USN-7582-1 introduced a regression in Samba.
Software Description:
- samba: SMB/CIFS file, print, and login server for Unix
Details:
USN-7582-1 fixed vulnerabilities in Samba. The update introduced a
regression. This update fixes the problem.
We apologize for the inconvenience.
Original advisory details:
Evgeny Legerov discovered that Samba incorrectly handled buffers in
certain GSSAPI routines of Heimdal. A remote attacker could possibly use
this issue to cause Samba to crash, resulting in a denial of service.
(CVE-2022-3437)
Greg Hudson discovered that Samba incorrectly handled PAC parsing. On
32-bit systems, a remote attacker could use this issue to escalate
privileges, or possibly execute arbitrary code. (CVE-2022-42898)
Joseph Sutton discovered that Samba could be forced to issue rc4-hmac
encrypted Kerberos tickets. A remote attacker could possibly use this
issue to escalate privileges. This issue only affected Ubuntu 20.04 LTS
a...
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 18.04 LTS
samba 2:4.7.6+dfsg~ubuntu-0ubuntu2.29+esm2
Available with Ubuntu Pro
Ubuntu 16.04 LTS
samba 2:4.3.11+dfsg-0ubuntu0.16.04.34+esm3
Available with Ubuntu Pro
Ubuntu 14.04 LTS
samba 2:4.3.11+dfsg-0ubuntu0.14.04.20+esm14
Available with Ubuntu Pro
In general, a standard system update will make all the necessary changes.https://ubuntu.com/security/notices/USN-7582-2
https://ubuntu.com/security/notices/USN-7582-1
https://bugs.launchpad.net/ubuntu/+source/samba/+bug/2115450
Get the latest Linux and open source security news straight to your inbox.