Bug 785746 (CVE-2012-0817)

Summary: CVE-2012-0817 samba: DoS (smbd crash) due memory leak in management of fds for socket connections
Product: [Other] Security Response Reporter: Jan Lieskovsky <jlieskov>
Component: vulnerabilityAssignee: Red Hat Product Security <security-response-team>
Status: CLOSED NOTABUG QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: unspecifiedCC: asn, gdeschner, mbarnes, prc, sbose, ssorce, steved
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2015-01-26 22:29:45 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 785753    
Bug Blocks:    

Description Jan Lieskovsky 2012-01-30 14:23:04 UTC 
A memory leak leading to denial of service (smbd crash) was found in the way smbd daemon of the Samba suite performed management of file descriptors related to socket connections. A remote attacker could use this flaw to cause excessive CPU use, or, potentially denial of service via loop of incoming connections.

Upstream advisory:
[1] http://www.samba.org/samba/security/CVE-2012-0817

Relevant patch:
[2] http://www.samba.org/samba/ftp/patches/security/samba-3.6.2-CVE-2012-0817.patch
Comment 1 Jan Lieskovsky 2012-01-30 14:41:05 UTC 
This issue did NOT affect the version of the samba package, as shipped with Red Hat Enterprise Linux 4.

This issue did NOT affect the versions of the samba and samba3x package, as shipped with Red Hat Enterprise Linux 5.

This issue did NOT affect the versions of the samba and samba4 package, as shipped with Red Hat Enterprise Linux 6.

--

This issue did NOT affect the version of the samba package, as shipped with Fedora release of 15.

This issue affects the version of the samba package, as shipped with Fedora release of 16. Please schedule an update.
Comment 2 Jan Lieskovsky 2012-01-30 14:42:10 UTC 
Created samba tracking bugs for this issue

Affects: fedora-16 [bug 785753]
Comment 3 Jan Lieskovsky 2012-01-30 14:44:04 UTC 
Statement:

Not vulnerable. This issue did not affect the versions of samba as shipped with Red Hat Enterprise Linux 4, 5, and 6. This issue did not affect the version of samba3x as shipped with Red Hat Enterprise Linux 5. This issue did not affect the version of samba4 as shipped with Red Hat Enterprise Linux 6.
Comment 4 Fedora Update System 2012-02-08 22:59:33 UTC 
samba-3.6.3-78.fc16 has been pushed to the Fedora 16 stable repository.  If problems still persist, please make note of it in this bug report.