Main Vulnerability Database SB2023032969

SB2023032969 - SUSE update for ldb, samba

Published: March 29, 2023

Security Bulletin ID SB2023032969

CSH Severity

Medium

Patch available

YES

Number of vulnerabilities 4

Exploitation vector Adjecent network

Highest impact Information disclosure

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 4 vulnerabilities.

1) Use-after-free (CVE-ID: CVE-2022-32746)

CWE-ID: CWE-416 - Use After Free

CVSSv4: CVSS:4.0/AV:A/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear

The vulnerability allows a remote user to perform a denial of service (DoS) attack.

The vulnerability exists due to a use-after-free error when handling LDAP requests. A remote user with ability to edit privileged properties, such as userAccountControl, can send a specially crafted LDAP request to the server, trigger a use-after-free error and perform a denial of service (DoS) attack.

2) Permissions, Privileges, and Access Controls (CVE-ID: CVE-2023-0225)

CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls

CVSSv4: CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear

The vulnerability allows a remote user to delete certain attributes.

The vulnerability exists due to improper access restrictions. A remote unprivileged user can delete the "dnsHostname" attribute.

3) Improper access control (CVE-ID: CVE-2023-0614)

CWE-ID: CWE-284 - Improper Access Control

CVSSv4: CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Green

The vulnerability allows a remote user to gain gain access to sensitive information.

The vulnerability exists due to insufficient patch for vulnerability #VU14335 (CVE-2018-10919). A remote user can bypass implemented security restrictions and gain access to sensitive information.

4) Cleartext transmission of sensitive information (CVE-ID: CVE-2023-0922)

CWE-ID: CWE-319 - Cleartext Transmission of Sensitive Information

CVSSv4: CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear

The vulnerability allows a remote attacker to gain access to sensitive information.

The vulnerability exists due to samba-tool transmits credentials to the LDAP server in clear text. A remote attacker with ability to intercept network traffic can gain access to sensitive data.

Remediation

Install update from vendor's website.

