- Issued:
- 2017-11-27
- Updated:
- 2017-11-27
RHSA-2017:3261 - Security Advisory
Synopsis
Important: samba security update
Type/Severity
Security Advisory: Important
Topic
An update for samba is now available for Red Hat Gluster Storage 3.3 for Red Hat Enterprise Linux 6 and Red Hat Gluster Storage 3.3 for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Description
Samba is an open-source implementation of the Server Message Block (SMB) protocol and the related Common Internet File System (CIFS) protocol, which allow PC-compatible machines to share files, printers, and various information.
Security Fix(es):
- A use-after-free flaw was found in the way samba servers handled certain SMB1 requests. An unauthenticated attacker could send specially-crafted SMB1 requests to cause the server to crash or execute arbitrary code. (CVE-2017-14746)
- A memory disclosure flaw was found in samba. An attacker could retrieve parts of server memory, which could contain potentially sensitive data, by sending specially-crafted requests to the samba server. (CVE-2017-15275)
Red Hat would like to thank the Samba project for reporting these issues. Upstream acknowledges Yihan Lian and Zhibin Hu (Qihoo 360 GearTeam) as the original reporter of CVE-2017-14746; and Volker Lendecke (SerNet and the Samba Team) as the original reporter of CVE-2017-15275.
Solution
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
After installing this update, the smb service will be restarted automatically.
Affected Products
- Red Hat Gluster Storage Server for On-premise 3 for RHEL 7 x86_64
- Red Hat Gluster Storage Server for On-premise 3 for RHEL 6 x86_64
Fixes
- BZ - 1511899 - CVE-2017-14746 samba: Use-after-free in processing SMB1 requests
- BZ - 1512465 - CVE-2017-15275 samba: Server heap-memory disclosure
CVEs
References
Note:
More recent versions of these packages may be available.
Click a package name for more details.
Red Hat Gluster Storage Server for On-premise 3 for RHEL 7
| SRPM | |
|---|---|
| samba-4.6.3-9.el7rhgs.src.rpm | SHA-256: 6e036881972f6c4b11a67b63c60ff0139cf0bfaa4e60f4f28fbb0dfa25ff2f06 |
| x86_64 | |
| ctdb-4.6.3-9.el7rhgs.x86_64.rpm | SHA-256: 960c2935fd77a95f9a18d0ec629825c929f7f455c1bf9f96c1dd85a01c950bff |
| ctdb-tests-4.6.3-9.el7rhgs.x86_64.rpm | SHA-256: b0463dc9658642040e7d7627bb8db17c87e6c021343ad1c562d79a469f4a4bcd |
| libsmbclient-4.6.3-9.el7rhgs.x86_64.rpm | SHA-256: 4143bc08792a96374c2f7a40396dab15abfd73a36e90ebd5a73bd12c8bda34fd |
| libsmbclient-devel-4.6.3-9.el7rhgs.x86_64.rpm | SHA-256: 8dd13120a1b11a627acbe4041c7eb83cb95565abb8a8f4e26e30ddf34b9e4aec |
| libwbclient-4.6.3-9.el7rhgs.x86_64.rpm | SHA-256: 15e8a43c19b4246ac2e994f65b30196a8d1963a77e65537d1bedf89de980e807 |
| libwbclient-devel-4.6.3-9.el7rhgs.x86_64.rpm | SHA-256: 6dacbaa6257906a93b73e8610866aa7be49b859261991cc489d598fb9f114b40 |
| samba-4.6.3-9.el7rhgs.x86_64.rpm | SHA-256: ad32c3f90fd2fbef8f0254728b5c39183a8a66d4be7af2f73f025d2121798862 |
