Issued:: 2022-02-07
Updated:: 2022-02-07

RHSA-2022:0457 - Security Advisory

Overview
Updated Packages

Synopsis

Critical: samba security update

Type/Severity

Security Advisory: Critical

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for samba is now available for Red Hat Gluster Storage 3.5 for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

Samba is an open-source implementation of the Server Message Block (SMB) protocol and the related Common Internet File System (CIFS) protocol, which allow PC-compatible machines to share files, printers, and various information.

Security Fix(es):

samba: Out-of-bounds heap read/write vulnerability in VFS module vfs_fruit allows code execution (CVE-2021-44142)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

All users of Samba with Red Hat Gluster Storage are advised to upgrade to these updated packages.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

After installing this update, the smb service will be restarted automatically.

For details on migrating Samba/CTDB configuration files, refer to:

https://access.redhat.com/solutions/4311261

Affected Products

Red Hat Gluster Storage Server for On-premise 3 for RHEL 7 x86_64

Fixes

BZ - 2046146 - CVE-2021-44142 samba: Out-of-bounds heap read/write vulnerability in VFS module vfs_fruit allows code execution

CVEs

CVE-2021-44142

References

https://access.redhat.com/security/updates/classification/#critical

Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Gluster Storage Server for On-premise 3 for RHEL 7

SRPM
samba-4.11.6-116.el7rhgs.src.rpm	SHA-256: 855a37e45758fd878302c27c02c944de44a2ca6990fac9ad09d2eaab2657af77
x86_64
ctdb-4.11.6-116.el7rhgs.x86_64.rpm	SHA-256: 8f8b0fb9d469d78ee96e32538ef49177c554573b8ee280a7f18e68e74523af77
libsmbclient-4.11.6-116.el7rhgs.x86_64.rpm	SHA-256: 7c9b360a2c8d8fe9cdd3b00a5b26cf9822eb5c1ddf0995fd71d7b7b9da1b137e
libsmbclient-devel-4.11.6-116.el7rhgs.x86_64.rpm	SHA-256: 5fabcd51c6cc4074eacbf9a4de87c8fef055834e04d69867e165254733153534
libwbclient-4.11.6-116.el7rhgs.x86_64.rpm	SHA-256: 99c82feff18f88abd4bb1150a03ba30fee6e4f7b4dc19c1ae7cb20206281bbef
libwbclient-devel-4.11.6-116.el7rhgs.x86_64.rpm	SHA-256: 538e1d9d638164ae86badf29d1ef08ead71f2ee7bcbef4e80db319f4ee59328e
python3-samba-4.11.6-116.el7rhgs.x86_64.rpm	SHA-256: 2e0c83e22f488d3c8ac0c81cd8349d13fd10ef769af65dbf70c106a50298fded
samba-4.11.6-116.el7rhgs.x86_64.rpm	SHA-256: 22afeeb3d1d3afa5ed7c259db00f47b67405cd82d1583554a4d326a9fa1efe2e
samba-client-4.11.6-116.el7rhgs.x86_64.rpm	SHA-256: 56d76adbd4513f6377ca7ea7569ce7694f005420947ccdc298fada238f55fa52
samba-client-libs-4.11.6-116.el7rhgs.x86_64.rpm	SHA-256: e55ec7fbdcd8eaa54698f2904271b7af4c66c05634e78b465e6b4aeb1d802bf9
samba-common-4.11.6-116.el7rhgs.noarch.rpm	SHA-256: a6ca48e6beba3935ce504ca7650cfa18024120c90e794c60c28a5e94b50fa749
samba-common-libs-4.11.6-116.el7rhgs.x86_64.rpm	SHA-256: e7105eca3aecb6a0df35a759ee6943d25901a517ac666ccc42bfc7485f6ffe1f
samba-common-tools-4.11.6-116.el7rhgs.x86_64.rpm	SHA-256: 530143e4db55817473d0044ae6d04a47d226f623d09afa11dfa4dbaedd8421c1
samba-debuginfo-4.11.6-116.el7rhgs.x86_64.rpm	SHA-256: 45fa7a5714958072b9bf19522424c22612f7da76f89816695722161c46e8cbfe
samba-devel-4.11.6-116.el7rhgs.x86_64.rpm	SHA-256: 92de81e7c7a7b11a7c5bdd0dde815f45e6b048bda2e5d365462a62d17c5366d9
samba-krb5-printing-4.11.6-116.el7rhgs.x86_64.rpm	SHA-256: 3cb3e62cb78bbe426fc11f39e8f110399ee5551111bd2241cad21ba266771bfc
samba-libs-4.11.6-116.el7rhgs.x86_64.rpm	SHA-256: ef45a9272c639eddef56ab7a3d2681a180ac8b3abe6f1f80ac512de5e250dfce
samba-pidl-4.11.6-116.el7rhgs.noarch.rpm	SHA-256: d3cc573e3584c613a575773bd9345754b4da12f6e847233fdb944932b808c8c6
samba-vfs-glusterfs-4.11.6-116.el7rhgs.x86_64.rpm	SHA-256: ef256503766f3e972f50b4b77f5c53b3efe0c0a38d2143f1c386e492032d06ab
samba-winbind-4.11.6-116.el7rhgs.x86_64.rpm	SHA-256: 14de0ecfee8d5e2e1fe8f476896b53a5d5a16c6c92fa6c4da5fa64d0e60b45f5
samba-winbind-clients-4.11.6-116.el7rhgs.x86_64.rpm	SHA-256: 79c6b48c0552dc046b53e5caa584a487b0077ef341dc9738c594dd94642d1d3a
samba-winbind-krb5-locator-4.11.6-116.el7rhgs.x86_64.rpm	SHA-256: 571c2f405a0f6e37b73950e40263b31aebc4b8f8394c79dcbbbb0abb57fc4147
samba-winbind-modules-4.11.6-116.el7rhgs.x86_64.rpm	SHA-256: e129f294a008c0f0182902fc3bd419a2ff74d0a50688d4826f971c6dbaee3577

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

Runtimes

Integration and Automation