DEBIAN-CVE-2023-34967
- Source
- https://security-tracker.debian.org/tracker/CVE-2023-34967
- Import Source
- https://storage.googleapis.com/osv-test-debian-osv/debian-cve-osv/DEBIAN-CVE-2023-34967.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/DEBIAN-CVE-2023-34967
- Upstream
- Published
- 2023-07-20T15:15:11Z
- Modified
- 2025-09-19T07:33:20.547452Z
- Summary
- [none]
- Details
-
A Type Confusion vulnerability was found in Samba's mdssvc RPC service for Spotlight. When parsing Spotlight mdssvc RPC packets, one encoded data structure is a key-value style dictionary where the keys are character strings, and the values can be any of the supported types in the mdssvc protocol. Due to a lack of type checking in callers of the dallocvalueforkey() function, which returns the object associated with a key, a caller may trigger a crash in tallocget_size() when talloc detects that the passed-in pointer is not a valid talloc pointer. With an RPC worker process shared among multiple client connections, a malicious client or attacker can trigger a process crash in a shared RPC mdssvc worker process, affecting all other clients this worker serves.
- References
Affected packages
Debian:11 / samba
Package
- Name
- samba
- Purl
- pkg:deb/debian/samba?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed2:4.13.13+dfsg-1~deb11u6
Debian:12 / samba
Package
- Name
- samba
- Purl
- pkg:deb/debian/samba?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed2:4.17.10+dfsg-0+deb12u1
Debian:13 / samba
Package
- Name
- samba
- Purl
- pkg:deb/debian/samba?arch=source
Debian:14 / samba
Package
- Name
- samba
- Purl
- pkg:deb/debian/samba?arch=source