remote attacker can trigger an out-of-bounds read error and gain access to sensitive information or crash the server.

Mitigation

Update the affected package samba to the latest version.

Vulnerable software versions

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Linux Enterprise Desktop 15: SP4

Basesystem Module: 15-SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

libsamba-policy0-python3-64bit: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-client-libs-64bit-debuginfo: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-libs-python3-64bit-debuginfo: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-client-64bit: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-ad-dc-libs-64bit-debuginfo: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-libs-64bit: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-client-libs-64bit: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-devel-64bit: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-winbind-libs-64bit: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-libs-python3-64bit: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-libs-64bit-debuginfo: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-client-64bit-debuginfo: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

libsamba-policy0-python3-64bit-debuginfo: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-ad-dc-libs-64bit: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-winbind-libs-64bit-debuginfo: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-ceph: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-ceph-debuginfo: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-doc: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-ad-dc-libs-32bit-debuginfo: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-devel-32bit: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

libsamba-policy0-python3-32bit-debuginfo: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-libs-python3-32bit-debuginfo: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-client-32bit-debuginfo: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-libs-32bit-debuginfo: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-client-32bit: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-winbind-libs-32bit: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-client-libs-32bit: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-client-libs-32bit-debuginfo: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-ad-dc-libs-32bit: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-winbind-libs-32bit-debuginfo: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-libs-python3-32bit: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-libs-32bit: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

libsamba-policy0-python3-32bit: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-python3: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-test: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-libs-python3-debuginfo: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-client-debuginfo: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-libs-python3: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

libsamba-policy0-python3-debuginfo: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-libs-debuginfo: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

libsamba-policy0-python3: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-tool: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-winbind-debuginfo: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

ctdb-pcp-pmda: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-ad-dc-libs: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-ad-dc: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-winbind-libs-debuginfo: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-ldb-ldap-debuginfo: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-debuginfo: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-test-debuginfo: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-libs: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-ldb-ldap: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-debugsource: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-ad-dc-libs-debuginfo: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-client-libs: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-winbind-libs: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-python3-debuginfo: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

ctdb-debuginfo: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-gpupdate: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-client-libs-debuginfo: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

libsamba-policy-devel: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-dsdb-modules: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

ctdb: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-winbind: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-client: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

libsamba-policy-python3-devel: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-dsdb-modules-debuginfo: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

ctdb-pcp-pmda-debuginfo: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-ad-dc-debuginfo: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-devel: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2023/suse-su-20232930-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Infinite loop

EUVDB-ID: #VU78574

Risk: Medium

CVSSv3.1: 4.6 [CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-34966

CWE-ID: CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to infinite loop when parsing Spotlight mdssvc RPC packets. A remote attacker can consume all available system resources and cause denial of service conditions on servers where Spotlight is explicitly enabled globally or on individual shares with "spotlight = yes".

Mitigation

Update the affected package samba to the latest version.

Vulnerable software versions

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Linux Enterprise Desktop 15: SP4

Basesystem Module: 15-SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

libsamba-policy0-python3-64bit: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-client-libs-64bit-debuginfo: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-libs-python3-64bit-debuginfo: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-client-64bit: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-ad-dc-libs-64bit-debuginfo: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-libs-64bit: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-client-libs-64bit: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-devel-64bit: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-winbind-libs-64bit: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-libs-python3-64bit: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-libs-64bit-debuginfo: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-client-64bit-debuginfo: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

libsamba-policy0-python3-64bit-debuginfo: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-ad-dc-libs-64bit: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-winbind-libs-64bit-debuginfo: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-ceph: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-ceph-debuginfo: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-doc: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-ad-dc-libs-32bit-debuginfo: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-devel-32bit: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

libsamba-policy0-python3-32bit-debuginfo: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-libs-python3-32bit-debuginfo: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-client-32bit-debuginfo: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-libs-32bit-debuginfo: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-client-32bit: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-winbind-libs-32bit: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-client-libs-32bit: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-client-libs-32bit-debuginfo: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-ad-dc-libs-32bit: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-winbind-libs-32bit-debuginfo: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-libs-python3-32bit: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-libs-32bit: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

libsamba-policy0-python3-32bit: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-python3: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-test: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-libs-python3-debuginfo: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-client-debuginfo: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-libs-python3: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

libsamba-policy0-python3-debuginfo: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-libs-debuginfo: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

libsamba-policy0-python3: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-tool: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-winbind-debuginfo: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

ctdb-pcp-pmda: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-ad-dc-libs: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-ad-dc: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-winbind-libs-debuginfo: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-ldb-ldap-debuginfo: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-debuginfo: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-test-debuginfo: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-libs: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-ldb-ldap: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-debugsource: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-ad-dc-libs-debuginfo: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-client-libs: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-winbind-libs: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-python3-debuginfo: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

ctdb-debuginfo: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-gpupdate: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-client-libs-debuginfo: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

libsamba-policy-devel: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-dsdb-modules: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

ctdb: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-winbind: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-client: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

libsamba-policy-python3-devel: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-dsdb-modules-debuginfo: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

ctdb-pcp-pmda-debuginfo: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-ad-dc-debuginfo: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-devel: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2023/suse-su-20232930-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Type Confusion

EUVDB-ID: #VU78575

Risk: Medium

CVSSv3.1: 5.7 [CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-34967

CWE-ID: CWE-843 - Type confusion

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a type confusion error when parsing Spotlight mdssvc RPC packets. A remote attacker can send specially crafted data to the server, trigger a type confusion error and crash the server.

