Ubuntu Security Alert: CVE-2023-3961 High Risk Samba Privilege Escalation
Fellow Linux admins-
Linux admins have used Samba for decades to share files with their Windows desktops, including in enterprises where Active Directory is in place. First developed by Andrew Tridgell (known as Tridge to his friends) in 1991, samba addressed a significant need for sharing resources in mixed-OS environments. However, a privilege escalation attack has the potential for widespread impact because it affects a core network and resource management component. Let's discuss how you can mitigate the latest high-severity attack in how Samba manages access controls for newly created objects within Active Directory.
Reported as CVE-2023-3961, this vuln affects only Samba installations configured as AD Domain Controllers. It's fascinating how admins with object creation permissions can allow attackers to modify sensitive attributes of AD objects and escalate their privileges. This can lead to severe actions like adding/removing users, changing policies, or even shutting down the network. Read on to learn how to mitigate these issues and protect your users.
You'll also learn about a significant denial of service (DoS) issue recently patched by Intel that could result in downtime, service disruptions, and revenue or credibility losses for your organization.
If you found value in today’s newsletter, please share it with your friends! Do you have a Linux security-related topic you'd like to cover for our audience? We welcome contributions from passionate, insightful community members who share our love for Linux and security!
Stay safe out there,

SambaThe DiscoveryA critical vulnerability in the Samba Active Directory (AD) (CVE-2023-3961) was recently found, allowing attackers to gain elevated privileges and seize control of entire domains. |
Intel MicrocodeThe DiscoveryIntel recently patched a significant denial of service (DoS) issue that could impact specific 4th and 5th Generation Xeon Scalable processors. If exploited, these faulty finite state machines (FSMs) within hardware logic could allow malicious actors to cause denial of service conditions that disrupt regular system operation. |


