An incomplete access check on dnsHostName allows authenticated but otherwise unprivileged users to delete this attribute from any object in the directory. References: https://www.samba.org/samba/security/CVE-2023-0225.html https://www.samba.org/samba/history/security.html
Created samba tracking bugs for this issue: Affects: fedora-all [bug 2182773]
The samba package as shipped with Red Hat Enterprise Linux 6, 7, 8 and 9 and Red Hat Gluster is not affected by this issue as Red Hat doesn't provide the AD domain controller capability with it.
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2023-0225