References

https://www.suse.com/support/update/announcement/2023/suse-su-20231689-1/

Vulnerable Software

SUSE Linux Enterprise Desktop 15: SP4
SUSE Linux Enterprise High Availability Extension 15: SP4
SUSE Linux Enterprise High Performance Computing 15: SP4
SUSE Linux Enterprise Real Time 15: SP4
SUSE Linux Enterprise Server 15: SP4
SUSE Linux Enterprise Server for SAP Applications 15: SP4
SUSE Manager Proxy: 4.3
SUSE Manager Retail Branch Server: 4.3
SUSE Manager Server: 4.3
openSUSE Leap Micro: 5.3
SUSE Linux Enterprise Micro: 5.3 - 5.4
SUSE Linux Enterprise Micro for Rancher: 5.3 - 5.4
Basesystem Module: 15-SP4
openSUSE Leap: 15.4
python3-ldb: before 2.4.4-150400.4.11.1
python3-ldb-32bit: before 2.4.4-150400.4.11.1
python3-ldb-32bit-debuginfo: before 2.4.4-150400.4.11.1
libldb-devel: before 2.4.4-150400.4.11.1
python3-ldb-debuginfo: before 2.4.4-150400.4.11.1
python3-ldb-devel: before 2.4.4-150400.4.11.1
libldb2-32bit: before 2.4.4-150400.4.11.1
libldb2: before 2.4.4-150400.4.11.1
ldb-tools: before 2.4.4-150400.4.11.1
ldb-debugsource: before 2.4.4-150400.4.11.1
libldb2-32bit-debuginfo: before 2.4.4-150400.4.11.1
ldb-tools-debuginfo: before 2.4.4-150400.4.11.1
libldb2-debuginfo: before 2.4.4-150400.4.11.1
samba-ad-dc-debuginfo: before 4.15.13+git.636.53d93c5b9d6-150400.3.23.1
samba-ldb-ldap: before 4.15.13+git.636.53d93c5b9d6-150400.3.23.1
samba-devel-32bit: before 4.15.13+git.636.53d93c5b9d6-150400.3.23.1
ctdb-debuginfo: before 4.15.13+git.636.53d93c5b9d6-150400.3.23.1
samba-libs-python3-debuginfo: before 4.15.13+git.636.53d93c5b9d6-150400.3.23.1
ctdb-pcp-pmda: before 4.15.13+git.636.53d93c5b9d6-150400.3.23.1
samba-client-libs-32bit: before 4.15.13+git.636.53d93c5b9d6-150400.3.23.1
samba-ad-dc-libs-32bit: before 4.15.13+git.636.53d93c5b9d6-150400.3.23.1
libsamba-policy-devel: before 4.15.13+git.636.53d93c5b9d6-150400.3.23.1
samba-libs-32bit: before 4.15.13+git.636.53d93c5b9d6-150400.3.23.1
samba-python3-debuginfo: before 4.15.13+git.636.53d93c5b9d6-150400.3.23.1
libsamba-policy0-python3-32bit-debuginfo: before 4.15.13+git.636.53d93c5b9d6-150400.3.23.1
samba-client-32bit: before 4.15.13+git.636.53d93c5b9d6-150400.3.23.1
samba-ad-dc-libs-32bit-debuginfo: before 4.15.13+git.636.53d93c5b9d6-150400.3.23.1
ctdb: before 4.15.13+git.636.53d93c5b9d6-150400.3.23.1
samba-client-32bit-debuginfo: before 4.15.13+git.636.53d93c5b9d6-150400.3.23.1
samba-winbind-libs-32bit: before 4.15.13+git.636.53d93c5b9d6-150400.3.23.1
samba-winbind-libs-32bit-debuginfo: before 4.15.13+git.636.53d93c5b9d6-150400.3.23.1
samba-client-libs-32bit-debuginfo: before 4.15.13+git.636.53d93c5b9d6-150400.3.23.1
samba-libs-32bit-debuginfo: before 4.15.13+git.636.53d93c5b9d6-150400.3.23.1
libsamba-policy0-python3-32bit: before 4.15.13+git.636.53d93c5b9d6-150400.3.23.1
samba-libs-python3-32bit-debuginfo: before 4.15.13+git.636.53d93c5b9d6-150400.3.23.1
samba-libs-python3-32bit: before 4.15.13+git.636.53d93c5b9d6-150400.3.23.1
samba-ceph: before 4.15.13+git.636.53d93c5b9d6-150400.3.23.1
samba-ceph-debuginfo: before 4.15.13+git.636.53d93c5b9d6-150400.3.23.1
samba-doc: before 4.15.13+git.636.53d93c5b9d6-150400.3.23.1
libsamba-policy0-python3-debuginfo: before 4.15.13+git.636.53d93c5b9d6-150400.3.23.1
samba-debugsource: before 4.15.13+git.636.53d93c5b9d6-150400.3.23.1
samba-client-libs-debuginfo: before 4.15.13+git.636.53d93c5b9d6-150400.3.23.1
samba-debuginfo: before 4.15.13+git.636.53d93c5b9d6-150400.3.23.1
samba-libs-debuginfo: before 4.15.13+git.636.53d93c5b9d6-150400.3.23.1
samba-client-libs: before 4.15.13+git.636.53d93c5b9d6-150400.3.23.1
samba-ad-dc-libs: before 4.15.13+git.636.53d93c5b9d6-150400.3.23.1
samba-winbind-debuginfo: before 4.15.13+git.636.53d93c5b9d6-150400.3.23.1
samba-client-debuginfo: before 4.15.13+git.636.53d93c5b9d6-150400.3.23.1
samba-ad-dc-libs-debuginfo: before 4.15.13+git.636.53d93c5b9d6-150400.3.23.1
samba-devel: before 4.15.13+git.636.53d93c5b9d6-150400.3.23.1
ctdb-pcp-pmda-debuginfo: before 4.15.13+git.636.53d93c5b9d6-150400.3.23.1
samba-tool: before 4.15.13+git.636.53d93c5b9d6-150400.3.23.1
samba-dsdb-modules-debuginfo: before 4.15.13+git.636.53d93c5b9d6-150400.3.23.1
samba-winbind-libs: before 4.15.13+git.636.53d93c5b9d6-150400.3.23.1
samba-test: before 4.15.13+git.636.53d93c5b9d6-150400.3.23.1
libsamba-policy-python3-devel: before 4.15.13+git.636.53d93c5b9d6-150400.3.23.1
samba-client: before 4.15.13+git.636.53d93c5b9d6-150400.3.23.1
samba-winbind-libs-debuginfo: before 4.15.13+git.636.53d93c5b9d6-150400.3.23.1
samba-python3: before 4.15.13+git.636.53d93c5b9d6-150400.3.23.1
samba-gpupdate: before 4.15.13+git.636.53d93c5b9d6-150400.3.23.1
samba-ad-dc: before 4.15.13+git.636.53d93c5b9d6-150400.3.23.1
samba-ldb-ldap-debuginfo: before 4.15.13+git.636.53d93c5b9d6-150400.3.23.1
samba-dsdb-modules: before 4.15.13+git.636.53d93c5b9d6-150400.3.23.1
libsamba-policy0-python3: before 4.15.13+git.636.53d93c5b9d6-150400.3.23.1
samba-libs-python3: before 4.15.13+git.636.53d93c5b9d6-150400.3.23.1
samba-test-debuginfo: before 4.15.13+git.636.53d93c5b9d6-150400.3.23.1
samba-libs: before 4.15.13+git.636.53d93c5b9d6-150400.3.23.1
samba: before 4.15.13+git.636.53d93c5b9d6-150400.3.23.1
samba-winbind: before 4.15.13+git.636.53d93c5b9d6-150400.3.23.1

SB2023032969 - SUSE update for ldb, samba

Breakdown by Severity

Description

Remediation

References

Please verify you're human