MGASA-2023-0247
- Source
- https://advisories.mageia.org/MGASA-2023-0247.html
- Import Source
- https://advisories.mageia.org/MGASA-2023-0247.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/MGASA-2023-0247
- Related
- Published
- 2023-08-23T19:56:41Z
- Modified
- 2023-08-23T18:38:09Z
- Summary
- Updated samba packages fix security vulnerability
- Details
-
Out-of-bounds read due to insufficient length checks in winbinddpamauth_crap.c (CVE-2022-2127) Improper SMB2 packet signing mechanism leading to man in the middle risk (CVE-2023-3347) Infinite loop vulnerability was found in Samba's mdssvc RPC service for Spotlight (CVE-2023-34966) Type Confusion vulnerability was found in Samba's mdssvc RPC service for Spotlight (CVE-2023-34967) Path disclosure vulnerability in the Spotlight protocol (CVE-2023-34968)
- References
-
- https://advisories.mageia.org/MGASA-2023-0247.html
- https://bugs.mageia.org/show_bug.cgi?id=32152
- https://www.samba.org/samba/security/CVE-2023-34967.html
- https://www.samba.org/samba/security/CVE-2022-2127.html
- https://www.samba.org/samba/security/CVE-2023-34968.html
- https://www.samba.org/samba/security/CVE-2023-34966.html
- https://www.samba.org/samba/security/CVE-2023-3347.html
- https://www.samba.org/samba/history/samba-4.16.11.html
- https://www.samba.org/samba/history/samba-4.17.10.html
- Credits
-
-
- Mageia - COORDINATOR
-
Affected packages
Mageia:8 / samba
Package
- Name
- samba
- Purl
- pkg:rpm/mageia/samba?distro=mageia-8