Red Hat Enterprise Linux 8.4 update for samba



Published: 2022-01-04 | Updated: 2022-03-22
Risk High
Patch available YES
Number of vulnerabilities 3
CVE-ID CVE-2020-25717
CVE-2021-23192
CVE-2016-2124
CWE-ID CWE-264
CWE-20
CWE-284
Exploitation vector Network
Public exploit N/A
Vulnerable software
Subscribe
samba (Red Hat package)
Operating systems & Components / Operating system package or component

Red Hat Enterprise Linux Server for x86_64 - Update Services for SAP Solutions
Operating systems & Components / Operating system package or component

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions
Operating systems & Components / Operating system package or component

Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support
Operating systems & Components / Operating system

Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support
Operating systems & Components / Operating system

Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support
Operating systems & Components / Operating system

Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support
Operating systems & Components / Operating system

Red Hat Enterprise Linux Server - TUS
Operating systems & Components / Operating system

Red Hat Enterprise Linux for Power, little endian - Extended Update Support
Operating systems & Components / Operating system

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support
Operating systems & Components / Operating system

Red Hat Enterprise Linux Server - AUS
Operating systems & Components / Operating system

Red Hat Enterprise Linux for x86_64 - Extended Update Support
Operating systems & Components / Operating system

Red Hat Enterprise Linux for ARM 64 - Extended Update Support
Operating systems & Components / Operating system

Vendor Red Hat Inc.

Security Bulletin

This security bulletin contains information about 3 vulnerabilities.

1) Permissions, Privileges, and Access Controls

EUVDB-ID: #VU58097

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2020-25717

CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls

Exploit availability: No

Description

The vulnerability allows a remote attacker to escalate privileges on the system.

The vulnerability exists due to the Windows Active Directory (AD) domains have by default a feature to allow users to create computer accounts. A remote authenticated attacker can create such account with elevated privileges on the system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

samba (Red Hat package): 4.13.3-5.el8_4

Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support: 8.4

Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support: 8.4

Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support: 8.4

Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support: 8.4

Red Hat Enterprise Linux Server for x86_64 - Update Services for SAP Solutions: 8.4

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions: 8.4

Red Hat Enterprise Linux Server - TUS: 8.4

Red Hat Enterprise Linux for Power, little endian - Extended Update Support: 8.4

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support: 8.4

Red Hat Enterprise Linux Server - AUS: 8.4

Red Hat Enterprise Linux for x86_64 - Extended Update Support: 8.4

Red Hat Enterprise Linux for ARM 64 - Extended Update Support: 8.4


CPE2.3 External links

http://access.redhat.com/errata/RHSA-2022:0008

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

2) Input validation error

EUVDB-ID: #VU58091

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2021-23192

CWE-ID: CWE-20 - Improper Input Validation

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise the target system.

The vulnerability exists due to the DCE/RPC fragment injection issue. A remote attacker can replace subsequent fragments in requests with their own data and alter the server behavior.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

samba (Red Hat package): 4.13.3-5.el8_4

Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support: 8.4

Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support: 8.4

Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support: 8.4

Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support: 8.4

Red Hat Enterprise Linux Server for x86_64 - Update Services for SAP Solutions: 8.4

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions: 8.4

Red Hat Enterprise Linux Server - TUS: 8.4

Red Hat Enterprise Linux for Power, little endian - Extended Update Support: 8.4

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support: 8.4

Red Hat Enterprise Linux Server - AUS: 8.4

Red Hat Enterprise Linux for x86_64 - Extended Update Support: 8.4

Red Hat Enterprise Linux for ARM 64 - Extended Update Support: 8.4


CPE2.3 External links

http://access.redhat.com/errata/RHSA-2022:0008

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

3) Improper access control

EUVDB-ID: #VU58098

Risk: High

CVSSv3.1:

CVE-ID: CVE-2016-2124

CWE-ID: CWE-284 - Improper Access Control

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain unauthorized access to otherwise restricted functionality.

The vulnerability exists due to SMB1 client connections can be downgraded to plaintext authentication. A remote attacker can perform a man-in-the-middle attack and downgrade a negotiated SMB1 client connection and its capabitilities.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

samba (Red Hat package): 4.13.3-5.el8_4

Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support: 8.4

Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support: 8.4

Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support: 8.4

Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support: 8.4

Red Hat Enterprise Linux Server for x86_64 - Update Services for SAP Solutions: 8.4

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions: 8.4

Red Hat Enterprise Linux Server - TUS: 8.4

Red Hat Enterprise Linux for Power, little endian - Extended Update Support: 8.4

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support: 8.4

Red Hat Enterprise Linux Server - AUS: 8.4

Red Hat Enterprise Linux for x86_64 - Extended Update Support: 8.4

Red Hat Enterprise Linux for ARM 64 - Extended Update Support: 8.4


CPE2.3 External links

http://access.redhat.com/errata/RHSA-2022:0008

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?



###SIDEBAR###