Skip to navigation Skip to main content

Utilities

  • Subscriptions
  • Downloads
  • Red Hat Console
  • Get Support
Red Hat Customer Portal
  • Subscriptions
  • Downloads
  • Red Hat Console
  • Get Support
  • Products

    Top Products

    • Red Hat Enterprise Linux
    • Red Hat OpenShift
    • Red Hat Ansible Automation Platform
    All Products

    Downloads and Containers

    • Downloads
    • Packages
    • Containers

    Top Resources

    • Documentation
    • Product Life Cycles
    • Product Compliance
    • Errata
  • Knowledge

    Red Hat Knowledge Center

    • Knowledgebase Solutions
    • Knowledgebase Articles
    • Customer Portal Labs
    • Errata

    Top Product Docs

    • Red Hat Enterprise Linux
    • Red Hat OpenShift
    • Red Hat Ansible Automation Platform
    All Product Docs

    Training and Certification

    • About
    • Course Index
    • Certification Index
    • Skill Assessment
  • Security

    Red Hat Product Security Center

    • Security Updates
    • Security Advisories
    • Red Hat CVE Database
    • Errata

    References

    • Security Bulletins
    • Security Measurement
    • Severity Ratings
    • Security Data

    Top Resources

    • Security Labs
    • Backporting Policies
    • Security Blog
  • Support

    Red Hat Support

    • Support Cases
    • Troubleshoot
    • Get Support
    • Contact Red Hat Support

    Red Hat Community Support

    • Customer Portal Community
    • Community Discussions
    • Red Hat Accelerator Program

    Top Resources

    • Product Life Cycles
    • Customer Portal Labs
    • Red Hat JBoss Supported Configurations
    • Red Hat Insights
Or troubleshoot an issue.

Select Your Language

  • English
  • Français
  • 한국어
  • 日本語
  • 中文 (中国)

Infrastructure and Management

  • Red Hat Enterprise Linux
  • Red Hat Satellite
  • Red Hat Subscription Management
  • Red Hat Insights
  • Red Hat Ansible Automation Platform

Cloud Computing

  • Red Hat OpenShift
  • Red Hat OpenStack Platform
  • Red Hat OpenShift
  • Red Hat OpenShift AI
  • Red Hat OpenShift Dedicated
  • Red Hat Advanced Cluster Security for Kubernetes
  • Red Hat Advanced Cluster Management for Kubernetes
  • Red Hat Quay
  • Red Hat OpenShift Dev Spaces
  • Red Hat OpenShift Service on AWS

Storage

  • Red Hat Gluster Storage
  • Red Hat Hyperconverged Infrastructure
  • Red Hat Ceph Storage
  • Red Hat OpenShift Data Foundation

Runtimes

  • Red Hat Runtimes
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat Data Grid
  • Red Hat JBoss Web Server
  • Red Hat build of Keycloak
  • Red Hat support for Spring Boot
  • Red Hat build of Node.js
  • Red Hat build of Quarkus

Integration and Automation

  • Red Hat Application Foundations
  • Red Hat Fuse
  • Red Hat AMQ
  • Red Hat 3scale API Management
All Products
Red Hat Product Errata RHSA-2017:3261 - Security Advisory
Issued:
2017-11-27
Updated:
2017-11-27

RHSA-2017:3261 - Security Advisory

  • Overview
  • Updated Packages

Synopsis

Important: samba security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for samba is now available for Red Hat Gluster Storage 3.3 for Red Hat Enterprise Linux 6 and Red Hat Gluster Storage 3.3 for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

Samba is an open-source implementation of the Server Message Block (SMB) protocol and the related Common Internet File System (CIFS) protocol, which allow PC-compatible machines to share files, printers, and various information.

Security Fix(es):

  • A use-after-free flaw was found in the way samba servers handled certain SMB1 requests. An unauthenticated attacker could send specially-crafted SMB1 requests to cause the server to crash or execute arbitrary code. (CVE-2017-14746)
  • A memory disclosure flaw was found in samba. An attacker could retrieve parts of server memory, which could contain potentially sensitive data, by sending specially-crafted requests to the samba server. (CVE-2017-15275)

Red Hat would like to thank the Samba project for reporting these issues. Upstream acknowledges Yihan Lian and Zhibin Hu (Qihoo 360 GearTeam) as the original reporter of CVE-2017-14746; and Volker Lendecke (SerNet and the Samba Team) as the original reporter of CVE-2017-15275.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

After installing this update, the smb service will be restarted automatically.

