Ubuntu Security Notice 5174-1 - Stefan Metzmacher discovered that Samba incorrectly handled SMB1 client connections. A remote attacker could possibly use this issue to downgrade connections to plaintext authentication. Andrew Bartlett discovered that Samba incorrectly mapping domain users to local users. An authenticated attacker could possibly use this issue to become root on domain members. Andrew Bartlett discovered that Samba did not properly check sensitive attributes. An authenticated attacker could possibly use this issue to escalate privileges. Various other issues were also addressed.
25c5c900f4302b24fc3b0236ad0320fa6c9153a96b6a27157cc077591a889f60
==========================================================================
Ubuntu Security Notice USN-5174-1
December 06, 2021
samba vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 18.04 LTS
Summary:
Several security issues were fixed in Samba.
Software Description:
- samba: SMB/CIFS file, print, and login server for Unix
Details:
Stefan Metzmacher discovered that Samba incorrectly handled SMB1 client
connections. A remote attacker could possibly use this issue to downgrade
connections to plaintext authentication. (CVE-2016-2124)
Andrew Bartlett discovered that Samba incorrectly mapping domain users to
local users. An authenticated attacker could possibly use this issue to
become root on domain members. (CVE-2020-25717)
Andrew Bartlett discovered that Samba did not properly check sensitive
attributes. An authenticated attacker could possibly use this issue to
escalate privileges. (CVE-2020-25722)
Joseph Sutton discovered that Samba incorrectly handled certain TGS
requests. An authenticated attacker could possibly use this issue to cause
Samba to crash, resulting in a denial of service. (CVE-2021-3671)
The fix for CVE-2020-25717 results in possible behaviour changes that could
affect certain environments. Please see the upstream advisory for more
information:
https://www.samba.org/samba/security/CVE-2020-25717.html
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 18.04 LTS:
samba 2:4.7.6+dfsg~ubuntu-0ubuntu2.26
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-5174-1
CVE-2016-2124, CVE-2020-25717, CVE-2020-25722, CVE-2021-3671
Package Information:
https://launchpad.net/ubuntu/+source/samba/2:4.7.6+dfsg~ubuntu-0ubuntu2.26