OESA-2021-1461
- Source
- https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2021-1461
- Import Source
- https://repo.openeuler.org/security/data/osv/OESA-2021-1461.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/OESA-2021-1461
- Upstream
- Published
- 2021-12-10T11:03:24Z
- Modified
- 2025-08-12T05:03:41.448536Z
- Summary
- samba security update
- Details
-
Samba is a suite of programs for Linux and Unix to interoperate with Windows.
Security Fix(es):
A flaw was discovered in the way samba implements SMB1 authentication. Even if Kerberos authentication is required, an attacker can use this flaw to retrieve the clear text password sent over the wire.(CVE-2016-2124)
Several flaws were found in the way that samba AD DC implements storage data access and consistency checking. Attackers can use this flaw to cause damage to the entire domain.(CVE-2020-25722)
A use-after-free issue was found in the Samba AD DC RPC server, which may allow handles to point to different user states, leading to more privileged access.(CVE-2021-3738)
A flaw was found in the way that samba as an AD domain controller can support RODC. This will allow RODC to print administrator credentials.(CVE-2020-25718)
A flaw was discovered in the way that Samba, as an AD domain controller, implements Kerberos name-based authentication. If Samba AD DC does not strictly require Kerberos PAC and always uses the SID found in it, it may not be able to distinguish the user represented by the credential.(CVE-2020-25719)
The AD Kerberos acceptance service in Samba cannot perform authorization by accessing the user's unique and long-term stable identifier.(CVE-2020-25721)
- Database specific
{ "severity": "High" }- References
-
- https://www.openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2021-1461
- https://nvd.nist.gov/vuln/detail/CVE-2016-2124
- https://nvd.nist.gov/vuln/detail/CVE-2020-25722
- https://nvd.nist.gov/vuln/detail/CVE-2021-3738
- https://nvd.nist.gov/vuln/detail/CVE-2020-25718
- https://nvd.nist.gov/vuln/detail/CVE-2020-25719
- https://nvd.nist.gov/vuln/detail/CVE-2020-25721
Affected packages
openEuler:20.03-LTS-SP1 / samba
Package
- Name
- samba
- Purl
- pkg:rpm/openEuler/samba&distro=openEuler-20.03-LTS-SP1
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed4.11.12-8.oe1
Ecosystem specific
{
"src": [
"samba-4.11.12-8.oe1.src.rpm"
],
"x86_64": [
"samba-vfs-glusterfs-4.11.12-8.oe1.x86_64.rpm",
"samba-dc-4.11.12-8.oe1.x86_64.rpm",
"samba-winbind-krb5-locator-4.11.12-8.oe1.x86_64.rpm",
"samba-4.11.12-8.oe1.x86_64.rpm",
"ctdb-4.11.12-8.oe1.x86_64.rpm",
"samba-debuginfo-4.11.12-8.oe1.x86_64.rpm",
"samba-common-4.11.12-8.oe1.x86_64.rpm",
"libsmbclient-devel-4.11.12-8.oe1.x86_64.rpm",
"samba-dc-bind-dlz-4.11.12-8.oe1.x86_64.rpm",
"samba-krb5-printing-4.11.12-8.oe1.x86_64.rpm",
"libwbclient-4.11.12-8.oe1.x86_64.rpm",
"samba-devel-4.11.12-8.oe1.x86_64.rpm",
"samba-winbind-4.11.12-8.oe1.x86_64.rpm",
"libwbclient-devel-4.11.12-8.oe1.x86_64.rpm",
"samba-client-4.11.12-8.oe1.x86_64.rpm",
"samba-debugsource-4.11.12-8.oe1.x86_64.rpm",
"samba-dc-provision-4.11.12-8.oe1.x86_64.rpm",
"samba-winbind-clients-4.11.12-8.oe1.x86_64.rpm",
"python3-samba-test-4.11.12-8.oe1.x86_64.rpm",
"samba-common-tools-4.11.12-8.oe1.x86_64.rpm",
"python3-samba-dc-4.11.12-8.oe1.x86_64.rpm",
"samba-test-4.11.12-8.oe1.x86_64.rpm",
"python3-samba-4.11.12-8.oe1.x86_64.rpm",
"samba-winbind-modules-4.11.12-8.oe1.x86_64.rpm",
"samba-help-4.11.12-8.oe1.x86_64.rpm",
"libsmbclient-4.11.12-8.oe1.x86_64.rpm",
"ctdb-tests-4.11.12-8.oe1.x86_64.rpm",
"samba-libs-4.11.12-8.oe1.x86_64.rpm"
],
"aarch64": [
"samba-winbind-modules-4.11.12-8.oe1.aarch64.rpm",
"samba-4.11.12-8.oe1.aarch64.rpm",
"libwbclient-4.11.12-8.oe1.aarch64.rpm",
"samba-winbind-4.11.12-8.oe1.aarch64.rpm",
