2245174 – (CVE-2023-5568) CVE-2023-5568 samba: heap buffer overflow with freshness tokens in the Heimdal KDC

Bug 2245174 (CVE-2023-5568) - CVE-2023-5568 samba: heap buffer overflow with freshness tokens in the Heimdal KDC

Summary: CVE-2023-5568 samba: heap buffer overflow with freshness tokens in the Heimda...

Keywords:
Status:	NEW
Alias:	CVE-2023-5568
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	low
Severity:	low
Target Milestone:	---
Assignee:	Product Security
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:	2245175 2245954
Blocks:	2245172
TreeView+	depends on / blocked

Reported:	2023-10-19 21:39 UTC by Robb Gatica
Modified:	2023-10-24 19:10 UTC (History)
CC List:	3 users (show)
Fixed In Version:	samba 4.19.2
Doc Type:	If docs needed, set a value
Doc Text:	A heap-based Buffer Overflow flaw was discovered in Samba. It could allow a remote, authenticated attacker to exploit this vulnerability to cause a denial of service.
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments	(Terms of Use)

Description Robb Gatica 2023-10-19 21:39:35 UTC

The KDC doesn’t allocate enough memory for the ‘heim_octet_string’ containing the freshness token. Potential denial of service and likely low impact. Patched in Samba 4.19.2.

Reference: 
- https://www.samba.org/samba/history/samba-4.19.2.html
- https://bugzilla.samba.org/show_bug.cgi?id=15491

Comment 1 Robb Gatica 2023-10-19 21:39:51 UTC

Created samba tracking bugs for this issue:

Affects: fedora-all [bug 2245175]

Comment 2 Robb Gatica 2023-10-19 22:37:14 UTC

Trackers need to be created, I'm continually getting errors filing trackers for RHEL and RHES.

Comment 3 Alexander Bokovoy 2023-10-20 07:47:02 UTC

This bug can be closed because none of Samba code in RHEL and Fedora is compiled against Heimdal.

Note You need to log in before you can comment on or make changes to this bug.