diff options
author | Salvatore Bonaccorso <carnil@debian.org> | 2021-11-08 21:10:17 +0100 |
---|---|---|
committer | Salvatore Bonaccorso <carnil@debian.org> | 2021-11-09 19:32:41 +0100 |
commit | 8fd9a9eba1475df197411ea6ca72788876782a34 (patch) | |
tree | c3ab90ace5d6f7e376ecd19adb52931558b01611 | |
parent | c8909e8d409756a0b74411ad32f89c92896b4c91 (diff) |
Add CVEs from samba release on 9th november 2021
-rw-r--r-- | data/CVE/list.2016 | 6 | ||||
-rw-r--r-- | data/CVE/list.2020 | 37 | ||||
-rw-r--r-- | data/CVE/list.2021 | 14 |
3 files changed, 41 insertions, 16 deletions
diff --git a/data/CVE/list.2016 b/data/CVE/list.2016 index b64b177db4..74c30c2232 100644 --- a/data/CVE/list.2016 +++ b/data/CVE/list.2016 @@ -26864,8 +26864,10 @@ CVE-2016-2125 (It was found that Samba before versions 4.5.3, 4.4.8, 4.3.13 alwa - samba 2:4.5.2+dfsg-2 NOTE: https://www.samba.org/samba/security/CVE-2016-2125.html NOTE: Patch (with some more) here: https://download.samba.org/pub/samba/patches/security/samba-4.3.12-security-20016-12-19.patch -CVE-2016-2124 - RESERVED +CVE-2016-2124 [SMB1 client connections can be downgraded to plaintext authentication] + - samba <unfixed> + NOTE: https://bugzilla.samba.org/show_bug.cgi?id=12444 + NOTE: https://www.samba.org/samba/security/CVE-2016-2124.html CVE-2016-2123 (A flaw was found in samba versions 4.0.0 to 4.5.2. The Samba routine n ...) {DSA-3740-1} - samba 2:4.5.2+dfsg-2 diff --git a/data/CVE/list.2020 b/data/CVE/list.2020 index c4e8663da1..eaf4cfd13d 100644 --- a/data/CVE/list.2020 +++ b/data/CVE/list.2020 @@ -12900,18 +12900,35 @@ CVE-2020-25723 (A reachable assertion issue was found in the USB EHCI emulation - qemu 1:5.2+dfsg-1 (bug #975276) [buster] - qemu <postponed> (Fix along in future DSA) NOTE: https://git.qemu.org/?p=qemu.git;a=commit;h=2fdb42d840400d58f2e706ecca82c142b97bcbd6 (v5.2.0-rc0) -CVE-2020-25722 - RESERVED -CVE-2020-25721 - RESERVED +CVE-2020-25722 [AD DC UPN vs samAccountName not checked] + - samba <unfixed> + NOTE: https://bugzilla.samba.org/show_bug.cgi?id=14564 + NOTE: https://bugzilla.samba.org/show_bug.cgi?id=14725 + NOTE: https://www.samba.org/samba/security/CVE-2020-25722.html +CVE-2020-25721 [[Kerberos acceptors need easy access to stable AD identifiers (eg objectSid)] + - samba <unfixed> + NOTE: https://bugzilla.samba.org/show_bug.cgi?id=14725 + NOTE: https://bugzilla.samba.org/show_bug.cgi?id=14557 + NOTE: https://www.samba.org/samba/security/CVE-2020-25721.html CVE-2020-25720 RESERVED -CVE-2020-25719 - RESERVED -CVE-2020-25718 - RESERVED -CVE-2020-25717 - RESERVED +CVE-2020-25719 [AD DC Username based races when no PAC is given] + - samba <unfixed> + NOTE: https://bugzilla.samba.org/show_bug.cgi?id=14561 + NOTE: https://bugzilla.samba.org/show_bug.cgi?id=14725 + NOTE: https://www.samba.org/samba/security/CVE-2020-25719.html +CVE-2020-25718 [An RODC can issue (forge) administrator tickets to other servers] + - samba <unfixed> + NOTE: https://bugzilla.samba.org/show_bug.cgi?id=14558 + NOTE: https://bugzilla.samba.org/show_bug.cgi?id=14725 + NOTE: https://www.samba.org/samba/security/CVE-2020-25718.html +CVE-2020-25717 [A user on the domain can become root on domain members] + - samba <unfixed> + NOTE: https://bugzilla.samba.org/show_bug.cgi?id=14556 + NOTE: https://bugzilla.samba.org/show_bug.cgi?id=14725 + NOTE: https://www.samba.org/samba/security/CVE-2020-25717.html + NOTE: A new parameter "min domain uid" (defaults to 1000) has been added, + NOTE: which enforces that no UNIX uid below this value will be accepted. CVE-2020-25716 (A flaw was found in Cloudforms. A role-based privileges escalation fla ...) NOT-FOR-US: Red Hat CloudForm CVE-2020-25715 (A flaw was found in pki-core 10.9.0. A specially crafted POST request ...) diff --git a/data/CVE/list.2021 b/data/CVE/list.2021 index 301dfc26c2..5b37082a34 100644 --- a/data/CVE/list.2021 +++ b/data/CVE/list.2021 @@ -1767,8 +1767,12 @@ CVE-2021-42745 RESERVED CVE-2021-3895 RESERVED -CVE-2021-23192 - RESERVED +CVE-2021-23192 [dcerpc requests don't check all fragments against the first auth_state] + - samba <unfixed> + [buster] - samba <not-affected> (Vulnerable code introduced later) + [stretch] - samba <not-affected> (Vulnerable code introduced later) + NOTE: https://bugzilla.samba.org/show_bug.cgi?id=14875 + NOTE: https://www.samba.org/samba/security/CVE-2021-23192.html CVE-2021-XXXX [RUSTSEC-2020-0159: Potential segfault in localtime_r invocations] - rust-chrono <unfixed> (bug #996913) NOTE: https://rustsec.org/advisories/RUSTSEC-2020-0159.html @@ -7794,8 +7798,10 @@ CVE-2021-40147 (EmTec ZOC before 8.02.2 allows \e[201~ pastes, a different vulne NOT-FOR-US: EmTec ZOC CVE-2021-40146 (A Remote Code Execution (RCE) vulnerability was discovered in the Any2 ...) NOT-FOR-US: Apache Any23 -CVE-2021-3738 - RESERVED +CVE-2021-3738 [crash in dsdb stack] + - samba <unfixed> + NOTE: https://bugzilla.samba.org/show_bug.cgi?id=14468 + NOTE: https://www.samba.org/samba/security/CVE-2021-3738.html CVE-2021-3737 [client can enter an infinite loop on a 100 Continue response from the server] RESERVED {DLA-2808-1} |