低危 Samba 缓冲区错误漏洞
CVE编号
CVE-2021-20254利用情况
暂无补丁情况
官方补丁披露时间
2021-05-05漏洞描述
Samba是Samba团队的一套可使UNIX系列的操作系统与微软Windows操作系统的SMB/CIFS网络协议做连结的自由软件。该软件支持共享打印机、互相传输资料文件等。 Samba 存在缓冲区错误漏洞,该漏洞源于在将Windows组标识(sid)映射到unix组标识(gid)时存在边界条件,这导致在Samba服务器进程令牌中创建负面的idmap缓存项。解决建议
以下产品及版本受到影响:Samba: 3.6.0, 3.6.1, 3.6.2, 3.6.3, 3.6.4, 3.6.5, 3.6.6, 3.6.7, 3.6.8, 3.6.9, 3.6.10, 3.6.11, 3.6.12, 3.6.13, 3.6.14, 3.6.15, 3.6.16, 3.6.17, 3.6.18, 3.6.19, 3.6.20, 3.6.21, 3.6.22, 3.6.23, 3.6.24, 3.6.25, 4.0.0, 4.0.1, 4.0.2, 4.0.3, 4.0.4, 4.0.5, 4.0.6, 4.0.7, 4.0.8, 4.0.9, 4.0.10, 4.0.11, 4.0.12, 4.0.13, 4.0.14, 4.0.15, 4.0.16, 4.0.17, 4.0.18, 4.0.19, 4.0.20, 4.0.21, 4.0.22, 4.0.23, 4.0.24, 4.0.25, 4.0.26, 4.1.0, 4.1.1, 4.1.2, 4.1.3, 4.1.4, 4.1.5, 4.1.6, 4.1.7, 4.1.8, 4.1.9, 4.1.10, 4.1.11, 4.1.12, 4.1.13, 4.1.14, 4.1.15, 4.1.16, 4.1.17, 4.1.18, 4.1.19, 4.1.20, 4.1.21, 4.1.22, 4.1.23, 4.2.0, 4.2.1, 4.2.2, 4.2.3, 4.2.4, 4.2.5, 4.2.6, 4.2.7, 4.2.8, 4.2.9, 4.2.10, 4.2.11, 4.2.12, 4.2.13, 4.2.14, 4.3.0, 4.3.1, 4.3.2, 4.3.3, 4.3.4, 4.3.5, 4.3.6, 4.3.7, 4.3.8, 4.3.9, 4.3.10, 4.3.11, 4.3.12, 4.3.13, 4.4.0, 4.4.0 rc4, 4.4.1, 4.4.2, 4.4.3, 4.4.4, 4.4.5, 4.4.6, 4.4.7, 4.4.8, 4.4.9, 4.4.10, 4.4.11, 4.4.12, 4.4.13, 4.4.14, 4.4.15, 4.4.16, 4.5.0, 4.5.1, 4.5.2, 4.5.3, 4.5.4, 4.5.5, 4.5.6, 4.5.7, 4.5.8, 4.5.9, 4.5.10, 4.5.11, 4.5.12, 4.5.13, 4.5.14, 4.5.15, 4.5.16, 4.6.0, 4.6.1, 4.6.2, 4.6.3, 4.6.4, 4.6.5, 4.6.6, 4.6.7, 4.6.8, 4.6.9, 4.6.10, 4.6.11, 4.6.12, 4.6.13, 4.6.14, 4.6.15, 4.6.16, 4.7.0, 4.7.1, 4.7.2, 4.7.3, 4.7.4, 4.7.5, 4.7.6, 4.7.7, 4.7.8, 4.7.9, 4.7.10, 4.7.11, 4.7.12, 4.8.0, 4.8.1, 4.8.2, 4.8.3, 4.8.4, 4.8.5, 4.8.6, 4.8.7, 4.8.8, 4.8.9, 4.8.10, 4.8.11, 4.8.12, 4.9.0, 4.9.1, 4.9.2, 4.9.3, 4.9.4, 4.9.5, 4.9.6, 4.9.7, 4.9.8, 4.9.9, 4.9.10, 4.9.11, 4.9.12, 4.9.13, 4.9.14, 4.9.15, 4.9.16, 4.9.17, 4.9.18, 4.10.0, 4.10.1, 4.10.2, 4.10.3, 4.10.4, 4.10.5, 4.10.6, 4.10.7, 4.10.8, 4.10.9, 4.10.10, 4.10.11, 4.10.12, 4.10.13, 4.10.14, 4.10.15, 4.10.16, 4.10.17, 4.10.18, 4.11.0, 4.11.1, 4.11.2, 4.11.3, 4.11.4, 4.11.5, 4.11.6, 4.11.7, 4.11.8, 4.11.9, 4.11.10, 4.11.11, 4.11.12, 4.11.13, 4.11.14, 4.11.15, 4.11.16, 4.11.17, 4.12.0, 4.12.1, 4.12.2, 4.12.3, 4.12.4, 4.12.5, 4.12.6, 4.12.7, 4.12.8, 4.12.9, 4.12.10, 4.12.11, 4.12.12, 4.12.13, 4.12.14, 4.13.0, 4.13.1, 4.13.2, 4.13.3, 4.13.4, 4.13.5, 4.13.6, 4.13.7, 4.14.0, 4.14.1, 4.14.2, 4.14.3 。目前厂商已发布升级补丁以修复漏洞,补丁获取链接:https://bugzilla.redhat.com/show_bug.cgi?id=1949442受影响软件情况
