SUSE: 2022:2582-1 important: samba | LinuxSecurity.com

Advisories

What Are You Looking For?

Popular Tags

Contribute

Advisories This Week: 235


   SUSE Security Update: Security update for samba
______________________________________________________________________________

Announcement ID:    SUSE-SU-2022:2582-1
Rating:             important
References:         #1198255 #1199247 #1199734 #1200556 #1200964 
                    #1201490 #1201492 #1201493 #1201495 #1201496 
                    
Cross-References:   CVE-2022-2031 CVE-2022-32742 CVE-2022-32744
                    CVE-2022-32745 CVE-2022-32746
CVSS scores:
                    CVE-2022-32744 (SUSE): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
                    CVE-2022-32745 (SUSE): 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L
                    CVE-2022-32746 (SUSE): 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L

Affected Products:
                    SUSE Linux Enterprise High Availability 12-SP5
                    SUSE Linux Enterprise High Performance Computing 12-SP5
                    SUSE Linux Enterprise Server 12-SP5
                    SUSE Linux Enterprise Server for SAP Applications 12-SP5
                    SUSE Linux Enterprise Software Development Kit 12-SP5
______________________________________________________________________________

   An update that solves 5 vulnerabilities and has 5 fixes is
   now available.

Description:

   This update for samba fixes the following issues:

   - CVE-2022-32746: Fixed a use-after-free occurring in database audit
     logging (bsc#1201490).
   - CVE-2022-32745: Fixed a remote server crash with an LDAP add or modify
     request (bsc#1201492).
   - CVE-2022-2031: Fixed AD restrictions bypass associated with changing
     passwords (bsc#1201495).
   - CVE-2022-32742: Fixed a memory leak in SMB1 (bsc#1201496).
   - CVE-2022-32744: Fixed an arbitrary password change request for any AD
     user (bsc#1201493).

   The following non-security bugs were fixed:

   - netgroups support removed; (bso#15087); (bsc#1199247).
   - net ads info shows LDAP Server: 0.0.0.0 depending on contacted server;
     (bso#14674); (bsc#1199734).
   - smbclient commands del and deltree fail with
     NT_STATUS_OBJECT_PATH_NOT_FOUND with DFS; (bso#15100); (bsc#1200556).
   - move pdb backends from package samba-libs to package samba-client-libs
     and remove samba-libs requirement from samba-winbind; (bsc#1200964);
     (bsc#1198255);


Patch Instructions:

   To install this SUSE Security Update use the SUSE recommended installation methods
   like YaST online_update or "zypper patch".

   Alternatively you can run the command listed for your product:

   - SUSE Linux Enterprise Software Development Kit 12-SP5:

      zypper in -t patch SUSE-SLE-SDK-12-SP5-2022-2582=1

   - SUSE Linux Enterprise Server 12-SP5:

      zypper in -t patch SUSE-SLE-SERVER-12-SP5-2022-2582=1

   - SUSE Linux Enterprise High Availability 12-SP5:

      zypper in -t patch SUSE-SLE-HA-12-SP5-2022-2582=1



Package List:

   - SUSE Linux Enterprise Software Development Kit 12-SP5 (aarch64 ppc64le s390x x86_64):

      libsamba-policy-devel-4.15.8+git.462.e73f4310487-3.68.1
      libsamba-policy-python3-devel-4.15.8+git.462.e73f4310487-3.68.1
      samba-debuginfo-4.15.8+git.462.e73f4310487-3.68.1
      samba-debugsource-4.15.8+git.462.e73f4310487-3.68.1
      samba-devel-4.15.8+git.462.e73f4310487-3.68.1

   - SUSE Linux Enterprise Software Development Kit 12-SP5 (s390x x86_64):

      samba-devel-32bit-4.15.8+git.462.e73f4310487-3.68.1

   - SUSE Linux Enterprise Server 12-SP5 (aarch64 ppc64le s390x x86_64):

