CVE-2023-34966

See a problem?

Source

https://nvd.nist.gov/vuln/detail/CVE-2023-34966

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-34966.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2023-34966

Related

Published

2023-07-20T15:15:11Z

Modified

2024-09-16T15:47:18.632291Z

Severity

7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator

Summary

[none]

Details

An infinite loop vulnerability was found in Samba's mdssvc RPC service for Spotlight. When parsing Spotlight mdssvc RPC packets sent by the client, the core unmarshalling function slunpackloop() did not validate a field in the network packet that contains the count of elements in an array-like structure. By passing 0 as the count value, the attacked function will run in an endless loop consuming 100% CPU. This flaw allows an attacker to issue a malformed RPC request, triggering an infinite loop, resulting in a denial of service condition.

References

Affected packages

Debian:11 / samba

Package

Name: samba
Purl: pkg:deb/debian/samba?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2:4.13.13+dfsg-1~deb11u6

Affected versions

2:4.*

2:4.13.5+dfsg-2

2:4.13.13+dfsg-1~deb11u1

2:4.13.13+dfsg-1~deb11u2

2:4.13.13+dfsg-1~deb11u3

2:4.13.13+dfsg-1~deb11u4

2:4.13.13+dfsg-1~deb11u5

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / samba

Package

Name: samba
Purl: pkg:deb/debian/samba?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2:4.17.10+dfsg-0+deb12u1

Affected versions

2:4.*

2:4.17.8+dfsg-2

2:4.17.9+dfsg-0+deb12u1

2:4.17.9+dfsg-0+deb12u2

2:4.17.9+dfsg-0+deb12u3~bpo11+1

2:4.17.9+dfsg-0+deb12u3

2:4.17.10+dfsg-0+deb12u1~bpo11+1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / samba

Package

Name: samba
Purl: pkg:deb/debian/samba?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2:4.18.5+dfsg-1

Affected versions

2:4.*

2:4.17.8+dfsg-2

2:4.18.0~rc1+dfsg-1exp

2:4.18.0~rc2+dfsg-1

2:4.18.0~rc3+dfsg-1

2:4.18.0~rc4+dfsg-1

2:4.18.0+dfsg-1~exp1

2:4.18.1+dfsg-1~exp1

2:4.18.2+dfsg-1

2:4.18.3+dfsg-1

2:4.18.3+dfsg-2

2:4.18.3+dfsg-3

2:4.18.4+dfsg-1

2:4.18.4+dfsg-2~bpo12+1

2:4.18.4+dfsg-2

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Git / github.com/samba-team/samba

Affected ranges

Type: GIT
Repo: https://github.com/samba-team/samba
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

