OESA-2021-1207

See a problem?
Please try reporting it to the source first.
Source
https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2021-1207
Import Source
https://repo.openeuler.org/security/data/osv/OESA-2021-1207.json
JSON Data
https://api.test.osv.dev/v1/vulns/OESA-2021-1207
Upstream
Published
2021-06-07T11:02:56Z
Modified
2025-08-12T05:06:12.468389Z
Summary
samba security update
Details

Samba is a suite of programs for Linux and Unix to interoperate with Windows.

Security Fix(es):

A flaw was found in samba. The Samba smbd file server must map Windows group identities (SIDs) into unix group ids (gids). The code that performs this had a flaw that could allow it to read data beyond the end of the array in the case where a negative cache entry had been added to the mapping cache. This could cause the calling code to return those values into the process token that stores the group membership for a user. The highest threat from this vulnerability is to data confidentiality and integrity.(CVE-2021-20254)

A flaw was found in Samba's libldb. Multiple, consecutive leading spaces in an LDAP attribute can lead to an out-of-bounds memory write, leading to a crash of the LDAP server process handling the request. The highest threat from this vulnerability is to system availability.(CVE-2021-20277)

A flaw was found in samba. Spaces used in a string around a domain name (DN), while supposed to be ignored, can cause invalid DN strings with spaces to instead write a zero-byte into out-of-bounds memory, resulting in a crash. The highest threat from this vulnerability is to system availability.(CVE-2020-27840)

Database specific 
{
    "severity": "High"
}
References

Affected packages

openEuler:20.03-LTS-SP1 / samba

Package

Name
samba
Purl
pkg:rpm/openEuler/samba&distro=openEuler-20.03-LTS-SP1

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.11.12-4.oe1

Ecosystem specific 

{
    "noarch": [
        "samba-pidl-4.11.12-4.oe1.noarch.rpm"
    ],
    "x86_64": [
        "ctdb-tests-4.11.12-4.oe1.x86_64.rpm",
        "samba-debuginfo-4.11.12-4.oe1.x86_64.rpm",
        "samba-dc-provision-4.11.12-4.oe1.x86_64.rpm",
        "samba-devel-4.11.12-4.oe1.x86_64.rpm",
        "samba-vfs-glusterfs-4.11.12-4.oe1.x86_64.rpm",
        "samba-krb5-printing-4.11.12-4.oe1.x86_64.rpm",
        "samba-common-tools-4.11.12-4.oe1.x86_64.rpm",
        "samba-dc-4.11.12-4.oe1.x86_64.rpm",
        "samba-4.11.12-4.oe1.x86_64.rpm",
        "libwbclient-devel-4.11.12-4.oe1.x86_64.rpm",
        "samba-debugsource-4.11.12-4.oe1.x86_64.rpm",
        "libsmbclient-devel-4.11.12-4.oe1.x86_64.rpm",
        "samba-common-4.11.12-4.oe1.x86_64.rpm",
        "ctdb-4.11.12-4.oe1.x86_64.rpm",
        "samba-winbind-clients-4.11.12-4.oe1.x86_64.rpm",
        "samba-libs-4.11.12-4.oe1.x86_64.rpm",
        "samba-client-4.11.12-4.oe1.x86_64.rpm",
        "samba-dc-bind-dlz-4.11.12-4.oe1.x86_64.rpm",
        "samba-test-4.11.12-4.oe1.x86_64.rpm",
        "libwbclient-4.11.12-4.oe1.x86_64.rpm",
        "samba-winbind-krb5-locator-4.11.12-4.oe1.x86_64.rpm",
        "samba-winbind-modules-4.11.12-4.oe1.x86_64.rpm",
        "python3-samba-test-4.11.12-4.oe1.x86_64.rpm",
        "samba-help-4.11.12-4.oe1.x86_64.rpm",
        "python3-samba-4.11.12-4.oe1.x86_64.rpm",
        "python3-samba-dc-4.11.12-4.oe1.x86_64.rpm",
        "libsmbclient-4.11.12-4.oe1.x86_64.rpm",
        "samba-winbind-4.11.12-4.oe1.x86_64.rpm"
    ],
    "aarch64": [
        "libsmbclient-devel-4.11.12-4.oe1.aarch64.rpm",
        "samba-winbind-4.11.12-4.oe1.aarch64.rpm",
        "python3-samba-dc-4.11.12-4.oe1.aarch64.rpm",
        "python3-samba-test-4.11.12-4.oe1.aarch64.rpm",
        "samba-debuginfo-4.11.12-4.oe1.aarch64.rpm",
        "ctdb-tests-4.11.12-4.oe1.aarch64.rpm",
        "samba-dc-provision-4.11.12-4.oe1.aarch64.rpm",
        "samba-client-4.11.12-4.oe1.aarch64.rpm",
        "libwbclient-4.11.12-4.oe1.aarch64.rpm",
        "samba-help-4.11.12-4.oe1.aarch64.rpm",
        "samba-test-4.11.12-4.oe1.aarch64.rpm",
        "samba-4.11.12-4.oe1.aarch64.rpm",
        "samba-winbind-modules-4.11.12-4.oe1.aarch64.rpm",
        "samba-debugsource-4.11.12-4.oe1.aarch64.rpm",
        "python3-samba-4.11.12-4.oe1.aarch64.rpm",
        "samba-dc-4.11.12-4.oe1.aarch64.rpm",
        "samba-common-4.11.12-4.oe1.aarch64.rpm",
        "ctdb-4.11.12-4.oe1.aarch64.rpm",
        "libwbclient-devel-4.11.12-4.oe1.aarch64.rpm",
        "samba-krb5-printing-4.11.12-4.oe1.aarch64.rpm",
        "samba-common-tools-4.11.12-4.oe1.aarch64.rpm",
        "libsmbclient-4.11.12-4.oe1.aarch64.rpm",
        "samba-winbind-clients-4.11.12-4.oe1.aarch64.rpm",
        "samba-devel-4.11.12-4.oe1.aarch64.rpm",
        "samba-winbind-krb5-locator-4.11.12-4.oe1.aarch64.rpm",
        "samba-dc-bind-dlz-4.11.12-4.oe1.aarch64.rpm",
        "samba-libs-4.11.12-4.oe1.aarch64.rpm"
    ],
    "src": [
        "samba-4.11.12-4.oe1.src.rpm"
    ]
}