| # | 类型 | 厂商 | 产品 | 版本 | 影响面 | ||||
| 1 | |||||||||
|---|---|---|---|---|---|---|---|---|---|
| 运行在以下环境 | |||||||||
| 应用 | samba | samba | * | From (including) 3.6.0 | Up to (excluding) 4.12.15 | ||||
| 运行在以下环境 | |||||||||
| 应用 | samba | samba | * | From (including) 4.13.0 | Up to (excluding) 4.13.8 | ||||
| 运行在以下环境 | |||||||||
| 应用 | samba | samba | * | From (including) 4.14.0 | Up to (excluding) 4.14.4 | ||||
| 运行在以下环境 | |||||||||
| 系统 | alibaba_cloud_linux_2.1903 | samba-test | * | Up to (excluding) 4.10.16-15.1.al7 | |||||
| 运行在以下环境 | |||||||||
| 系统 | alpine_3.12 | samba | * | Up to (excluding) 4.12.15-r0 | |||||
| 运行在以下环境 | |||||||||
| 系统 | alpine_3.13 | samba | * | Up to (excluding) 4.13.8-r0 | |||||
| 运行在以下环境 | |||||||||
| 系统 | alpine_3.14 | samba | * | Up to (excluding) 4.14.4-r0 | |||||
| 运行在以下环境 | |||||||||
| 系统 | alpine_3.15 | samba | * | Up to (excluding) 4.14.4-r0 | |||||
| 运行在以下环境 | |||||||||
| 系统 | alpine_3.16 | samba | * | Up to (excluding) 4.14.4-r0 | |||||
| 运行在以下环境 | |||||||||
| 系统 | alpine_3.17 | samba | * | Up to (excluding) 4.14.4-r0 | |||||
| 运行在以下环境 | |||||||||
| 系统 | alpine_3.18 | samba | * | Up to (excluding) 4.14.4-r0 | |||||
| 运行在以下环境 | |||||||||
| 系统 | alpine_edge | samba | * | Up to (excluding) 4.14.4-r0 | |||||
| 运行在以下环境 | |||||||||
| 系统 | amazon_2 | samba | * | Up to (excluding) 4.10.16-15.amzn2.0.1 | |||||
| 运行在以下环境 | |||||||||
| 系统 | amazon_AMI | samba | * | Up to (excluding) 4.10.16-18.59.amzn1 | |||||
| 运行在以下环境 | |||||||||
| 系统 | anolis_os_8 | samba-test-libs | * | Up to (excluding) 4.11.2-15 | |||||
| 运行在以下环境 | |||||||||
| 系统 | anolis_os_8.2 | samba-krb5-printing | * | Up to (excluding) 4.11.2-15 | |||||
| 运行在以下环境 | |||||||||
| 系统 | centos_7 | samba | * | Up to (excluding) 4.10.16-15.el7_9 | |||||
| 运行在以下环境 | |||||||||
| 系统 | centos_8 | samba-vfs-glusterfs-debuginfo | * | Up to (excluding) 4.13.3-5.el8_4 | |||||
