Alerts This Week
Warning Icon 1 714
Alerts This Week
Warning Icon 1 714

Fedora 39: 2023-8c9251e479 Critical: Samba DoS and Security Fixes

fedora
Calendar Grey November 3, 2023
Dist Fedora Esm H88
The recent update for Samba 4.19.2 addresses various security vulnerabilities in Fedora 39. Ensure your systems remain protected and in accordance with compliance standards.
Update to version 4.19.2 ---- Update to version 4.19.1 - Security fixes for CVE-2023-3961, CVE-2023-4091, CVE-2023-4154, CVE-2023-42669 and CVE-2023-42670

Summary

Samba is the standard Windows interoperability suite of programs for Linux and

Unix.

Update Information:

Update to version 4.19.2 ---- Update to version 4.19.1 - Security fixes for CVE-2023-3961, CVE-2023-4091, CVE-2023-4154, CVE-2023-42669 and CVE-2023-42670

Topics%20covered

Topics Covered

security advisory fedora critical samba security fix dos

Change Log

* Mon Oct 16 2023 Guenther Deschner - 4.19.2-1 - resolves: #2244496 - Update to version 4.19.2 * Tue Oct 10 2023 Guenther Deschner - 4.19.1-1 - resolves: #2243073 - Update to version 4.19.1 - resolves: #2241881, #2243228: Security fix for CVE-2023-3961 - resolves: #2241882, #2243231: Security fix for CVE-2023-4091 - resolves: #2241883, #2243230: Security fix for CVE-2023-4154 - resolves: #2241884, #2243229: Security fix for CVE-2023-42669 - resolves: #2241885, #2243232: Security fix for CVE-2023-42670

References


[ 1 ] Bug #2241881 - CVE-2023-3961 samba: smbd allows client access to unix domain sockets on the file system as root https://bugzilla.redhat.com/show_bug.cgi?id=2241881 [ 2 ] Bug #2241882 - CVE-2023-4091 samba: SMB clients can truncate files with read-only permissions https://bugzilla.redhat.com/show_bug.cgi?id=2241882 [ 3 ] Bug #2241883 - CVE-2023-4154 samba: AD DC password exposure to privileged users and RODCs https://bugzilla.redhat.com/show_bug.cgi?id=2241883 [ 4 ] Bug #2241884 - CVE-2023-42669 samba: "rpcecho" development server allows denial of service via sleep() call on AD DC https://bugzilla.redhat.com/show_bug.cgi?id=2241884 [ 5 ] Bug #2241885 - CVE-2023-42670 samba: AD DC Busy RPC multiple listener DoS https://bugzilla.redhat.com/show_bug.cgi?id=2241885

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2023-8c9251e479' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html

Severity
critical
Lowest
Low
Medium
High
Critical

Name: samba
Product: Fedora 39
Version: 4.19.2
Release: 1.fc39
URL:
Summary: Server and Client software to interoperate with Windows machines

Topics%20covered

Topics Covered

security advisory fedora critical samba security fix dos

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here