Ubuntu Security Notice 5542-1 - It was discovered that Samba did not handle MaxQueryDuration when being used in AD DC configurations, contrary to expectations. This issue only affected Ubuntu 20.04 LTS. Luke Howard discovered that Samba incorrectly handled certain restrictions associated with changing passwords. A remote attacker being requested to change passwords could possibly use this issue to escalate privileges.
64dcd0b4e57993d8ecdb31b0a283748a7fe8d11403650392271d1261d52dc7be
==========================================================================
Ubuntu Security Notice USN-5542-1
August 01, 2022
samba vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 22.04 LTS
- Ubuntu 20.04 LTS
Summary:
Several security issues were fixed in Samba.
Software Description:
- samba: SMB/CIFS file, print, and login server for Unix
Details:
It was discovered that Samba did not handle MaxQueryDuration when being
used in AD DC configurations, contrary to expectations. This issue only
affected Ubuntu 20.04 LTS. (CVE-2021-3670)
Luke Howard discovered that Samba incorrectly handled certain restrictions
associated with changing passwords. A remote attacker being requested to
change passwords could possibly use this issue to escalate privileges.
(CVE-2022-2031)
Luca Moro discovered that Samba incorrectly handled certain SMB1
communications. A remote attacker could possibly use this issue to obtain
sensitive memory contents. (CVE-2022-32742)
Joseph Sutton discovered that Samba incorrectly handled certain password
change requests. A remote attacker could use this issue to change passwords
of other users, resulting in privilege escalation. (CVE-2022-32744)
Joseph Sutton discovered that Samba incorrectly handled certain LDAP add or
modify requests. A remote attacker could possibly use this issue to cause
Samba to crash, resulting in a denial of service. (CVE-2022-32745)
Joseph Sutton and Andrew Bartlett discovered that Samba incorrectly handled
certain LDAP add or modify requests. A remote attacker could possibly use
this issue to cause Samba to crash, resulting in a denial of service.
(CVE-2022-32746)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 22.04 LTS:
samba 2:4.15.9+dfsg-0ubuntu0.2
Ubuntu 20.04 LTS:
samba 2:4.13.17~dfsg-0ubuntu1.20.04.1
The update for Ubuntu 22.04 LTS uses a new upstream release, which includes
additional bug fixes. In general, a standard system update will make all
the necessary changes.
References:
https://ubuntu.com/security/notices/USN-5542-1
CVE-2021-3670, CVE-2022-2031, CVE-2022-32742, CVE-2022-32744,
CVE-2022-32745, CVE-2022-32746
Package Information:
https://launchpad.net/ubuntu/+source/samba/2:4.15.9+dfsg-0ubuntu0.2
https://launchpad.net/ubuntu/+source/samba/2:4.13.17~dfsg-0ubuntu1.20.04.1