CVE-2021-20254

Description

A flaw was found in samba. The Samba smbd file server must map Windows group identities (SIDs) into unix group ids (gids). The code that performs this had a flaw that could allow it to read data beyond the end of the array in the case where a negative cache entry had been added to the mapping cache. This could cause the calling code to return those values into the process token that stores the group membership for a user. The highest threat from this vulnerability is to data confidentiality and integrity.

Related CPE's

asambasamba********

asambasamba********

asambasamba********

ofedoraprojectfedora32*******

ofedoraprojectfedora33*******

oredhatenterprise_linux7.0*******

oredhatenterprise_linux8.0*******

odebiandebian_linux9.0*******

References

https://security.netapp.com/advisory/ntap-20210430-0001/

Third Party Advisory

https://www.samba.org/samba/security/CVE-2021-20254.html

Vendor Advisory

https://bugzilla.redhat.com/show_bug.cgi?id=1949442

Issue TrackingThird Party Advisory

FEDORA-2021-1d0807008b

Mailing ListThird Party Advisory

FEDORA-2021-7026246ea9

Mailing ListThird Party Advisory

GLSA-202105-22

Third Party Advisory

[debian-lts-announce] 20210529 [SECURITY] [DLA 2668-1] samba security update

Mailing ListThird Party Advisory

CvssV3 impact

BaseSeverity

MEDIUM

ConfidentialityImpact

HIGH

AttackComplexity

HIGH

Scope

UNCHANGED

AttackVector

NETWORK

AvailabilityImpact

NONE

IntegrityImpact

HIGH

PrivilegesRequired

LOW

BaseScore

6.8

VectorString

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N

Version

3.1

UserInteraction

NONE

CvssV2 impact

AccessComplexity

MEDIUM

ConfidentialityImpact

PARTIAL

AvailabilityImpact

NONE

IntegrityImpact

PARTIAL

BaseScore

4.900000095367432

VectorString

AV:N/AC:M/Au:S/C:P/I:P/A:N

Version

2.0

AccessVector

NETWORK

Authentication

SINGLE

Created by Yello
About Severity.io