Skip to navigation Skip to main content

Utilities

  • Subscriptions
  • Downloads
  • Containers
  • Support Cases
Red Hat Customer Portal
  • Subscriptions
  • Downloads
  • Containers
  • Support Cases
  • Products & Services

    Products

    Support

    • Production Support
    • Development Support
    • Product Life Cycles

    Services

    • Consulting
    • Technical Account Management
    • Training & Certifications

    Documentation

    • Red Hat Enterprise Linux
    • Red Hat JBoss Enterprise Application Platform
    • Red Hat OpenStack Platform
    • Red Hat OpenShift Container Platform
    All Documentation

    Ecosystem Catalog

    • Red Hat Partner Ecosystem
    • Partner Resources
  • Tools

    Tools

    • Troubleshoot a product issue
    • Packages
    • Errata

    Customer Portal Labs

    • Configuration
    • Deployment
    • Security
    • Troubleshoot
    All labs

    Red Hat Insights

    Increase visibility into IT operations to detect and resolve technical issues before they impact your business.

    Learn More
    Go to Insights
  • Security

    Red Hat Product Security Center

    Engage with our Red Hat Product Security team, access security updates, and ensure your environments are not exposed to any known security vulnerabilities.

    Product Security Center

    Security Updates

    • Security Advisories
    • Red Hat CVE Database
    • Security Labs

    Keep your systems secure with Red Hat's specialized responses to security vulnerabilities.

    View Responses

    Resources

    • Security Blog
    • Security Measurement
    • Severity Ratings
    • Backporting Policies
    • Product Signing (GPG) Keys
  • Community

    Customer Portal Community

    • Discussions
    • Private Groups
    Community Activity

    Customer Events

    • Red Hat Convergence
    • Red Hat Summit

    Stories

    • Red Hat Subscription Value
    • You Asked. We Acted.
    • Open Source Communities
Or troubleshoot an issue.

Select Your Language

  • English
  • 한국어
  • 日本語
  • 中文 (中国)

Infrastructure and Management

  • Red Hat Enterprise Linux
  • Red Hat Virtualization
  • Red Hat Identity Management
  • Red Hat Directory Server
  • Red Hat Certificate System
  • Red Hat Satellite
  • Red Hat Subscription Management
  • Red Hat Update Infrastructure
  • Red Hat Insights
  • Red Hat Ansible Automation Platform

Cloud Computing

  • Red Hat OpenShift
  • Red Hat CloudForms
  • Red Hat OpenStack Platform
  • Red Hat OpenShift Container Platform
  • Red Hat OpenShift Data Science
  • Red Hat OpenShift Online
  • Red Hat OpenShift Dedicated
  • Red Hat Advanced Cluster Security for Kubernetes
  • Red Hat Advanced Cluster Management for Kubernetes
  • Red Hat Quay
  • Red Hat CodeReady Workspaces
  • Red Hat OpenShift Service on AWS

Storage

  • Red Hat Gluster Storage
  • Red Hat Hyperconverged Infrastructure
  • Red Hat Ceph Storage
  • Red Hat OpenShift Data Foundation

Runtimes

  • Red Hat Runtimes
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat Data Grid
  • Red Hat JBoss Web Server
  • Red Hat Single Sign On
  • Red Hat support for Spring Boot
  • Red Hat build of Node.js
  • Red Hat build of Thorntail
  • Red Hat build of Eclipse Vert.x
  • Red Hat build of OpenJDK
  • Red Hat build of Quarkus

Integration and Automation

  • Red Hat Integration
  • Red Hat Fuse
  • Red Hat AMQ
  • Red Hat 3scale API Management
  • Red Hat JBoss Data Virtualization
  • Red Hat Process Automation
  • Red Hat Process Automation Manager
  • Red Hat Decision Manager
All Products
Red Hat Product Errata RHSA-2021:4843 - Security Advisory
Issued:
2021-11-29
Updated:
2021-11-29

RHSA-2021:4843 - Security Advisory

  • Overview
  • Updated Packages

Synopsis

Important: samba security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for samba is now available for Red Hat Gluster Storage 3.5 for Red Hat Enterprise Linux 8.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

Samba is an open-source implementation of the Server Message Block (SMB) protocol and the related Common Internet File System (CIFS) protocol, which allow PC-compatible machines to share files, printers, and various information.

Security Fix(es):

  • samba: SMB1 client connections can be downgraded to plaintext authentication (CVE-2016-2124)
  • samba: Subsequent DCE/RPC fragment injection vulnerability (CVE-2021-23192)
  • samba: A user in an AD Domain could become root on domain members (CVE-2020-25717)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

All users of Samba with Red Hat Gluster Storage are advised to upgrade to these updated packages.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

After installing this update, the smb service will be restarted automatically.