Affected Products

  • Red Hat Gluster Storage Server for On-premise 3 for RHEL 7 x86_64
  • Red Hat Gluster Storage Server for On-premise 3 for RHEL 6 x86_64

Fixes

  • BZ - 1511899 - CVE-2017-14746 samba: Use-after-free in processing SMB1 requests
  • BZ - 1512465 - CVE-2017-15275 samba: Server heap-memory disclosure

CVEs

  • CVE-2017-14746
  • CVE-2017-15275

References

  • https://access.redhat.com/security/updates/classification/#important
Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Gluster Storage Server for On-premise 3 for RHEL 7

SRPM
samba-4.6.3-9.el7rhgs.src.rpm SHA-256: 6e036881972f6c4b11a67b63c60ff0139cf0bfaa4e60f4f28fbb0dfa25ff2f06
x86_64
ctdb-4.6.3-9.el7rhgs.x86_64.rpm SHA-256: 960c2935fd77a95f9a18d0ec629825c929f7f455c1bf9f96c1dd85a01c950bff
ctdb-tests-4.6.3-9.el7rhgs.x86_64.rpm SHA-256: b0463dc9658642040e7d7627bb8db17c87e6c021343ad1c562d79a469f4a4bcd
libsmbclient-4.6.3-9.el7rhgs.x86_64.rpm SHA-256: 4143bc08792a96374c2f7a40396dab15abfd73a36e90ebd5a73bd12c8bda34fd
libsmbclient-devel-4.6.3-9.el7rhgs.x86_64.rpm SHA-256: 8dd13120a1b11a627acbe4041c7eb83cb95565abb8a8f4e26e30ddf34b9e4aec
libwbclient-4.6.3-9.el7rhgs.x86_64.rpm SHA-256: 15e8a43c19b4246ac2e994f65b30196a8d1963a77e65537d1bedf89de980e807
libwbclient-devel-4.6.3-9.el7rhgs.x86_64.rpm SHA-256: 6dacbaa6257906a93b73e8610866aa7be49b859261991cc489d598fb9f114b40
samba-4.6.3-9.el7rhgs.x86_64.rpm SHA-256: ad32c3f90fd2fbef8f0254728b5c39183a8a66d4be7af2f73f025d2121798862
samba-client-4.6.3-9.el7rhgs.x86_64.rpm SHA-256: fb330fb05b33f6b926883e5476918ad04f34f7c41706f93e2b662cd1ea2802c0
samba-client-libs-4.6.3-9.el7rhgs.x86_64.rpm SHA-256: 1681416bbc13516d4a3096a3f3bb31910a0fa11ee666b57efe5603274ba69d8c
samba-common-4.6.3-9.el7rhgs.noarch.rpm SHA-256: 409b4144ddd03f29baf6ed55ee981143885c4df9588fd72477b0bf838901a12b
samba-common-libs-4.6.3-9.el7rhgs.x86_64.rpm SHA-256: 7404e504c7e8e9c878aa2ad2e75079aaf6b56125f596dd3dd23b009a5dbb26b3
samba-common-tools-4.6.3-9.el7rhgs.x86_64.rpm SHA-256: 20b407788a2c917f7ef01e531dc00537c2e125cfdd3007ff9b9b0ec98d083565
samba-dc-4.6.3-9.el7rhgs.x86_64.rpm SHA-256: 933a99a100fa629a08bea33cd7a2d74a4795ceef02a1dd09f974ffa617b4874c
samba-dc-libs-4.6.3-9.el7rhgs.x86_64.rpm SHA-256: dcc8a9ca83c14dfea0911cfdea57dad0c73f07f873fb3a755d7539d75471f5e9
samba-debuginfo-4.6.3-9.el7rhgs.x86_64.rpm SHA-256: 1af3d7fe16cf52f0e9470654e5882e1355a753f0734652263e695a37f1aca562
samba-devel-4.6.3-9.el7rhgs.x86_64.rpm SHA-256: 89983e680d2a7bc55fca979d03e67a3bb1756d63294f0850d901ef0bdae3fc01
samba-krb5-printing-4.6.3-9.el7rhgs.x86_64.rpm SHA-256: fdad5c64a41b4f2e3e667a40576fbb27d5a978398eab4bc39b29f29376ef7c27
samba-libs-4.6.3-9.el7rhgs.x86_64.rpm SHA-256: 53275b35ac98b7215ddee41d5a6f1a77e30ca502e41c63be234c86d3a1234f50
samba-pidl-4.6.3-9.el7rhgs.noarch.rpm SHA-256: a1b77e3654f82a837dab4904f58c1709c23a695ed9b217736cffbb5252ad7a4e
samba-python-4.6.3-9.el7rhgs.x86_64.rpm SHA-256: 01e8b9a8938df29bd877b588923c954d97920438ef1339714c61f5b026b7d5b2
samba-test-4.6.3-9.el7rhgs.x86_64.rpm SHA-256: 449709cac90ded893daf19b2fac6f5eba307ab2dc4be8f86cddfa776d8aa79d1
samba-test-libs-4.6.3-9.el7rhgs.x86_64.rpm SHA-256: 48f1d24bb85c80d9f1b679041ab05f6a5d6feafc514bc4d1e56fae3df29952a6
samba-vfs-glusterfs-4.6.3-9.el7rhgs.x86_64.rpm SHA-256: 0306872ac6f6d76d91e02cd71744fb80a67b1a1d9f1068d9ad407f4fea185e2d
samba-winbind-4.6.3-9.el7rhgs.x86_64.rpm SHA-256: 25d90abcf89e327e7400a602cd96f13f43b895ea227daa85973fe230c27ecc84
samba-winbind-clients-4.6.3-9.el7rhgs.x86_64.rpm SHA-256: 941302e2dc237f130246cf7c664b97b2be7cb5d149cfc21076e37912ad9c18aa
samba-winbind-krb5-locator-4.6.3-9.el7rhgs.x86_64.rpm SHA-256: e529a59a060942ae1bea283d29e2a050bac370b4da0bf66fab1f3c5ba67aac72
samba-winbind-modules-4.6.3-9.el7rhgs.x86_64.rpm SHA-256: 58dd4a82a14f780d02d8bd800d5b9a46fabbda4a8040ae6e97d0de8b65490fc2