      libsamba-policy0-python3-4.15.8+git.462.e73f4310487-3.68.1
      libsamba-policy0-python3-debuginfo-4.15.8+git.462.e73f4310487-3.68.1
      samba-4.15.8+git.462.e73f4310487-3.68.1
      samba-client-4.15.8+git.462.e73f4310487-3.68.1
      samba-client-debuginfo-4.15.8+git.462.e73f4310487-3.68.1
      samba-client-libs-4.15.8+git.462.e73f4310487-3.68.1
      samba-client-libs-debuginfo-4.15.8+git.462.e73f4310487-3.68.1
      samba-debuginfo-4.15.8+git.462.e73f4310487-3.68.1
      samba-debugsource-4.15.8+git.462.e73f4310487-3.68.1
      samba-ldb-ldap-4.15.8+git.462.e73f4310487-3.68.1
      samba-ldb-ldap-debuginfo-4.15.8+git.462.e73f4310487-3.68.1
      samba-libs-4.15.8+git.462.e73f4310487-3.68.1
      samba-libs-debuginfo-4.15.8+git.462.e73f4310487-3.68.1
      samba-libs-python3-4.15.8+git.462.e73f4310487-3.68.1
      samba-libs-python3-debuginfo-4.15.8+git.462.e73f4310487-3.68.1
      samba-python3-4.15.8+git.462.e73f4310487-3.68.1
      samba-python3-debuginfo-4.15.8+git.462.e73f4310487-3.68.1
      samba-tool-4.15.8+git.462.e73f4310487-3.68.1
      samba-winbind-4.15.8+git.462.e73f4310487-3.68.1
      samba-winbind-debuginfo-4.15.8+git.462.e73f4310487-3.68.1
      samba-winbind-libs-4.15.8+git.462.e73f4310487-3.68.1
      samba-winbind-libs-debuginfo-4.15.8+git.462.e73f4310487-3.68.1

   - SUSE Linux Enterprise Server 12-SP5 (s390x x86_64):

      libsamba-policy0-python3-32bit-4.15.8+git.462.e73f4310487-3.68.1
      libsamba-policy0-python3-debuginfo-32bit-4.15.8+git.462.e73f4310487-3.68.1
      samba-client-32bit-4.15.8+git.462.e73f4310487-3.68.1
      samba-client-debuginfo-32bit-4.15.8+git.462.e73f4310487-3.68.1
      samba-client-libs-32bit-4.15.8+git.462.e73f4310487-3.68.1
      samba-client-libs-debuginfo-32bit-4.15.8+git.462.e73f4310487-3.68.1
      samba-libs-32bit-4.15.8+git.462.e73f4310487-3.68.1
      samba-libs-debuginfo-32bit-4.15.8+git.462.e73f4310487-3.68.1
      samba-libs-python3-32bit-4.15.8+git.462.e73f4310487-3.68.1
      samba-libs-python3-debuginfo-32bit-4.15.8+git.462.e73f4310487-3.68.1
      samba-winbind-libs-32bit-4.15.8+git.462.e73f4310487-3.68.1
      samba-winbind-libs-debuginfo-32bit-4.15.8+git.462.e73f4310487-3.68.1

   - SUSE Linux Enterprise Server 12-SP5 (aarch64):

      samba-devel-4.15.8+git.462.e73f4310487-3.68.1

   - SUSE Linux Enterprise Server 12-SP5 (ppc64le):

      libsamba-policy-python3-devel-4.15.8+git.462.e73f4310487-3.68.1

   - SUSE Linux Enterprise Server 12-SP5 (noarch):

      samba-doc-4.15.8+git.462.e73f4310487-3.68.1

   - SUSE Linux Enterprise High Availability 12-SP5 (ppc64le s390x x86_64):

      ctdb-4.15.8+git.462.e73f4310487-3.68.1
      ctdb-debuginfo-4.15.8+git.462.e73f4310487-3.68.1
      samba-debuginfo-4.15.8+git.462.e73f4310487-3.68.1
      samba-debugsource-4.15.8+git.462.e73f4310487-3.68.1


References:

   https://www.suse.com/security/cve/CVE-2022-2031.html
   https://www.suse.com/security/cve/CVE-2022-32742.html
   https://www.suse.com/security/cve/CVE-2022-32744.html
   https://www.suse.com/security/cve/CVE-2022-32745.html
   https://www.suse.com/security/cve/CVE-2022-32746.html
   https://bugzilla.suse.com/1198255
   https://bugzilla.suse.com/1199247
   https://bugzilla.suse.com/1199734
   https://bugzilla.suse.com/1200556
   https://bugzilla.suse.com/1200964
   https://bugzilla.suse.com/1201490
   https://bugzilla.suse.com/1201492
   https://bugzilla.suse.com/1201493
   https://bugzilla.suse.com/1201495
   https://bugzilla.suse.com/1201496

