CVE-2021-23192 — Improper Input Validation in Samba

CWE-20 — Improper Input Validation CWE-667 — Improper Locking14 documents8 sources

Severity

7.5HIGHNVD

OSV5.9

EPSS

0.1%

top 71.40%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Samba Debian Samba Msrc Azl3 Samba 4.18.3-1 ON Azure Linux 3.0 +2 more

Timeline

PublishedMar 2

Latest updateJun 19

Description

A flaw was found in the way samba implemented DCE/RPC. If a client to a Samba server sent a very large DCE/RPC request, and chose to fragment it, an attacker could replace later fragments with their own data, bypassing the signature requirements.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:NExploitability: 3.9 | Impact: 3.6

Affected Packages8 packages

▶NVDsamba/samba4.10.0 — 4.13.14+2

▶debiandebian/samba< samba 2:4.13.14+dfsg-1 (bookworm)

▶Debiansamba/samba< 2:4.13.13+dfsg-1~deb11u2+3

▶Ubuntusamba/samba< 2:4.13.14+dfsg-0ubuntu0.20.04.4+2

▶CVEListV5samba/sambaAffects samba v4.10.0 to 4.15.1, Fixed in samba v4.15.2, v4.14.10 and v4.13.14.

Patches

Patch: www.samba.org ↗Patch: www.samba.org ↗

🔴Vulnerability Details

GHSA

GHSA-vffc-r23p-p6rq: A flaw was found in the way samba implemented DCE/RPC↗2022-03-04

▶

OSV

CVE-2021-23192: A flaw was found in the way samba implemented DCE/RPC↗2022-03-02

▶

OSV

samba regression↗2021-12-13

▶

OSV

samba regressions↗2021-12-06

▶

OSV

samba vulnerabilities↗2021-11-11

▶

📋Vendor Advisories

Red Hat

kernel: USB: core: Make do_proc_control() and do_proc_bulk() killable↗2024-06-19

▶

Microsoft

A flaw was found in the way samba implemented DCE/RPC. If a client to a Samba server sent a very large DCE/RPC request and chose to fragment it an attacker could replace later fragments with their own↗2022-03-08

▶

Ubuntu

Samba regression↗2021-12-13

▶

Ubuntu

Samba regressions↗2021-12-06

▶

Ubuntu

Samba vulnerabilities↗2021-11-11

▶