drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Mehrere Probleme in Samba
| Name: |
Mehrere Probleme in Samba |
|
| ID: |
USN-7582-1 |
|
| Distribution: |
Ubuntu |
|
| Plattformen: |
Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, Ubuntu 18.04 LTS |
|
| Datum: |
Do, 19. Juni 2025, 22:28 |
|
| Referenzen: |
https://www.cve.org/CVERecord?id=CVE-2022-42898
https://www.cve.org/CVERecord?id=CVE-2023-34966
https://www.cve.org/CVERecord?id=CVE-2022-45141
https://www.cve.org/CVERecord?id=CVE-2022-3437 |
|
| Applikationen: |
Samba |
|
Originalnachricht |
--=-=-=
Content-Type: text/plain
==========================================================================
Ubuntu Security Notice USN-7582-1
June 19, 2025
samba vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 18.04 LTS
- Ubuntu 16.04 LTS
- Ubuntu 14.04 LTS
Summary:
Several security issues were fixed in Samba.
Software Description:
- samba: SMB/CIFS file, print, and login server for Unix
Details:
Evgeny Legerov discovered that Samba incorrectly handled buffers in
certain GSSAPI routines of Heimdal. A remote attacker could possibly use
this issue to cause Samba to crash, resulting in a denial of service.
(CVE-2022-3437)
Greg Hudson discovered that Samba incorrectly handled PAC parsing. On
32-bit systems, a remote attacker could use this issue to escalate
privileges, or possibly execute arbitrary code. (CVE-2022-42898)
Joseph Sutton discovered that Samba could be forced to issue rc4-hmac
encrypted Kerberos tickets. A remote attacker could possibly use this issue
to escalate privileges. This issue only affected Ubuntu 20.04 LTS and
Ubuntu 22.04 LTS. (CVE-2022-45141)
Florent Saudel discovered that Samba incorrectly handled certain Spotlight
requests. A remote attacker could possibly use this issue to cause Samba to
consume resources, leading to a denial of service. (CVE-2023-34966)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 18.04 LTS
samba 2:4.7.6+dfsg~ubuntu-0ubuntu2.29+esm1
Available with Ubuntu Pro
Ubuntu 16.04 LTS
samba 2:4.3.11+dfsg-0ubuntu0.16.04.34+esm2
Available with Ubuntu Pro
Ubuntu 14.04 LTS
samba 2:4.3.11+dfsg-0ubuntu0.14.04.20+esm13
Available with Ubuntu Pro
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-7582-1
CVE-2022-3437, CVE-2022-42898, CVE-2022-45141, CVE-2023-34966
--=-=-=
Content-Type: application/pgp-signature; name="signature.asc"
-----BEGIN PGP SIGNATURE-----
iQHZBAEBCgBDFiEEBcMY+nwS2CY71sUWc4vdAqvdlsYFAmhT8YAlHGdpYW1wYW9s
by5mcmVzaS5yb2dsaWFAY2Fub25pY2FsLmNvbQAKCRBzi90Cq92WxnkeC/94nZk0
bKeETp2Di55luV74wSQsr0za/Jd5G+cCWftDDz37mjfsPUOf5dgNMpnZUx0FRxHU
fK/LhJp5GA4+UiJo+a2h/FG+roVdOLZQsPNqehu+nqWijx0gVPEbgUaX6eMelQnA
Hmw0my/cUVluhGMNQGpCWSSRPdRYWf9myv8+1FIzmazRJm61zQlD6FvGnO8Ss6FF
rH+GswSg53R7TJhNuJyEempEf3n+aaEOa+gBLYm6BnUiaZpWVz6pCNWgNT57HU6D
3ZLpmJvwtQnulU/Wxu/NZdr/e6k53kSh5aDHcqPKHShQ8msj0wiA5dxVhBfaEBhx
G3nx4Aemn26jGIFHUxAtHoEjTRWhFFV7cVHVu6stJpkAx0UHtIRAqoEU84Q60jg2
FjCa3oX3e2dFmpYoIn6nJ2cyag+0xOqfPPFPKH49lQ5JhrhB3TWmWnHKSYUjsYeI
YdqVnfo3pGk0tMid2uaJIpoFlFtT5WEj7C418XFCU2ZdUeIN06jWFlrIXuQ=
=VqWn
-----END PGP SIGNATURE-----
--=-=-=--
|
|
|
|