For details on migrating Samba/CTDB configuration files, refer to:

https://access.redhat.com/solutions/4311261

Affected Products

  • Red Hat Gluster Storage Server for On-premise 3 for RHEL 8 x86_64

Fixes

  • BZ - 2019660 - CVE-2016-2124 samba: SMB1 client connections can be downgraded to plaintext authentication
  • BZ - 2019666 - CVE-2021-23192 samba: Subsequent DCE/RPC fragment injection vulnerability
  • BZ - 2019672 - CVE-2020-25717 samba: A user in an AD Domain could become root on domain members

CVEs

  • CVE-2016-2124
  • CVE-2020-25717
  • CVE-2021-23192

References

  • https://access.redhat.com/security/updates/classification/#important
Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Gluster Storage Server for On-premise 3 for RHEL 8

SRPM
samba-4.14.5-204.el8rhgs.src.rpm SHA-256: 497fc9c81986521e9b7484343f852f3185946826f373a55982f2ec9c6eaf4685
x86_64
ctdb-4.14.5-204.el8rhgs.x86_64.rpm SHA-256: 3c22fc49bdcd2075dd65609ba12335c7215762262779e497fdc35717450c765c
ctdb-debuginfo-4.14.5-204.el8rhgs.x86_64.rpm SHA-256: d9d0e308868e5aef1fabcde6e9b97de561422f3bdead64fff8137c820702c9ac
libsmbclient-4.14.5-204.el8rhgs.x86_64.rpm SHA-256: 61bd4688bc577a6870a9441a4f12abb18189d054841e7c0e778c38903115462f
libsmbclient-debuginfo-4.14.5-204.el8rhgs.x86_64.rpm SHA-256: 9121f7fbf2976d52126879dfcf8d07c2c71863c03a33ac6200d44b251b0a92eb
libsmbclient-devel-4.14.5-204.el8rhgs.x86_64.rpm SHA-256: f6201497b2ecc3ad730426ae85f94aaf8d7070cd0727209da8e764df705dbd73
libwbclient-4.14.5-204.el8rhgs.x86_64.rpm SHA-256: 99c2dac166b881c5e961cb9eec6e88ac81d2317dfbe15375c17f25585d0f7cc8
libwbclient-debuginfo-4.14.5-204.el8rhgs.x86_64.rpm SHA-256: cad4c9a1df9cf76531e60d14d6d30e28b7f285b09a77fdb5e58be669c5b618d4
libwbclient-devel-4.14.5-204.el8rhgs.x86_64.rpm SHA-256: 543ceb9cfe24e19c2297598cf3d274e3f161a335f86dfe5255edb8afb27205fe
python3-samba-4.14.5-204.el8rhgs.x86_64.rpm SHA-256: 7e945211e425185d50bd79b9dc711d631de5015326b1df45bc3591c631de1027
python3-samba-debuginfo-4.14.5-204.el8rhgs.x86_64.rpm SHA-256: 6ee82c9c0e0a25cc49e39248878ec0ae44c971e30e40811a46ab4627d8a0b28b
samba-4.14.5-204.el8rhgs.x86_64.rpm SHA-256: c329e7f515662a6d677df32d2da10aba472359868078c1e899d1b8a4733c20bc
samba-client-4.14.5-204.el8rhgs.x86_64.rpm SHA-256: 2a89b6765dd6d9afac01f2d64d0f9d0f4d609f2efcb9e7d930b7d200fc495042
samba-client-debuginfo-4.14.5-204.el8rhgs.x86_64.rpm SHA-256: 579c1a975d4c1ab012ffd0cba2158d28d9f62dd06bd8296bef5aafd3659b7cd9
samba-client-libs-4.14.5-204.el8rhgs.x86_64.rpm SHA-256: 4322d161201ea310b42041c9eb2ebc3ce418d78da551be253acaf9e66c0aa3af
samba-client-libs-debuginfo-4.14.5-204.el8rhgs.x86_64.rpm SHA-256: a3f39400d5272da547e977b494c7deb1302332686627516330fd77a1b3cdf804
samba-common-4.14.5-204.el8rhgs.noarch.rpm SHA-256: 3a7eb016dd4649cae3720d16c65c36298e9295bfd9189d2114c0d818753a4bd9
samba-common-libs-4.14.5-204.el8rhgs.x86_64.rpm SHA-256: 90f800e946deac3fe450fa755397635ad0f6fbc5d9b88387d201b88e3a5b227a
samba-common-libs-debuginfo-4.14.5-204.el8rhgs.x86_64.rpm SHA-256: c15210747cbd043d7e5343b41d100b33830664070b1dbe47fb51f546d00d562d
samba-common-tools-4.14.5-204.el8rhgs.x86_64.rpm SHA-256: a21b828c89210d7e6999579dd76748d234a7b085ad029b9aa57da917e1248848
samba-common-tools-debuginfo-4.14.5-204.el8rhgs.x86_64.rpm SHA-256: 32ddb4b4c3de7a8b6af4136cb445dd5fbf51cb6feb94830276560a738ab15b31
samba-debuginfo-4.14.5-204.el8rhgs.x86_64.rpm SHA-256: 658437eacf2ed2e164286f68095781f60b70a256fe46810ef41a4d6235677ff3
