Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 623
Alerts This Week
Warning Icon 1 623

Ubuntu 22.04: USN-5998-2 Major Samba Security Vulnerabilities

ubuntu
Calendar Grey November 11, 2021
Dist Ubuntu Esm H88
Significant vulnerabilities in Samba for Ubuntu have been highlighted in advisory USN-5142-1. It's essential to update immediately to reduce security threats.
Several security issues were fixed in Samba.

Summary

Several security issues were fixed in Samba.

Software Description:

- samba: SMB/CIFS file, print, and login server for Unix

Details:

Stefan Metzmacher discovered that Samba incorrectly handled SMB1 client

connections. A remote attacker could possibly use this issue to downgrade

connections to plaintext authentication. (CVE-2016-2124)

Andrew Bartlett discovered that Samba incorrectly mapping domain users to

local users. An authenticated attacker could possibly use this issue to

become root on domain members. (CVE-2020-25717)

Andrew Bartlett discovered that Samba did not correctly sandbox Kerberos

tickets issues by an RODC. An RODC could print administrator tickets,

contrary to expectations. (CVE-2020-25718)

Andrew Bartlett discovered that Samba incorrectly handled Kerberos tickets.

Delegated administrators could possibly use this issue to impersonate

accounts, leading to total domain compromise. (CVE-2020-25719)

Andrew Bartlett discovered that Samba di...

Read the Full Advisory

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 21.10:
  samba                           2:4.13.14+dfsg-0ubuntu0.21.10.1

Ubuntu 21.04:
  samba                           2:4.13.14+dfsg-0ubuntu0.21.04.1

Ubuntu 20.04 LTS:
  samba                           2:4.13.14+dfsg-0ubuntu0.20.04.1

This update uses a new upstream release, which includes additional bug
fixes. In general, a standard system update will make all the necessary
changes.

References

https://ubuntu.com/security/notices/USN-5142-1

CVE-2016-2124, CVE-2020-25717, CVE-2020-25718, CVE-2020-25719,

CVE-2020-25721, CVE-2020-25722, CVE-2021-23192, CVE-2021-3671,

CVE-2021-3738

Severity
critical
Lowest
Low
Medium
High
Critical

November 11, 2021

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.