SUSE: 2022:2582-1 important: samba

July 29, 2022
An update that solves 5 vulnerabilities and has 5 fixes is now available

Summary

This update for samba fixes the following issues: - CVE-2022-32746: Fixed a use-after-free occurring in database audit logging (bsc#1201490). - CVE-2022-32745: Fixed a remote server crash with an LDAP add or modify request (bsc#1201492). - CVE-2022-2031: Fixed AD restrictions bypass associated with changing passwords (bsc#1201495). - CVE-2022-32742: Fixed a memory leak in SMB1 (bsc#1201496). - CVE-2022-32744: Fixed an arbitrary password change request for any AD user (bsc#1201493). The following non-security bugs were fixed: - netgroups support removed; (bso#15087); (bsc#1199247). - net ads info shows LDAP Server: 0.0.0.0 depending on contacted server; (bso#14674); (bsc#1199734). - smbclient commands del and deltree fail with NT_STATUS_OBJECT_PATH_NOT_FOUND with DFS; (bso#15100); (bsc#1200556). - move pdb backends from package samba-libs to package samba-client-libs and remove samba-libs requirement from samba-winbind; (bsc#1200964); (bsc#1198255); Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12-SP5: zypper in -t patch SUSE-SLE-SDK-12-SP5-2022-2582=1 - SUSE Linux Enterprise Server 12-SP5: zypper in -t patch SUSE-SLE-SERVER-12-SP5-2022-2582=1 - SUSE Linux Enterprise High Availability 12-SP5: zypper in -t patch SUSE-SLE-HA-12-SP5-2022-2582=1 Package List: - SUSE Linux Enterprise Software Development Kit 12-SP5 (aarch64 ppc64le s390x x86_64): libsamba-policy-devel-4.15.8+git.462.e73f4310487-3.68.1 libsamba-policy-python3-devel-4.15.8+git.462.e73f4310487-3.68.1 samba-debuginfo-4.15.8+git.462.e73f4310487-3.68.1 samba-debugsource-4.15.8+git.462.e73f4310487-3.68.1 samba-devel-4.15.8+git.462.e73f4310487-3.68.1 - SUSE Linux Enterprise Software Development Kit 12-SP5 (s390x x86_64): samba-devel-32bit-4.15.8+git.462.e73f4310487-3.68.1 - SUSE Linux Enterprise Server 12-SP5 (aarch64 ppc64le s390x x86_64): libsamba-policy0-python3-4.15.8+git.462.e73f4310487-3.68.1 libsamba-policy0-python3-debuginfo-4.15.8+git.462.e73f4310487-3.68.1 samba-4.15.8+git.462.e73f4310487-3.68.1 samba-client-4.15.8+git.462.e73f4310487-3.68.1 samba-client-debuginfo-4.15.8+git.462.e73f4310487-3.68.1 samba-client-libs-4.15.8+git.462.e73f4310487-3.68.1 samba-client-libs-debuginfo-4.15.8+git.462.e73f4310487-3.68.1 samba-debuginfo-4.15.8+git.462.e73f4310487-3.68.1 samba-debugsource-4.15.8+git.462.e73f4310487-3.68.1 samba-ldb-ldap-4.15.8+git.462.e73f4310487-3.68.1 samba-ldb-ldap-debuginfo-4.15.8+git.462.e73f4310487-3.68.1 samba-libs-4.15.8+git.462.e73f4310487-3.68.1 samba-libs-debuginfo-4.15.8+git.462.e73f4310487-3.68.1 samba-libs-python3-4.15.8+git.462.e73f4310487-3.68.1 samba-libs-python3-debuginfo-4.15.8+git.462.e73f4310487-3.68.1 samba-python3-4.15.8+git.462.e73f4310487-3.68.1 samba-python3-debuginfo-4.15.8+git.462.e73f4310487-3.68.1 samba-tool-4.15.8+git.462.e73f4310487-3.68.1 samba-winbind-4.15.8+git.462.e73f4310487-3.68.1 samba-winbind-debuginfo-4.15.8+git.462.e73f4310487-3.68.1 samba-winbind-libs-4.15.8+git.462.e73f4310487-3.68.1 samba-winbind-libs-debuginfo-4.15.8+git.462.e73f4310487-3.68.1 - SUSE Linux Enterprise Server 12-SP5 (s390x x86_64): libsamba-policy0-python3-32bit-4.15.8+git.462.e73f4310487-3.68.1 libsamba-policy0-python3-debuginfo-32bit-4.15.8+git.462.e73f4310487-3.68.1 samba-client-32bit-4.15.8+git.462.e73f4310487-3.68.1 samba-client-debuginfo-32bit-4.15.8+git.462.e73f4310487-3.68.1 samba-client-libs-32bit-4.15.8+git.462.e73f4310487-3.68.1 samba-client-libs-debuginfo-32bit-4.15.8+git.462.e73f4310487-3.68.1 samba-libs-32bit-4.15.8+git.462.e73f4310487-3.68.1 samba-libs-debuginfo-32bit-4.15.8+git.462.e73f4310487-3.68.1 samba-libs-python3-32bit-4.15.8+git.462.e73f4310487-3.68.1 samba-libs-python3-debuginfo-32bit-4.15.8+git.462.e73f4310487-3.68.1 samba-winbind-libs-32bit-4.15.8+git.462.e73f4310487-3.68.1 samba-winbind-libs-debuginfo-32bit-4.15.8+git.462.e73f4310487-3.68.1 - SUSE Linux Enterprise Server 12-SP5 (aarch64): samba-devel-4.15.8+git.462.e73f4310487-3.68.1 - SUSE Linux Enterprise Server 12-SP5 (ppc64le): libsamba-policy-python3-devel-4.15.8+git.462.e73f4310487-3.68.1 - SUSE Linux Enterprise Server 12-SP5 (noarch): samba-doc-4.15.8+git.462.e73f4310487-3.68.1 - SUSE Linux Enterprise High Availability 12-SP5 (ppc64le s390x x86_64): ctdb-4.15.8+git.462.e73f4310487-3.68.1 ctdb-debuginfo-4.15.8+git.462.e73f4310487-3.68.1 samba-debuginfo-4.15.8+git.462.e73f4310487-3.68.1 samba-debugsource-4.15.8+git.462.e73f4310487-3.68.1

