ArchLinux: 201712-1: samba: multiple issues
Summary
- CVE-2017-14746 (arbitrary code execution)
A use-after-free flaw was found in the way samba servers handled
certain SMB1 requests. An unauthenticated attacker could send
specially-crafted SMB1 requests to cause the server to crash or execute
arbitrary code.
- CVE-2017-15275 (information disclosure)
A memory disclosure flaw was found in samba. An attacker could retrieve
parts of server memory, which could contain potentially sensitive data,
by sending specially-crafted requests to the samba server.
Resolution
Upgrade to 4.7.3-1.
# pacman -Syu "samba>=4.7.3-1"
The problems have been fixed upstream in version 4.7.3.
References
https://www.samba.org/samba/security/CVE-2017-14746.html https://www.samba.org/samba/security/CVE-2017-15275.html https://security.archlinux.org/CVE-2017-14746 https://security.archlinux.org/CVE-2017-15275
![Dist Arch](/images/distros/dist-arch.png)
Workaround
It is possible to work around CVE-2017-14746 by disabling the SMB1protocol in the [global] section in smb.conf:server min protocol = SMB2