| samba-client-4.6.3-9.el7rhgs.x86_64.rpm | SHA-256: fb330fb05b33f6b926883e5476918ad04f34f7c41706f93e2b662cd1ea2802c0 |
| samba-client-libs-4.6.3-9.el7rhgs.x86_64.rpm | SHA-256: 1681416bbc13516d4a3096a3f3bb31910a0fa11ee666b57efe5603274ba69d8c |
| samba-common-4.6.3-9.el7rhgs.noarch.rpm | SHA-256: 409b4144ddd03f29baf6ed55ee981143885c4df9588fd72477b0bf838901a12b |
| samba-common-libs-4.6.3-9.el7rhgs.x86_64.rpm | SHA-256: 7404e504c7e8e9c878aa2ad2e75079aaf6b56125f596dd3dd23b009a5dbb26b3 |
| samba-common-tools-4.6.3-9.el7rhgs.x86_64.rpm | SHA-256: 20b407788a2c917f7ef01e531dc00537c2e125cfdd3007ff9b9b0ec98d083565 |
| samba-dc-4.6.3-9.el7rhgs.x86_64.rpm | SHA-256: 933a99a100fa629a08bea33cd7a2d74a4795ceef02a1dd09f974ffa617b4874c |
| samba-dc-libs-4.6.3-9.el7rhgs.x86_64.rpm | SHA-256: dcc8a9ca83c14dfea0911cfdea57dad0c73f07f873fb3a755d7539d75471f5e9 |
| samba-debuginfo-4.6.3-9.el7rhgs.x86_64.rpm | SHA-256: 1af3d7fe16cf52f0e9470654e5882e1355a753f0734652263e695a37f1aca562 |
| samba-devel-4.6.3-9.el7rhgs.x86_64.rpm | SHA-256: 89983e680d2a7bc55fca979d03e67a3bb1756d63294f0850d901ef0bdae3fc01 |
| samba-krb5-printing-4.6.3-9.el7rhgs.x86_64.rpm | SHA-256: fdad5c64a41b4f2e3e667a40576fbb27d5a978398eab4bc39b29f29376ef7c27 |
| samba-libs-4.6.3-9.el7rhgs.x86_64.rpm | SHA-256: 53275b35ac98b7215ddee41d5a6f1a77e30ca502e41c63be234c86d3a1234f50 |
| samba-pidl-4.6.3-9.el7rhgs.noarch.rpm | SHA-256: a1b77e3654f82a837dab4904f58c1709c23a695ed9b217736cffbb5252ad7a4e |
| samba-python-4.6.3-9.el7rhgs.x86_64.rpm | SHA-256: 01e8b9a8938df29bd877b588923c954d97920438ef1339714c61f5b026b7d5b2 |
| samba-test-4.6.3-9.el7rhgs.x86_64.rpm | SHA-256: 449709cac90ded893daf19b2fac6f5eba307ab2dc4be8f86cddfa776d8aa79d1 |
| samba-test-libs-4.6.3-9.el7rhgs.x86_64.rpm | SHA-256: 48f1d24bb85c80d9f1b679041ab05f6a5d6feafc514bc4d1e56fae3df29952a6 |
| samba-vfs-glusterfs-4.6.3-9.el7rhgs.x86_64.rpm | SHA-256: 0306872ac6f6d76d91e02cd71744fb80a67b1a1d9f1068d9ad407f4fea185e2d |
| samba-winbind-4.6.3-9.el7rhgs.x86_64.rpm | SHA-256: 25d90abcf89e327e7400a602cd96f13f43b895ea227daa85973fe230c27ecc84 |
| samba-winbind-clients-4.6.3-9.el7rhgs.x86_64.rpm | SHA-256: 941302e2dc237f130246cf7c664b97b2be7cb5d149cfc21076e37912ad9c18aa |
| samba-winbind-krb5-locator-4.6.3-9.el7rhgs.x86_64.rpm | SHA-256: e529a59a060942ae1bea283d29e2a050bac370b4da0bf66fab1f3c5ba67aac72 |
| samba-winbind-modules-4.6.3-9.el7rhgs.x86_64.rpm | SHA-256: 58dd4a82a14f780d02d8bd800d5b9a46fabbda4a8040ae6e97d0de8b65490fc2 |
Red Hat Gluster Storage Server for On-premise 3 for RHEL 6
| SRPM | |
|---|---|
| samba-4.6.3-9.el6rhs.src.rpm | SHA-256: 7ced5aefae9d3ddb9aa9ad11e22d36bacfe5d82f09731a2e26e6fc3ffdadba9a |
| x86_64 | |
| ctdb-4.6.3-9.el6rhs.x86_64.rpm | SHA-256: 452b9831603da77427bf7c99005378b0126ab9c66a7704ecfa9d25f3722345cc |
| ctdb-tests-4.6.3-9.el6rhs.x86_64.rpm | SHA-256: c04b255af36d32556add9ba9058fd3e6a5303c4749565211345c0982e271f854 |
| libsmbclient-4.6.3-9.el6rhs.x86_64.rpm | SHA-256: d13a033cbaaa275ae9965fc4c4b724089b398bac95556448940b48e0b20dac44 |
