All Vulnerability Reports

USN-5174-2: Samba regression


Severity

Unknown

Vendor

VMware Tanzu

Versions Affected

  • Canonical Ubuntu 18.04

Description

USN-5174-1 fixed vulnerabilities in Samba. Some of the changes introduced a regression in Kerberos authentication in certain environments. Please see the following upstream bug for more information: https://bugzilla.samba.org/show_bug.cgi?id=14922 This update fixes the problem. Original advisory details: Stefan Metzmacher discovered that Samba incorrectly handled SMB1 client connections. A remote attacker could possibly use this issue to downgrade connections to plaintext authentication. (CVE-2016-2124) Andrew Bartlett discovered that Samba incorrectly mapping domain users to local users. An authenticated attacker could possibly use this issue to become root on domain members. (CVE-2020-25717) Andrew Bartlett discovered that Samba did not properly check sensitive attributes. An authenticated attacker could possibly use this issue to escalate privileges. (CVE-2020-25722) Joseph Sutton discovered that Samba incorrectly handled certain TGS requests. An authenticated attacker could possibly use this issue to cause Samba to crash, resulting in a denial of service. (CVE-2021-3671) The fix for CVE-2020-25717 results in possible behaviour changes that could affect certain environments. Please see the upstream advisory for more information: https://www.samba.org/samba/security/CVE-2020-25717.html

Affected VMware Products and Versions

Severity is unknown unless otherwise noted.

  • Isolation Segment
    • 2.7.x versions prior to 2.7.41
    • 2.10.x versions prior to 2.10.21
    • 2.11.x versions prior to 2.11.10
    • 2.12.x versions prior to 2.12.4
  • VMware Tanzu Application Service for VMs
    • 2.7.x versions prior to 2.7.46
    • 2.10.x versions prior to 2.10.26
    • 2.11.x versions prior to 2.11.14
    • 2.12.x versions prior to 2.12.7

Mitigation

Users of affected products are strongly encouraged to follow the mitigation below. On the Tanzu Network product page for each release, check the Depends On section and/or Release Notes for this information. Releases that have fixed this issue include:

  • Isolation Segment
    • 2.7.41
    • 2.10.21
    • 2.11.10
    • 2.12.4
  • VMware Tanzu Application Service for VMs
    • 2.7.46
    • 2.10.26
    • 2.11.14
    • 2.12.7

References

History

2022-03-17: Initial vulnerability report published.