Bug 2182772 (CVE-2023-0225)
| Summary: | CVE-2023-0225 samba: AD DC "dnsHostname" attribute can be deleted by unprivileged authenticated users | ||
|---|---|---|---|
| Product: | [Other] Security Response | Reporter: | Pedro Sampaio <psampaio> |
| Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
| Status: | CLOSED NOTABUG | QA Contact: | |
| Severity: | medium | Docs Contact: | |
| Priority: | medium | ||
| Version: | unspecified | CC: | abokovoy, anoopcs, asn, dkarpele, nobody, pfilipen, rhs-smb |
| Target Milestone: | --- | Keywords: | Security |
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | samba 4.18.1, samba 4.17.7, samba 4.16.10 | Doc Type: | If docs needed, set a value |
| Doc Text: |
A vulnerability was found in Samba. This security issue occurs as an incomplete access check on the dnsHostName allows authenticated but otherwise, unprivileged users to delete this attribute from any object in the directory.
|
Story Points: | --- |
| Clone Of: | Environment: | ||
| Last Closed: | 2023-03-30 08:34:58 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | 2182773 | ||
| Bug Blocks: | 2182778 | ||
|
Description
Pedro Sampaio
2023-03-29 15:06:17 UTC
Created samba tracking bugs for this issue: Affects: fedora-all [bug 2182773] The samba package as shipped with Red Hat Enterprise Linux 6, 7, 8 and 9 and Red Hat Gluster is not affected by this issue as Red Hat doesn't provide the AD domain controller capability with it. This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2023-0225 |