Bugzilla will be upgraded to version 5.0 on a still to be determined date in the near future. The original upgrade date has been delayed.
First Last Prev Next    This bug is not in your last search results.
Bug 1512465 - (CVE-2017-15275) CVE-2017-15275 samba: Server heap-memory disclosure
CVE-2017-15275 samba: Server heap-memory disclosure
Status: NEW
Product: Security Response
Classification: Other
Component: vulnerability (Show other bugs)
unspecified
All Linux
medium Severity medium
: ---
: ---
Assigned To: Red Hat Product Security
impact=moderate,public=20171121,repor...
: Security
Depends On: 1512817 1514313 1514314 1514315 1514316 1515692 1531098
Blocks: 1512469
  Show dependency treegraph
 
Reported: 2017-11-13 05:10 EST by Huzaifa S. Sidhpurwala
Modified: 2018-02-12 04:10 EST (History)
18 users (show)

See Also:
Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
A memory disclosure flaw was found in samba. An attacker could retrieve parts of server memory, which could contain potentially sensitive data, by sending specially-crafted requests to the samba server.
Story Points: ---
Clone Of:
Environment:
Last Closed:
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
Add an attachment (proposed patch, testcase, etc.)


External Trackers
Tracker ID Priority Status Summary Last Updated
Samba Project 13077 None None None 2017-11-14 05:46 EST
Red Hat Product Errata RHSA-2017:3260 normal SHIPPED_LIVE Important: samba security update 2017-11-27 04:39:33 EST
Red Hat Product Errata RHSA-2017:3261 normal SHIPPED_LIVE Important: samba security update 2017-11-27 04:13:12 EST
Red Hat Product Errata RHSA-2017:3278 normal SHIPPED_LIVE Important: samba4 security update 2017-11-29 08:03:46 EST

  None (edit)
Description Huzaifa S. Sidhpurwala 2017-11-13 05:10:52 EST 
As per upstream samba advisory:

All versions of Samba from 3.6.0 onwards are vulnerable to a heap memory information leak, where server allocated heap memory may be returned to the client without being cleared.

There is no known vulnerability associated with this error, but uncleared heap memory may contain previously used data that may help an attacker compromise the  server via other methods. Uncleared heap memory may potentially contain password hashes or other high-value data.
Comment 1 Huzaifa S. Sidhpurwala 2017-11-13 05:11:00 EST 
Acknowledgements:

Name: the Samba project
Upstream: Volker Lendecke (SerNet and the Samba Team)
Comment 4 Huzaifa S. Sidhpurwala 2017-11-21 03:59:44 EST 
External References:

https://www.samba.org/samba/security/CVE-2017-15275.html
Comment 5 Huzaifa S. Sidhpurwala 2017-11-21 04:01:05 EST 
Created samba tracking bugs for this issue:

Affects: fedora-all [bug 1515692]
Comment 6 errata-xmlrpc 2017-11-26 23:13:48 EST 
This issue has been addressed in the following products:

  Red Hat Gluster Storage 3.3 for RHEL 6
  Red Hat Gluster Storage 3.3 for RHEL 7

Via RHSA-2017:3261 https://access.redhat.com/errata/RHSA-2017:3261
Comment 7 errata-xmlrpc 2017-11-26 23:40:04 EST 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7

Via RHSA-2017:3260 https://access.redhat.com/errata/RHSA-2017:3260
Comment 8 errata-xmlrpc 2017-11-29 03:04:22 EST 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 6

Via RHSA-2017:3278 https://access.redhat.com/errata/RHSA-2017:3278
Note You need to log in before you can comment on or make changes to this bug.
First Last Prev Next    This bug is not in your last search results.