| libsmbclient-devel-4.6.3-9.el6rhs.x86_64.rpm | SHA-256: 420e4882eed0071723eb7f65c87e50123603a4bdd0e65bed3d20d4808c736b91 |
| libwbclient-4.6.3-9.el6rhs.x86_64.rpm | SHA-256: cf2f88ab5c1dfb1ca7a83b966bd5b737b11810e7233bf6c3ae9c93f10b4e7891 |
| libwbclient-devel-4.6.3-9.el6rhs.x86_64.rpm | SHA-256: 1341f20c15a09f90a86cd0308b7545482a691dd9a5edd2ada51d7b1142341675 |
| samba-4.6.3-9.el6rhs.x86_64.rpm | SHA-256: 76e6f3b5440b091103f2bf6d5335ed95fef2a6441b3e14ce0fd5c4ff225416b4 |
| samba-client-4.6.3-9.el6rhs.x86_64.rpm | SHA-256: b87788a1a18107de809f9ae9dd50b377c180224cf29417c0dcd12e5617a710e7 |
| samba-client-libs-4.6.3-9.el6rhs.x86_64.rpm | SHA-256: 1314e9cce8f755219e4b154d1513e80dc43c342a7d0c0ae5c17abcd32d98187b |
| samba-common-4.6.3-9.el6rhs.noarch.rpm | SHA-256: 1e09bc913242fc0e4d3835050edecb4e2cfaeb11d342796dbc92fe933ea3508d |
| samba-common-libs-4.6.3-9.el6rhs.x86_64.rpm | SHA-256: 1f85064eff24d05549d9ea3f6ef1fbabfc966c261fdb73cb70157783e195ee11 |
| samba-common-tools-4.6.3-9.el6rhs.x86_64.rpm | SHA-256: 0ba1aad91a6e6d5750d0924c626f5754a15470ef52c7f126c973ebb891abfd6a |
| samba-dc-4.6.3-9.el6rhs.x86_64.rpm | SHA-256: 0d014ee7079ff0efe89ae1d241ec27303a3e2a98a13773e67b18bc68789e6b39 |
| samba-dc-libs-4.6.3-9.el6rhs.x86_64.rpm | SHA-256: cf8cc5580ab324f085d597aefb4576639369af8b32bc734780be5d7c14d626e6 |
| samba-debuginfo-4.6.3-9.el6rhs.x86_64.rpm | SHA-256: 72a482cce595bfb99d5477e8ebf5e968cf96b658feea979b0113b47107cd3697 |
| samba-devel-4.6.3-9.el6rhs.x86_64.rpm | SHA-256: 2e22b0fdb9d93d4448cecdea614639c1697898298979c0f60522713ed36d0c11 |
| samba-krb5-printing-4.6.3-9.el6rhs.x86_64.rpm | SHA-256: cd64e15bb575eea750f1ca56629d974f9252c4043e66535fc8cbb44b434b57ec |
| samba-libs-4.6.3-9.el6rhs.x86_64.rpm | SHA-256: 5525e6d660dbcd8f9e0d23a2f9f7f252f2f5528248d1767d5e1f63b3b5daf90f |
| samba-pidl-4.6.3-9.el6rhs.noarch.rpm | SHA-256: 1b076e0fa7462dc4070c907f6bc4c2ea34d3ccf0fcca32a38ded90fd5d5b4b66 |
| samba-python-4.6.3-9.el6rhs.x86_64.rpm | SHA-256: 8a3ea8345191dedc147a393a7a0aa26fe56c77933ee8b080598f6d772614b824 |
| samba-test-4.6.3-9.el6rhs.x86_64.rpm | SHA-256: bd5bf06a1c9b0f2762dd0f2ee6e4ab1b0f3a4f6ea3bc070dfa948eb7d9fccf72 |
| samba-test-libs-4.6.3-9.el6rhs.x86_64.rpm | SHA-256: 63d9405b19261019ac21675fe8b3cb8d9517594f9d7dc482c8b0104a542b6fb7 |
| samba-vfs-glusterfs-4.6.3-9.el6rhs.x86_64.rpm | SHA-256: c5f380b5aba4451728da7f8c5b24cc7604323f3fb49461a9dafd3b876102a454 |
| samba-winbind-4.6.3-9.el6rhs.x86_64.rpm | SHA-256: 062484492c41563c9339d8f67ad93080b4a93c4a2d9e369709946a1647317546 |
| samba-winbind-clients-4.6.3-9.el6rhs.x86_64.rpm | SHA-256: a46bc313335978defeb04da59866c03826d18359545854ca63855232fe57e158 |
| samba-winbind-krb5-locator-4.6.3-9.el6rhs.x86_64.rpm | SHA-256: bb658af3e9ecc0c6622b5de3aff593534a230916b6da065354cb7325be75cc96 |
| samba-winbind-modules-4.6.3-9.el6rhs.x86_64.rpm | SHA-256: 8a1022a87c5fd640193ba6482eea92f951e78dda4b91b51f2a76c9b78efb0ba6 |
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.