Calls to the rpcecho server on the AD DC can request that the server block for a user-defined amount of time, denying service. One RPC function provided by "rpcecho" can block, essentially indefinitely, and because the "rpcecho" service is provided from the main RPC task, which has only one worker, this denies essentially all service on the AD DC. https://bugzilla.samba.org/show_bug.cgi?id=15474
This CVE is now Public: https://www.samba.org/samba/security/CVE-2023-42669.html
Created samba tracking bugs for this issue: Affects: fedora-all [bug 2243229]
This issue has been addressed in the following products: Red Hat Enterprise Linux 9.0 Extended Update Support Via RHSA-2023:6209 https://access.redhat.com/errata/RHSA-2023:6209
This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2023:6744 https://access.redhat.com/errata/RHSA-2023:6744
This issue has been addressed in the following products: Red Hat Enterprise Linux 9.2 Extended Update Support Via RHSA-2023:7371 https://access.redhat.com/errata/RHSA-2023:7371
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.6 Extended Update Support Via RHSA-2023:7408 https://access.redhat.com/errata/RHSA-2023:7408
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.8 Extended Update Support Via RHSA-2023:7464 https://access.redhat.com/errata/RHSA-2023:7464
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2023:7467 https://access.redhat.com/errata/RHSA-2023:7467