Red Hat Gluster Storage Server for On-premise 3 for RHEL 6

SRPM
samba-4.6.3-9.el6rhs.src.rpm SHA-256: 7ced5aefae9d3ddb9aa9ad11e22d36bacfe5d82f09731a2e26e6fc3ffdadba9a
x86_64
ctdb-4.6.3-9.el6rhs.x86_64.rpm SHA-256: 452b9831603da77427bf7c99005378b0126ab9c66a7704ecfa9d25f3722345cc
ctdb-tests-4.6.3-9.el6rhs.x86_64.rpm SHA-256: c04b255af36d32556add9ba9058fd3e6a5303c4749565211345c0982e271f854
libsmbclient-4.6.3-9.el6rhs.x86_64.rpm SHA-256: d13a033cbaaa275ae9965fc4c4b724089b398bac95556448940b48e0b20dac44
libsmbclient-devel-4.6.3-9.el6rhs.x86_64.rpm SHA-256: 420e4882eed0071723eb7f65c87e50123603a4bdd0e65bed3d20d4808c736b91
libwbclient-4.6.3-9.el6rhs.x86_64.rpm SHA-256: cf2f88ab5c1dfb1ca7a83b966bd5b737b11810e7233bf6c3ae9c93f10b4e7891
libwbclient-devel-4.6.3-9.el6rhs.x86_64.rpm SHA-256: 1341f20c15a09f90a86cd0308b7545482a691dd9a5edd2ada51d7b1142341675
samba-4.6.3-9.el6rhs.x86_64.rpm SHA-256: 76e6f3b5440b091103f2bf6d5335ed95fef2a6441b3e14ce0fd5c4ff225416b4
samba-client-4.6.3-9.el6rhs.x86_64.rpm SHA-256: b87788a1a18107de809f9ae9dd50b377c180224cf29417c0dcd12e5617a710e7
samba-client-libs-4.6.3-9.el6rhs.x86_64.rpm SHA-256: 1314e9cce8f755219e4b154d1513e80dc43c342a7d0c0ae5c17abcd32d98187b
samba-common-4.6.3-9.el6rhs.noarch.rpm SHA-256: 1e09bc913242fc0e4d3835050edecb4e2cfaeb11d342796dbc92fe933ea3508d
samba-common-libs-4.6.3-9.el6rhs.x86_64.rpm SHA-256: 1f85064eff24d05549d9ea3f6ef1fbabfc966c261fdb73cb70157783e195ee11
samba-common-tools-4.6.3-9.el6rhs.x86_64.rpm SHA-256: 0ba1aad91a6e6d5750d0924c626f5754a15470ef52c7f126c973ebb891abfd6a
samba-dc-4.6.3-9.el6rhs.x86_64.rpm SHA-256: 0d014ee7079ff0efe89ae1d241ec27303a3e2a98a13773e67b18bc68789e6b39
samba-dc-libs-4.6.3-9.el6rhs.x86_64.rpm SHA-256: cf8cc5580ab324f085d597aefb4576639369af8b32bc734780be5d7c14d626e6
samba-debuginfo-4.6.3-9.el6rhs.x86_64.rpm SHA-256: 72a482cce595bfb99d5477e8ebf5e968cf96b658feea979b0113b47107cd3697
samba-devel-4.6.3-9.el6rhs.x86_64.rpm SHA-256: 2e22b0fdb9d93d4448cecdea614639c1697898298979c0f60522713ed36d0c11
samba-krb5-printing-4.6.3-9.el6rhs.x86_64.rpm SHA-256: cd64e15bb575eea750f1ca56629d974f9252c4043e66535fc8cbb44b434b57ec
