Ubuntu 23.04: USN-6425-1 Critical Samba Remote Access Threats

A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 23.04 - Ubuntu 22.04 LTS - Ubuntu 20.04 LTS Summary: Several security issues were fixed in Samba. Software Description: - samba: SMB/CIFS file, print, and login server for Unix Details: Sri Nagasubramanian discovered that the Samba acl_xattr VFS module incorrectly handled read-only files. When Samba is configured to ignore system ACLs, a remote attacker could possibly use this issue to truncate read-only files. (CVE-2023-4091) Andrew Bartlett discovered that Samba incorrectly handled the DirSync control. A remote attacker with an RODC DC account could possibly use this issue to obtain all domain secrets. (CVE-2023-4154) Andrew Bartlett discovered that Samba incorrectly handled the rpcecho development server. A remote attacker could possibly use this issue to cause Samba to stop responding, resulting in a denial of service. (CVE-2023-42669) Kirin van der Veer discov...