"libsmbclient-4.11.12-8.oe1.aarch64.rpm",
"python3-samba-4.11.12-8.oe1.aarch64.rpm",
"libwbclient-devel-4.11.12-8.oe1.aarch64.rpm",
"libsmbclient-devel-4.11.12-8.oe1.aarch64.rpm",
"samba-winbind-krb5-locator-4.11.12-8.oe1.aarch64.rpm",
"samba-client-4.11.12-8.oe1.aarch64.rpm",
"ctdb-tests-4.11.12-8.oe1.aarch64.rpm",
"samba-krb5-printing-4.11.12-8.oe1.aarch64.rpm",
"ctdb-4.11.12-8.oe1.aarch64.rpm",
"samba-debugsource-4.11.12-8.oe1.aarch64.rpm",
"samba-debuginfo-4.11.12-8.oe1.aarch64.rpm",
"samba-dc-provision-4.11.12-8.oe1.aarch64.rpm",
"samba-devel-4.11.12-8.oe1.aarch64.rpm",
"samba-help-4.11.12-8.oe1.aarch64.rpm",
"samba-dc-4.11.12-8.oe1.aarch64.rpm",
"python3-samba-dc-4.11.12-8.oe1.aarch64.rpm",
"samba-dc-bind-dlz-4.11.12-8.oe1.aarch64.rpm",
"samba-libs-4.11.12-8.oe1.aarch64.rpm",
"samba-winbind-clients-4.11.12-8.oe1.aarch64.rpm",
"samba-common-4.11.12-8.oe1.aarch64.rpm",
"samba-test-4.11.12-8.oe1.aarch64.rpm",
"python3-samba-test-4.11.12-8.oe1.aarch64.rpm",
"samba-common-tools-4.11.12-8.oe1.aarch64.rpm"
],
"noarch": [
"samba-pidl-4.11.12-8.oe1.noarch.rpm"
]
}
openEuler:20.03-LTS-SP2 / samba
Package
- Name
- samba
- Purl
- pkg:rpm/openEuler/samba&distro=openEuler-20.03-LTS-SP2
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed4.11.12-8.oe1
Ecosystem specific
{
"src": [
"samba-4.11.12-8.oe1.src.rpm"
],
"x86_64": [
"samba-dc-4.11.12-8.oe1.x86_64.rpm",
"samba-test-4.11.12-8.oe1.x86_64.rpm",
"python3-samba-test-4.11.12-8.oe1.x86_64.rpm",
"samba-dc-provision-4.11.12-8.oe1.x86_64.rpm",
"samba-krb5-printing-4.11.12-8.oe1.x86_64.rpm",
"samba-vfs-glusterfs-4.11.12-8.oe1.x86_64.rpm",
"samba-winbind-modules-4.11.12-8.oe1.x86_64.rpm",
"samba-winbind-krb5-locator-4.11.12-8.oe1.x86_64.rpm",
"libwbclient-devel-4.11.12-8.oe1.x86_64.rpm",
"samba-dc-bind-dlz-4.11.12-8.oe1.x86_64.rpm",
"ctdb-4.11.12-8.oe1.x86_64.rpm",
"samba-help-4.11.12-8.oe1.x86_64.rpm",
"samba-common-4.11.12-8.oe1.x86_64.rpm",
"samba-common-tools-4.11.12-8.oe1.x86_64.rpm",
"ctdb-tests-4.11.12-8.oe1.x86_64.rpm",
"samba-winbind-clients-4.11.12-8.oe1.x86_64.rpm",
"samba-debugsource-4.11.12-8.oe1.x86_64.rpm",
"samba-devel-4.11.12-8.oe1.x86_64.rpm",
"samba-debuginfo-4.11.12-8.oe1.x86_64.rpm",
"samba-client-4.11.12-8.oe1.x86_64.rpm",
"libwbclient-4.11.12-8.oe1.x86_64.rpm",
"samba-4.11.12-8.oe1.x86_64.rpm",
"libsmbclient-devel-4.11.12-8.oe1.x86_64.rpm",
"libsmbclient-4.11.12-8.oe1.x86_64.rpm",
"samba-libs-4.11.12-8.oe1.x86_64.rpm",
"python3-samba-4.11.12-8.oe1.x86_64.rpm",
"samba-winbind-4.11.12-8.oe1.x86_64.rpm",
"python3-samba-dc-4.11.12-8.oe1.x86_64.rpm"
],
"aarch64": [
"libwbclient-4.11.12-8.oe1.aarch64.rpm",
"samba-winbind-krb5-locator-4.11.12-8.oe1.aarch64.rpm",
"python3-samba-4.11.12-8.oe1.aarch64.rpm",
"samba-winbind-modules-4.11.12-8.oe1.aarch64.rpm",
"samba-dc-provision-4.11.12-8.oe1.aarch64.rpm",
"samba-help-4.11.12-8.oe1.aarch64.rpm",
"samba-libs-4.11.12-8.oe1.aarch64.rpm",
"samba-krb5-printing-4.11.12-8.oe1.aarch64.rpm",
"ctdb-4.11.12-8.oe1.aarch64.rpm",
"python3-samba-dc-4.11.12-8.oe1.aarch64.rpm",
"samba-4.11.12-8.oe1.aarch64.rpm",
"samba-debugsource-4.11.12-8.oe1.aarch64.rpm",
"samba-devel-4.11.12-8.oe1.aarch64.rpm",
"ctdb-tests-4.11.12-8.oe1.aarch64.rpm",
"samba-dc-bind-dlz-4.11.12-8.oe1.aarch64.rpm",
"samba-winbind-4.11.12-8.oe1.aarch64.rpm",
"samba-winbind-clients-4.11.12-8.oe1.aarch64.rpm",
"samba-debuginfo-4.11.12-8.oe1.aarch64.rpm",
"samba-client-4.11.12-8.oe1.aarch64.rpm",
"samba-test-4.11.12-8.oe1.aarch64.rpm",
"libsmbclient-4.11.12-8.oe1.aarch64.rpm",
"libsmbclient-devel-4.11.12-8.oe1.aarch64.rpm",
"samba-common-4.11.12-8.oe1.aarch64.rpm",
"libwbclient-devel-4.11.12-8.oe1.aarch64.rpm",
"python3-samba-test-4.11.12-8.oe1.aarch64.rpm",
"samba-dc-4.11.12-8.oe1.aarch64.rpm",
"samba-common-tools-4.11.12-8.oe1.aarch64.rpm"
],
"noarch": [
"samba-pidl-4.11.12-8.oe1.noarch.rpm"
]
}