samba-libs-4.6.3-9.el6rhs.x86_64.rpm SHA-256: 5525e6d660dbcd8f9e0d23a2f9f7f252f2f5528248d1767d5e1f63b3b5daf90f
samba-pidl-4.6.3-9.el6rhs.noarch.rpm SHA-256: 1b076e0fa7462dc4070c907f6bc4c2ea34d3ccf0fcca32a38ded90fd5d5b4b66
samba-python-4.6.3-9.el6rhs.x86_64.rpm SHA-256: 8a3ea8345191dedc147a393a7a0aa26fe56c77933ee8b080598f6d772614b824
samba-test-4.6.3-9.el6rhs.x86_64.rpm SHA-256: bd5bf06a1c9b0f2762dd0f2ee6e4ab1b0f3a4f6ea3bc070dfa948eb7d9fccf72
samba-test-libs-4.6.3-9.el6rhs.x86_64.rpm SHA-256: 63d9405b19261019ac21675fe8b3cb8d9517594f9d7dc482c8b0104a542b6fb7
samba-vfs-glusterfs-4.6.3-9.el6rhs.x86_64.rpm SHA-256: c5f380b5aba4451728da7f8c5b24cc7604323f3fb49461a9dafd3b876102a454
samba-winbind-4.6.3-9.el6rhs.x86_64.rpm SHA-256: 062484492c41563c9339d8f67ad93080b4a93c4a2d9e369709946a1647317546
samba-winbind-clients-4.6.3-9.el6rhs.x86_64.rpm SHA-256: a46bc313335978defeb04da59866c03826d18359545854ca63855232fe57e158
samba-winbind-krb5-locator-4.6.3-9.el6rhs.x86_64.rpm SHA-256: bb658af3e9ecc0c6622b5de3aff593534a230916b6da065354cb7325be75cc96
samba-winbind-modules-4.6.3-9.el6rhs.x86_64.rpm SHA-256: 8a1022a87c5fd640193ba6482eea92f951e78dda4b91b51f2a76c9b78efb0ba6

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Red Hat LinkedIn YouTube Facebook X, formerly Twitter

Quick Links

  • Downloads
  • Subscriptions
  • Support Cases
  • Customer Service
  • Product Documentation

Help

  • Contact Us
  • Customer Portal FAQ
  • Log-in Assistance

Site Info

  • Trust Red Hat
  • Browser Support Policy
  • Accessibility
  • Awards and Recognition
  • Colophon

Related Sites

  • redhat.com
  • developers.redhat.com
  • connect.redhat.com
  • cloud.redhat.com

Red Hat legal and privacy links

  • About Red Hat
  • Jobs
  • Events
  • Locations
  • Contact Red Hat
  • Red Hat Blog
  • Inclusion at Red Hat
  • Cool Stuff Store
  • Red Hat Summit
© 2025 Red Hat, Inc.

Red Hat legal and privacy links

  • Privacy statement
  • Terms of use
  • All policies and guidelines
  • Digital accessibility