Bug 601419 (CVE-2010-2063) - CVE-2010-2063 samba: memory corruption vulnerability
Summary: CVE-2010-2063 samba: memory corruption vulnerability
Alias: CVE-2010-2063
Product: Security Response
Classification: Other
Component: vulnerability   
(Show other bugs)
Version: unspecified
Hardware: All Linux
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
Whiteboard: impact=critical,public=20100616,repor...
Keywords: Security
Depends On: 602317 602318 602319 602320 602321 602322 602323 602652 602655 602656
TreeView+ depends on / blocked
Reported: 2010-06-07 22:02 UTC by Vincent Danen
Modified: 2018-02-12 16:56 UTC (History)
6 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2010-07-08 16:22:20 UTC
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

External Trackers
Tracker ID Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2010:0488 normal SHIPPED_LIVE Critical: samba and samba3x security update 2010-06-16 21:36:09 UTC

Description Vincent Danen 2010-06-07 22:02:08 UTC
A memory corruption vulnerability exists in the chain_reply() function in Samba 3.3.12 and earlier.  3.4.x and later are not affected.  This flaw could allow a remote, unauthenticated attacker, to crash the samba server or, possibly, execute arbitrary code with the privileges of the samba server.


Red Hat would like to thank the Samba team for responsibly reporting this issue. Upstream acknowledges Jun Mao as the original reporter.

Comment 9 Josh Bressers 2010-06-16 13:55:29 UTC
This is now public:

Comment 10 errata-xmlrpc 2010-06-16 21:36:22 UTC
This issue has been addressed in following products:

  Red Hat Enterprise Linux 3
  Red Hat Enterprise Linux 4
  Red Hat Enterprise Linux 5
  Red Hat Enterprise Linux 5.3.Z - Server Only
  Red Hat Enterprise Linux 5.4.Z - Server Only
  Red Hat Enterprise Linux 4.7 Z Stream

Via RHSA-2010:0488 https://rhn.redhat.com/errata/RHSA-2010-0488.html

Note You need to log in before you can comment on or make changes to this bug.