Bugzilla – Bug 1125410
VUL-0: CVE-2019-3824: samba: ldb: Out of bound read in ldb_wildcard_compare
Last modified: 2019-04-30 06:39:40 UTC
is public https://bugzilla.samba.org/show_bug.cgi?id=CVE-2019-3824 =========================================================== == Subject: ldb: Out of bound read in ldb_wildcard_compare == == CVE ID#: CVE-2019-3824 == == Versions: Samba 4.9 and earlier == == Summary: A user with read permission on the LDAP server can crash the shared LDAP server process of the Samba AD DC =========================================================== =========== Description =========== By using a search expression like (cn=test*multi*test*multi) an authenticated user can crash the shared LDAP process of the AD DC Note that in Samba 4.7 and later, the default is not to have a shared LDAP process, unless -M prefork or -M single is specified on the command line to 'samba'. ================== Patch Availability ================== Patches addressing both these issues have been posted to: http://www.samba.org/samba/security/ Because Samba 4.7 and later use the 'standard' process model (forking) by default, earlier versions are unsupported and no data is returned, no Samba security releases will be made. Samba administrators are advised to upgrade to supported releases or apply the patch as soon as possible. ================== CVSSv3 calculation ================== CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H ========== Workaround ========== If the Samba 4.7 or later AD DC is being run with the -M single or -M prefork command line argument to the 'samba' binary, return to the default (standard) mode. ======= Credits ======= Analysis by Garming Sam of Catalyst and the Samba Team Patches provided by Lukas Slebodnik of Red Hat, advisory by Andrew Bartlett of Catalyst and the Samba Team. ========================================================== == Our Code, Our Bugs, Our Responsibility. == The Samba Team ==========================================================
SUSE-SU-2019:0639-1: An update that fixes one vulnerability is now available. Category: security (moderate) Bug References: 1125410 CVE References: CVE-2019-3824 Sources used: SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 (src): ldb-1.2.3-3.8.1 SUSE Linux Enterprise Module for Basesystem 15 (src): ldb-1.2.3-3.8.1
openSUSE-SU-2019:1163-1: An update that fixes one vulnerability is now available. Category: security (moderate) Bug References: 1125410 CVE References: CVE-2019-3824 Sources used: openSUSE Leap 15.0 (src): ldb-1.2.3-lp150.7.2 *** NOTE: This information is not intended to be used for external communication, because this may only be a partial fix. If you have questions please reach out to maintenance coordination.
we are done
openSUSE-SU-2019:1180-1: An update that solves one vulnerability and has 5 fixes is now available. Category: security (important) Bug References: 1114407,1124223,1125410,1126377,1131060,1131686 CVE References: CVE-2019-3880 Sources used: openSUSE Leap 15.0 (src): ldb-1.2.4-lp150.10.1, samba-4.7.11+git.153.b36ceaf2235-lp150.3.14.1 *** NOTE: This information is not intended to be used for external communication, because this may only be a partial fix. If you have questions please reach out to maintenance coordination.
SUSE-SU-2019:1040-1: An update that solves one vulnerability and has 5 fixes is now available. Category: security (important) Bug References: 1114407,1124223,1125410,1126377,1131060,1131686 CVE References: CVE-2019-3880 Sources used: SUSE Linux Enterprise Module for Packagehub Subpackages 15 (src): avahi-0.6.32-5.5.3, samba-4.7.11+git.153.b36ceaf2235-4.27.1 SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 (src): avahi-0.6.32-5.5.3, avahi-glib2-0.6.32-5.5.8, gnutls-3.6.2-6.5.4, ldb-1.2.4-3.12.1, libnettle-3.4.1-4.9.1, samba-4.7.11+git.153.b36ceaf2235-4.27.1, tdb-1.3.15-3.6.3, tevent-0.9.36-4.10.3 SUSE Linux Enterprise Module for Development Tools 15 (src): cups-2.2.7-3.11.7 SUSE Linux Enterprise Module for Desktop Applications 15 (src): avahi-0.6.32-5.5.3, avahi-glib2-0.6.32-5.5.8, cups-2.2.7-3.11.7, gnutls-3.6.2-6.5.4, libnettle-3.4.1-4.9.1, libtasn1-4.13-4.2.1, p11-kit-0.23.2-4.2.1 SUSE Linux Enterprise Module for Basesystem 15 (src): avahi-0.6.32-5.5.3, avahi-glib2-0.6.32-5.5.8, cups-2.2.7-3.11.7, gamin-devel-0.1.10-3.2.3, gnutls-3.6.2-6.5.4, ldb-1.2.4-3.12.1, libnettle-3.4.1-4.9.1, libtasn1-4.13-4.2.1, p11-kit-0.23.2-4.2.1, samba-4.7.11+git.153.b36ceaf2235-4.27.1, talloc-2.1.11-3.5.3, talloc-man-2.1.11-3.5.3, tdb-1.3.15-3.6.3, tevent-0.9.36-4.10.3, tevent-man-0.9.36-4.10.3 SUSE Linux Enterprise High Availability 15 (src): samba-4.7.11+git.153.b36ceaf2235-4.27.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.