As per upstream advisory: It's possible for an attacker to downgrade the required signing for an SMB2/3 client connection, by injecting the SMB2_SESSION_FLAG_IS_GUEST or SMB2_SESSION_FLAG_IS_NULL flags. This applies to the combination of "client ipc signing" and "client ipc max protocol" in their effective default settings ("mandatory" and "SMB3_11"). The combination of "client signing" and "client max protocol" is also affected, but only if "client signing" is explicitly set (as the effective default is "if_required") and "client max protocol" is explicitly set to SMB2 or higher.
Acknowledgments: Name: the Samba project Upstream: Stefan Metzmacher
Public via: https://www.samba.org/samba/security/CVE-2016-2119.html
Created samba tracking bugs for this issue: Affects: fedora-all [bug 1353504]
samba-4.4.5-1.fc24 has been pushed to the Fedora 24 stable repository. If problems still persist, please make note of it in this bug report.
samba-4.3.11-1.fc23 has been pushed to the Fedora 23 stable repository. If problems still persist, please make note of it in this bug report.
Upstream commits: https://git.samba.org/?p=samba.git;a=commitdiff;h=46b5e4aca6adb12a27efaad3bfe66c2d8a82ec95 https://git.samba.org/?p=samba.git;a=commitdiff;h=94295b7aa22d2544af5323bca70d3dcb97fd7c64 https://git.samba.org/?p=samba.git;a=commitdiff;h=f7e1a590cc8246514445cb287541e6d5dca6c699 Upstream bug (still not public): https://bugzilla.samba.org/show_bug.cgi?id=11860
This issue has been addressed in the following products: Red Hat Enterprise Linux 6 Via RHSA-2016:1487 https://rhn.redhat.com/errata/RHSA-2016-1487.html
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2016:1486 https://rhn.redhat.com/errata/RHSA-2016-1486.html
This issue has been addressed in the following products: Red Hat Gluster Storage 3.1 for RHEL 7 Red Hat Gluster Storage 3.1 for RHEL 6 Via RHSA-2016:1494 https://rhn.redhat.com/errata/RHSA-2016-1494.html