Samba Multiple Vulnerabilities
Release Date:
10 Nov 2021
5164
Views
RISK: Medium Risk
TYPE: Security software and application - Security Software & Appliance
Multiple vulnerabilities were identified in Samba. A remote attacker could exploit some of these vulnerabilities to trigger denial of service condition, elevation of privilege and security restriction bypass on the targeted system.
Impact
- Denial of Service
- Elevation of Privilege
- Security Restriction Bypass
System / Technologies affected
- Samba 3.0 and later versions
Solutions
Before installation of the software, please visit the vendor web-site for more details.
Samba users running affected versions are advised to upgrade or apply the patch as soon as possible.
- Apply fixes issued by the vendor:
patch for Samba 4.15.1
patch for Samba 4.14.9
patch for Samba 4.13.13 - Upgrade to:
Samba 4.15.2
Samba 4.14.10
Samba 4.13.14
Vulnerability Identifier
- CVE-2016-2124
- CVE-2020-25717
- CVE-2020-25718
- CVE-2020-25719
- CVE-2020-25721
- CVE-2020-25722
- CVE-2021-3738
- CVE-2021-23192
Source
Related Link
- https://us-cert.cisa.gov/ncas/current-activity/2021/11/09/samba-releases-security-updates
- https://www.samba.org/samba/history/security.html
- https://www.samba.org/samba/security/CVE-2016-2124.html
- https://www.samba.org/samba/security/CVE-2020-25717.html
- https://www.samba.org/samba/security/CVE-2020-25718.html
- https://www.samba.org/samba/security/CVE-2020-25719.html
- https://www.samba.org/samba/security/CVE-2020-25721.html
- https://www.samba.org/samba/security/CVE-2020-25722.html
- https://www.samba.org/samba/security/CVE-2021-3738.html
- https://www.samba.org/samba/security/CVE-2021-23192.html
Share with