225a003a043eee399b6d266d94440c399b6877e4

Affected versions

ldb-1.*

ldb-1.1.0

ldb-1.1.10

ldb-1.1.11

ldb-1.1.12

ldb-1.1.13

ldb-1.1.14

ldb-1.1.15

ldb-1.1.16

ldb-1.1.17

ldb-1.1.18

ldb-1.1.19

ldb-1.1.2

ldb-1.1.20

ldb-1.1.21

ldb-1.1.22

ldb-1.1.23

ldb-1.1.24

ldb-1.1.25

ldb-1.1.26

ldb-1.1.27

ldb-1.1.28

ldb-1.1.29

ldb-1.1.3

ldb-1.1.30

ldb-1.1.31

ldb-1.1.4

ldb-1.1.5

ldb-1.1.6

ldb-1.1.8

ldb-1.1.9

ldb-1.2.0

ldb-1.2.1

ldb-1.2.2

ldb-1.3.0

ldb-1.3.1

ldb-1.3.2

ldb-1.4.0

ldb-1.4.1

ldb-1.5.0

ldb-1.5.1

ldb-1.5.2

ldb-1.6.1

ldb-1.6.2

ldb-1.6.3

ldb-2.*

ldb-2.0.5

ldb-2.1.0

ldb-2.1.1

ldb-2.2.0

ldb-2.4.0

ldb-2.5.0

ldb-2.5.1

ldb-2.5.2

ldb-2.5.3

samba-4.*

samba-4.0.0alpha10

samba-4.0.0alpha11

samba-4.0.0alpha13

samba-4.0.0alpha14

samba-4.0.0alpha15

samba-4.0.0alpha16

samba-4.0.0alpha17

samba-4.0.0alpha18

samba-4.0.0alpha19

samba-4.0.0alpha20

samba-4.0.0alpha21

samba-4.0.0alpha6

samba-4.0.0alpha7

samba-4.0.0alpha8

samba-4.0.0alpha9

samba-4.0.0beta1

samba-4.0.0beta2

samba-4.0.0beta3

samba-4.0.0beta4

samba-4.0.0beta5

samba-4.0.0beta6

samba-4.0.0beta7

samba-4.0.0beta8

samba-4.0.0rc1

samba-4.10.0rc1

samba-4.11.0rc1

samba-4.12.0rc1

samba-4.13.0rc1

samba-4.14.0rc1

samba-4.15.0rc1

samba-4.16.0

samba-4.16.0rc1

samba-4.16.0rc2

samba-4.16.0rc3

samba-4.16.0rc4

samba-4.16.0rc5

samba-4.16.1

samba-4.16.10

samba-4.16.2

samba-4.16.3

samba-4.16.4

samba-4.16.5

samba-4.16.6

samba-4.16.7

samba-4.16.8

samba-4.16.9

samba-4.2.0rc1

samba-4.3.0rc1

samba-4.4.0rc1

samba-4.5.0rc1

samba-4.6.0rc1

samba-4.7.0rc1

samba-4.8.0rc1

samba-4.9.0rc1

talloc-1.*

talloc-1.3.1

talloc-2.*

talloc-2.0.0

talloc-2.0.1

talloc-2.0.7

talloc-2.0.8

talloc-2.1.0

talloc-2.1.1

talloc-2.1.10

talloc-2.1.11

talloc-2.1.12

talloc-2.1.13

talloc-2.1.14

talloc-2.1.15

talloc-2.1.16

talloc-2.1.2

talloc-2.1.3

talloc-2.1.4

talloc-2.1.5

talloc-2.1.6

talloc-2.1.7

talloc-2.1.8

talloc-2.1.9

talloc-2.2.0

talloc-2.3.0

talloc-2.3.1

talloc-2.3.2

talloc-2.3.3

tdb-1.*

tdb-1.1.5

tdb-1.2.0

tdb-1.2.1

tdb-1.2.10

tdb-1.2.11

tdb-1.2.12

tdb-1.2.13

tdb-1.3.0

tdb-1.3.1

tdb-1.3.10

tdb-1.3.11

tdb-1.3.12

tdb-1.3.13

tdb-1.3.14

tdb-1.3.15

tdb-1.3.16

tdb-1.3.17

tdb-1.3.18

tdb-1.3.2

tdb-1.3.3

tdb-1.3.4

tdb-1.3.5

tdb-1.3.6

tdb-1.3.7

tdb-1.3.8

tdb-1.3.9

tdb-1.4.0

tdb-1.4.1

tdb-1.4.2

tdb-1.4.3

tdb-1.4.4

tdb-1.4.5

tdb-1.4.6

tevent-0.*

tevent-0.10.0

tevent-0.10.1

tevent-0.10.2

tevent-0.11.0

tevent-0.9.11

tevent-0.9.12

tevent-0.9.13

tevent-0.9.14

tevent-0.9.15

tevent-0.9.16

tevent-0.9.17

tevent-0.9.18

tevent-0.9.19

tevent-0.9.20

tevent-0.9.21

tevent-0.9.22

tevent-0.9.23

tevent-0.9.24

tevent-0.9.25

tevent-0.9.26

tevent-0.9.27

tevent-0.9.28

tevent-0.9.29

tevent-0.9.30

tevent-0.9.31

tevent-0.9.32

tevent-0.9.33

tevent-0.9.34

tevent-0.9.35

tevent-0.9.36

tevent-0.9.37

tevent-0.9.38

tevent-0.9.39

tevent-0.9.8