Bug 1281326 (CVE-2015-5330)
| Summary: | CVE-2015-5330 samba, libldb: remote memory read in the Samba LDAP server | ||
|---|---|---|---|
| Product: | [Other] Security Response | Reporter: | Adam Mariš <amaris> |
| Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
| Status: | CLOSED ERRATA | QA Contact: | |
| Severity: | medium | Docs Contact: | |
| Priority: | medium | ||
| Version: | unspecified | CC: | aavati, asn, carnil, gdeschner, jarrpa, jhrozek, jrusnack, nlevinki, rfortier, sbose, security-response-team, sgirijan, sisharma, slong, smohan, ssaha, vbellur |
| Target Milestone: | --- | Keywords: | Security |
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | libldb 1.1.24, samba 4.1.22, samba 4.2.7, samba 4.3.3 | Doc Type: | Bug Fix |
| Doc Text: |
A memory-read flaw was found in the way the libldb library processed LDB DN records with a null byte. An authenticated, remote attacker could use this flaw to read heap-memory pages from the server.
|
Story Points: | --- |
| Clone Of: | Environment: | ||
| Last Closed: | 2016-01-08 12:18:53 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | 1290712, 1290713, 1290714, 1290715, 1290727, 1291376, 1292070 | ||
| Bug Blocks: | 1281327 | ||
|
Description
Adam Mariš
2015-11-12 10:11:10 UTC
Acknowledgements: Red Hat would like to thank the Samba project for reporting this issue. Upstream acknowledges Douglas Bagnall as the original reporter. Created libldb tracking bugs for this issue: Affects: fedora-all [bug 1292070] External References: https://www.samba.org/samba/security/CVE-2015-5330.html Upstream commits tagged with CVE-2015-5330. There are multiple commits for libldb using this CVE id: https://git.samba.org/?p=samba.git;a=commitdiff;h=7f51ec8c4ed9ba1f53d722e44fb6fb3cde933b72 https://git.samba.org/?p=samba.git;a=commitdiff;h=0454b95657846fcecf0f51b6f1194faac02518bd https://git.samba.org/?p=samba.git;a=commitdiff;h=f36cb71c330a52106e36028b3029d952257baf15 However, there are additional commits tagged with this CVE affecting samba code rather than libldb: https://git.samba.org/?p=samba.git;a=commitdiff;h=ba5dbda6d0174a59d221c45cca52ecd232820d48 https://git.samba.org/?p=samba.git;a=commitdiff;h=a118d4220ed85749c07fb43c1229d9e2fecbea6b https://git.samba.org/?p=samba.git;a=commitdiff;h=538d305de91e34a2938f5f219f18bf0e1918763f The non-ldb samba fixes were applied in upstream versions 4.1.22, 4.2.7, and 4.3.3. This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Red Hat Enterprise Linux 6 Via RHSA-2016:0009 https://rhn.redhat.com/errata/RHSA-2016-0009.html This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2016:0006 https://rhn.redhat.com/errata/RHSA-2016-0006.html This issue has been addressed in the following products: Red Hat Gluster Storage 3.1 for RHEL 6 Red Hat Gluster Storage 3.1 for RHEL 7 Via RHSA-2016:0014 https://rhn.redhat.com/errata/RHSA-2016-0014.html This issue has been addressed in the following products: Red Hat Gluster Storage 3.1 for RHEL 7 Via RHSA-2016:0016 https://rhn.redhat.com/errata/RHSA-2016-0016.html This issue has been addressed in the following products: Red Hat Gluster Storage 3.1 for RHEL 6 Via RHSA-2016:0015 https://rhn.redhat.com/errata/RHSA-2016-0015.html |