Hide Forgot
Quoting upcoming Samba security advisory: Subject: Remote DoS against smbd on authenticated connections Versions: All known versions of samba Summary: Specially crafted SMB requests on authenticated SMB connections can send smbd into a 100% CPU loop, causing a DoS on the Samba server Description: Smbd is susceptible to a remote DoS attack by an authenticated remote client. If the client sends a reply to an oplock break notification that Samba does not expect it can cause smbd to spin the CPU repeatedly trying to process the unexpected packet and being unable to finish the processing. This is unlikely to happen with normal client activity (although not impossible).
Created attachment 363297 [details] Upstream patch - 3.0.x
Created attachment 363298 [details] Upstream patch - 3.2.x
Created attachment 363299 [details] Upstream patch - 3.3.x
Created attachment 363300 [details] Upstream patch - 3.4.x
Upstream advisory: http://www.samba.org/samba/security/CVE-2009-2906.html Fixed upstream in: 3.0.37, 3.2.15, 3.3.8 and 3.4.2
samba-3.2.15-0.36.fc10 has been pushed to the Fedora 10 stable repository. If problems still persist, please make note of it in this bug report.
samba-3.4.2-0.42.fc11 has been pushed to the Fedora 11 stable repository. If problems still persist, please make note of it in this bug report.
This issue has been addressed in following products: Red Hat Enterprise Linux 3 Via RHSA-2009:1528 https://rhn.redhat.com/errata/RHSA-2009-1528.html
This issue has been addressed in following products: Red Hat Enterprise Linux 4 Red Hat Enterprise Linux 5 Via RHSA-2009:1529 https://rhn.redhat.com/errata/RHSA-2009-1529.html
This issue has been addressed in following products: Extras for Red Hat Enterprise Linux 5 Via RHSA-2009:1585 https://rhn.redhat.com/errata/RHSA-2009-1585.html