Bug 1763137 (CVE-2019-10218)
Summary: | CVE-2019-10218 samba: smb client vulnerable to filenames containing path separators | ||
---|---|---|---|
Product: | [Other] Security Response | Reporter: | Siddharth Sharma <sisharma> |
Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
Status: | CLOSED ERRATA | QA Contact: | |
Severity: | medium | Docs Contact: | |
Priority: | medium | ||
Version: | unspecified | CC: | abokovoy, anoopcs, asn, dblechte, dfediuck, eedri, gdeschner, hvyas, iboukris, jarrpa, jstephen, lmohanty, madam, mgoldboi, michal.skrivanek, puebele, rhs-smb, sbonazzo, sbose, security-response-team, sherold, sisharma, ssorce, vbellur, yturgema |
Target Milestone: | --- | Keywords: | Security |
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | samba 4.9.15, samba 4.10.10, samba 4.11.2 | Doc Type: | If docs needed, set a value |
Doc Text: |
A flaw was found in the samba client where a malicious server can supply a pathname to the client with separators. This could allow the client to access files and folders outside of the SMB network pathnames. An attacker could use this vulnerability to create files outside of the current working directory using the privileges of the client user.
|
Story Points: | --- |
Clone Of: | Environment: | ||
Last Closed: | 2020-03-23 16:31:53 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | 1764468, 1764469, 1764471, 1766558 | ||
Bug Blocks: | 1763144 |
Description
Siddharth Sharma
2019-10-18 10:26:45 UTC
Acknowledgments: Name: the Samba project Upstream: Michael Hanselmann External References: https://www.samba.org/samba/security/CVE-2019-10218.html Created samba tracking bugs for this issue: Affects: fedora-all [bug 1766558] This issue has been addressed in the following products: Red Hat Gluster Storage 3.5 for RHEL 7 Via RHSA-2020:0943 https://access.redhat.com/errata/RHSA-2020:0943 This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2019-10218 This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2020:1084 https://access.redhat.com/errata/RHSA-2020:1084 This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2020:1878 https://access.redhat.com/errata/RHSA-2020:1878 |