samba-debugsource-4.14.5-204.el8rhgs.x86_64.rpm SHA-256: 3665c8f2193f6e9d08a8366ebe673f0c948fae77065b1a18a0bdd79349d53a38
samba-devel-4.14.5-204.el8rhgs.x86_64.rpm SHA-256: 456bff8475e1ffe48ce2076b8fd51f3db691519cb53e1e043964030c3eff3832
samba-krb5-printing-4.14.5-204.el8rhgs.x86_64.rpm SHA-256: c28693a50c27fc564f64d1a697b32ec3632b09376e8a22db6245d09f4f2871e8
samba-krb5-printing-debuginfo-4.14.5-204.el8rhgs.x86_64.rpm SHA-256: f9fa1c2a7e1111cad80c5c9308e7b30d4c7cd280d1f13bc76a1c7867a818e71c
samba-libs-4.14.5-204.el8rhgs.x86_64.rpm SHA-256: bdbd2b93cc6953795f9a9bdba6fee16a6eea054d9a8b721ab2695a7ecc6711a2
samba-libs-debuginfo-4.14.5-204.el8rhgs.x86_64.rpm SHA-256: 81881532ea88db0c35bb7ed942d4943f173d05787f4cd477edf63e5a575a0cca
samba-pidl-4.14.5-204.el8rhgs.noarch.rpm SHA-256: 132abcc2c1c531c6b570d8084bc9dc3e25f30bb25ede1065118941f893f9a511
samba-test-debuginfo-4.14.5-204.el8rhgs.x86_64.rpm SHA-256: 06301e3f7bf82903ce7a85b2a2efeb61432641fe60b699af63203aab920f794c
samba-test-libs-debuginfo-4.14.5-204.el8rhgs.x86_64.rpm SHA-256: 9afb572798ef771b65816f78e0e86af55a737ee636b2bd1336171c7f4529b95c
samba-vfs-glusterfs-4.14.5-204.el8rhgs.x86_64.rpm SHA-256: b0df640ca91a72a7f765ee919506a6f1d000ed0d9035a64eabb7ed20ec789644
samba-vfs-glusterfs-debuginfo-4.14.5-204.el8rhgs.x86_64.rpm SHA-256: 9ba9888a62517aac6c1330a0738699fe2956689e5a443611d8255df253346d5d
samba-vfs-iouring-debuginfo-4.14.5-204.el8rhgs.x86_64.rpm SHA-256: 49b6aac5b1e196a4ef9c97fed96d4f999cdde8d86c6025ae61162f7e1cefcbbf
samba-winbind-4.14.5-204.el8rhgs.x86_64.rpm SHA-256: 131b8cae941692a3208c734823aedc00551065070ab5d07eb59cd80c12419a28
samba-winbind-clients-4.14.5-204.el8rhgs.x86_64.rpm SHA-256: 174ffb4ec427302690e00506ad93c96980e345d8c47c236a1a356c738d95ded4
samba-winbind-clients-debuginfo-4.14.5-204.el8rhgs.x86_64.rpm SHA-256: d2e22f8a869b4b424e34113042872decf8ed4d3a558b4b7db102dea6b39457a3
samba-winbind-debuginfo-4.14.5-204.el8rhgs.x86_64.rpm SHA-256: e09d062322d1e8dbfd0a33339fd2a37e45711eae1081a8a7b6a0111c38f498a0
samba-winbind-krb5-locator-4.14.5-204.el8rhgs.x86_64.rpm SHA-256: 5eb81caa6fff07ce7211869654dc31eeb01a1ccd48f1fc0b606b3e698b21402c
samba-winbind-krb5-locator-debuginfo-4.14.5-204.el8rhgs.x86_64.rpm SHA-256: c23d67a6375809b0fbc29c04c145c92d60226b4f1f261512e060dd3e4ee6fbee
samba-winbind-modules-4.14.5-204.el8rhgs.x86_64.rpm SHA-256: 2c1e5081e5e89b2c1472fd9b7034b6da1a0ddb38aaf9e3fb25bc6a784e088453
samba-winbind-modules-debuginfo-4.14.5-204.el8rhgs.x86_64.rpm SHA-256: d2ed34ae636772efca3cd6c4ee0ca9396f60adddb74ea99c6a9cd708738f3efb
samba-winexe-debuginfo-4.14.5-204.el8rhgs.x86_64.rpm SHA-256: 79f21ac6489632534937e6adf95848d3beb36d8525656c5258f012e495f64092

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Red Hat

Quick Links

  • Downloads
  • Subscriptions
  • Support Cases
  • Customer Service
  • Product Documentation

Help

  • Contact Us
  • Customer Portal FAQ
  • Log-in Assistance

Site Info

  • Trust Red Hat
  • Browser Support Policy
  • Accessibility
  • Awards and Recognition
  • Colophon

Related Sites

  • redhat.com
  • developers.redhat.com
  • connect.redhat.com
  • cloud.redhat.com

About

  • Red Hat Subscription Value
  • About Red Hat
  • Red Hat Jobs
Copyright © 2022 Red Hat, Inc.
  • Privacy Statement
  • Customer Portal Terms of Use
  • All Policies and Guidelines
Red Hat Summit
Twitter