Advisories ยป MGASA-2021-0287

Updated samba and ldb packages fix security vulnerabilities

Publication date: 25 Jun 2021
Modification date: 25 Jun 2021
Type: security
Affected Mageia releases : 7 , 8
CVE: CVE-2020-27840 , CVE-2021-20254 , CVE-2021-20277

Description

A flaw was found in samba. Spaces used in a string around a domain name (DN),
while supposed to be ignored, can cause invalid DN strings with spaces to
instead write a zero-byte into out-of-bounds memory, resulting in a crash.
The highest threat from this vulnerability is to system availability
(CVE-2020-27840).

A flaw was found in samba. The Samba smbd file server must map Windows group
identities (SIDs) into unix group ids (gids). The code that performs this had
a flaw that could allow it to read data beyond the end of the array in the
case where a negative cache entry had been added to the mapping cache. This
could cause the calling code to return those values into the process token
that stores the group membership for a user. The highest threat from this
vulnerability is to data confidentiality and integrity (CVE-2021-20254).

A flaw was found in Samba's libldb. Multiple, consecutive leading spaces in
an LDAP attribute can lead to an out-of-bounds memory write, leading to a
crash of the LDAP server process handling the request. The highest threat
from this vulnerability is to system availability (CVE-2021-20277).

Also, the samba package for Mageia 7 fixes a scriplet issue when updating.

Additionally, the sssd package has been rebuilt for the updated ldb package.

References

SRPMS

8/core

7/core