#VU81867 Resource management error in Samba - CVE-2023-42670


Vulnerability identifier: #VU81867

Vulnerability risk: Medium

CVSSv4.0: 4.9 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2023-42670

CWE-ID: CWE-399

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
Samba
Server applications / Directory software, identity management

Vendor: Samba

Description

The vulnerability allows a remote user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper management of internal resources within the application when Samba RPC server is under load, which can lead to incorrect start of servers not built for the AD DC. A remote user can cause a high load to Samba RPC server and perform a denial of service (DoS) attack.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

Samba: 4.16.0 - 4.19.0

External links
https://www.samba.org/samba/security/CVE-2023-42670.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.


Latest bulletins with this vulnerability


SolarWinds Security Event Manager (SEM) update for third-party components
Gentoo update for Samba
Multiple vulnerabilities in QNAP QTS and QuTS hero
openEuler 22.03 LTS SP2 update for samba
openEuler 22.03 LTS SP1 update for samba
VMware Tanzu products update for Samba
Anolis OS update for samba
Ubuntu update for samba
Debian update for samba
Ubuntu update for samba