Resource management error in Samba

#VU66202 Resource management error in Samba

Published: 2022-08-09

Vulnerability identifier: #VU66202

Vulnerability risk: Low

CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-3670

CWE-ID: CWE-399

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
Samba
Server applications / Directory software, identity management

Vendor: Samba

Description

The vulnerability allows a remote user to perform a denial of service (DoS) attack.

The vulnerability exists due to Samba AD DC LDAP does not honor the MaxQueryDuration option when handling LDAP requests. A remote user can execute heavy queries and perform a denial of service (DoS) attack.

Mitigation
Vendor does not consider this a security vulnerability and recommends to follow general hardening rules to avoid similar attack vectors.

Vulnerable software versions

Samba: 4.14.3

External links
http://bugzilla.samba.org/show_bug.cgi?id=14694
http://gitlab.com/samba-team/samba/-/commit/1d5b155619bc532c46932965b215bd73a920e56f

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Gentoo update for Samba

Ubuntu update for samba

SUSE update for ldb, samba

openEuler update for samba

SUSE update for ldb