Mitigation

Update the affected package samba to the latest version.

Vulnerable software versions

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Linux Enterprise Desktop 15: SP4

Basesystem Module: 15-SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

libsamba-policy0-python3-64bit: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-client-libs-64bit-debuginfo: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-libs-python3-64bit-debuginfo: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-client-64bit: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-ad-dc-libs-64bit-debuginfo: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-libs-64bit: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-client-libs-64bit: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-devel-64bit: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-winbind-libs-64bit: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-libs-python3-64bit: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-libs-64bit-debuginfo: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-client-64bit-debuginfo: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

libsamba-policy0-python3-64bit-debuginfo: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-ad-dc-libs-64bit: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-winbind-libs-64bit-debuginfo: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-ceph: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-ceph-debuginfo: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-doc: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-ad-dc-libs-32bit-debuginfo: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-devel-32bit: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

libsamba-policy0-python3-32bit-debuginfo: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-libs-python3-32bit-debuginfo: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-client-32bit-debuginfo: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-libs-32bit-debuginfo: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-client-32bit: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-winbind-libs-32bit: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-client-libs-32bit: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-client-libs-32bit-debuginfo: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-ad-dc-libs-32bit: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-winbind-libs-32bit-debuginfo: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-libs-python3-32bit: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-libs-32bit: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

libsamba-policy0-python3-32bit: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-python3: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-test: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-libs-python3-debuginfo: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-client-debuginfo: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-libs-python3: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

libsamba-policy0-python3-debuginfo: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-libs-debuginfo: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

libsamba-policy0-python3: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-tool: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-winbind-debuginfo: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

ctdb-pcp-pmda: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-ad-dc-libs: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-ad-dc: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-winbind-libs-debuginfo: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-ldb-ldap-debuginfo: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-debuginfo: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-test-debuginfo: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-libs: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-ldb-ldap: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-debugsource: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-ad-dc-libs-debuginfo: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-client-libs: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-winbind-libs: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-python3-debuginfo: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

ctdb-debuginfo: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-gpupdate: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-client-libs-debuginfo: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

libsamba-policy-devel: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-dsdb-modules: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

ctdb: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-winbind: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-client: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

libsamba-policy-python3-devel: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-dsdb-modules-debuginfo: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

ctdb-pcp-pmda-debuginfo: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-ad-dc-debuginfo: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-devel: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2023/suse-su-20232930-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) Information disclosure

EUVDB-ID: #VU78576

Risk: Low

CVSSv3.1: 3.8 [CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-34968

CWE-ID: CWE-200 - Information exposure

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to excessive data output by the application. A remote attacker can send a specially crafted RPC request to the server and obtain real server-side share path.

Mitigation

Update the affected package samba to the latest version.

Vulnerable software versions

openSUSE Leap Micro: 5.3 - 5.4

SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4

SUSE Linux Enterprise High Availability Extension 15: SP4

SUSE Linux Enterprise Micro: 5.3 - 5.4

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Linux Enterprise Desktop 15: SP4

Basesystem Module: 15-SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

libsamba-policy0-python3-64bit: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-client-libs-64bit-debuginfo: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-libs-python3-64bit-debuginfo: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-client-64bit: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-ad-dc-libs-64bit-debuginfo: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-libs-64bit: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-client-libs-64bit: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-devel-64bit: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-winbind-libs-64bit: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-libs-python3-64bit: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-libs-64bit-debuginfo: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-client-64bit-debuginfo: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

libsamba-policy0-python3-64bit-debuginfo: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-ad-dc-libs-64bit: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-winbind-libs-64bit-debuginfo: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-ceph: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-ceph-debuginfo: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-doc: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-ad-dc-libs-32bit-debuginfo: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-devel-32bit: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

libsamba-policy0-python3-32bit-debuginfo: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-libs-python3-32bit-debuginfo: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-client-32bit-debuginfo: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-libs-32bit-debuginfo: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-client-32bit: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-winbind-libs-32bit: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-client-libs-32bit: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-client-libs-32bit-debuginfo: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-ad-dc-libs-32bit: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-winbind-libs-32bit-debuginfo: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-libs-python3-32bit: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-libs-32bit: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

libsamba-policy0-python3-32bit: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-python3: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-test: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-libs-python3-debuginfo: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-client-debuginfo: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-libs-python3: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

libsamba-policy0-python3-debuginfo: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-libs-debuginfo: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

libsamba-policy0-python3: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-tool: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-winbind-debuginfo: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

ctdb-pcp-pmda: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-ad-dc-libs: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-ad-dc: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-winbind-libs-debuginfo: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-ldb-ldap-debuginfo: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-debuginfo: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-test-debuginfo: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-libs: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-ldb-ldap: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-debugsource: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-ad-dc-libs-debuginfo: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-client-libs: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-winbind-libs: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-python3-debuginfo: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

ctdb-debuginfo: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-gpupdate: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-client-libs-debuginfo: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

libsamba-policy-devel: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-dsdb-modules: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

ctdb: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-winbind: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-client: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

libsamba-policy-python3-devel: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-dsdb-modules-debuginfo: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

ctdb-pcp-pmda-debuginfo: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-ad-dc-debuginfo: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

samba-devel: before 4.15.13+git.663.9c654e06cdb-150400.3.28.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2023/suse-su-20232930-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###