References

#1198255 #1199247 #1199734 #1200556 #1200964

#1201490 #1201492 #1201493 #1201495 #1201496

Cross- CVE-2022-2031 CVE-2022-32742 CVE-2022-32744

CVE-2022-32745 CVE-2022-32746

CVSS scores:

CVE-2022-32744 (SUSE): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CVE-2022-32745 (SUSE): 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L

CVE-2022-32746 (SUSE): 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L

Affected Products:

SUSE Linux Enterprise High Availability 12-SP5

SUSE Linux Enterprise High Performance Computing 12-SP5

SUSE Linux Enterprise Server 12-SP5

SUSE Linux Enterprise Server for SAP Applications 12-SP5

SUSE Linux Enterprise Software Development Kit 12-SP5

https://www.suse.com/security/cve/CVE-2022-2031.html

https://www.suse.com/security/cve/CVE-2022-32742.html

https://www.suse.com/security/cve/CVE-2022-32744.html

https://www.suse.com/security/cve/CVE-2022-32745.html

https://www.suse.com/security/cve/CVE-2022-32746.html

https://bugzilla.suse.com/1198255

https://bugzilla.suse.com/1199247

https://bugzilla.suse.com/1199734

https://bugzilla.suse.com/1200556

https://bugzilla.suse.com/1200964

https://bugzilla.suse.com/1201490

https://bugzilla.suse.com/1201492

https://bugzilla.suse.com/1201493

https://bugzilla.suse.com/1201495

https://bugzilla.suse.com/1201496

Severity
Announcement ID: SUSE-SU-2022:2582-1
Rating: important

News

Advisories

HOWTOs

Features

Open Source OSINT Tools and Techniques
The Story Behind the Linux Security Quick Reference Guide
Benefits & Drawbacks of Using a VPN on Linux
How a WAF Could Improve the Security of Your Linux Web Applications
Installing SurfShark VPN On Kali Linux: The Authoritative Guide

About Us

Powered By

Footer Logo

We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy. 

Learn More About Our Cookie Policy