| 运行在以下环境 | |||||||||
| 系统 | debian_10 | samba | * | Up to (including) 4.9.5+dfsg-5+deb10u3 | |||||
| 运行在以下环境 | |||||||||
| 系统 | debian_11 | samba | * | Up to (excluding) 2:4.13.5+dfsg-2 | |||||
| 运行在以下环境 | |||||||||
| 系统 | debian_12 | samba | * | Up to (excluding) 2:4.13.5+dfsg-2 | |||||
| 运行在以下环境 | |||||||||
| 系统 | debian_9 | samba | * | Up to (excluding) 2:4.5.16+dfsg-1+deb9u4 | |||||
| 运行在以下环境 | |||||||||
| 系统 | debian_sid | samba | * | Up to (excluding) 2:4.13.5+dfsg-2 | |||||
| 运行在以下环境 | |||||||||
| 系统 | fedora_32 | samba-client-debuginfo | * | Up to (excluding) 4.12.15-0.fc32 | |||||
| 运行在以下环境 | |||||||||
| 系统 | fedora_33 | samba-client-debuginfo | * | Up to (excluding) 4.13.8-0.fc33 | |||||
| 运行在以下环境 | |||||||||
| 系统 | fedora_34 | samba-test | * | Up to (excluding) 4.14.4-0.fc34 | |||||
| 运行在以下环境 | |||||||||
| 系统 | kylinos_aarch64_V10 | ctdb | * | Up to (excluding) 4.10.16-18.el7_9.ns7.01 | |||||
| 运行在以下环境 | |||||||||
| 系统 | kylinos_aarch64_V10SP1 | ctdb | * | Up to (excluding) 4.11.12-8.p02.ky10 | |||||
| 运行在以下环境 | |||||||||
| 系统 | kylinos_aarch64_V10SP2 | ctdb | * | Up to (excluding) 4.11.12-8.p01.ky10 | |||||
| 运行在以下环境 | |||||||||
| 系统 | kylinos_loongarch64_V10SP1 | ctdb | * | Up to (excluding) 4.11.12-8.p02.a.ky10 | |||||
| 运行在以下环境 | |||||||||
| 系统 | kylinos_x86_64_V10 | ctdb | * | Up to (excluding) 4.10.16-18.el7_9.ns7.01 | |||||
| 运行在以下环境 | |||||||||
| 系统 | kylinos_x86_64_V10SP1 | ctdb | * | Up to (excluding) 4.11.12-8.p02.ky10 | |||||
| 运行在以下环境 | |||||||||
| 系统 | kylinos_x86_64_V10SP2 | ctdb | * | Up to (excluding) 4.11.12-8.p01.ky10 | |||||
| 运行在以下环境 | |||||||||
| 系统 | opensuse_Leap_15.2 | libndr0 | * | Up to (excluding) 4.11.14 | |||||
| 运行在以下环境 | |||||||||
| 系统 | opensuse_Leap_15.3 | samba-doc | * | Up to (excluding) 4.13.6 | |||||
| 运行在以下环境 | |||||||||
| 系统 | oracle_7 | oraclelinux-release | * | Up to (excluding) 4.10.16-15.el7_9 | |||||
| 运行在以下环境 | |||||||||
| 系统 | oracle_8 | oraclelinux-release | * | Up to (excluding) 4.13.3-5.el8_4 | |||||
| 运行在以下环境 | |||||||||
| 系统 | redhat_7 | ctdb | * | Up to (excluding) 4.10.16-15.el7_9 | |||||
| 运行在以下环境 | |||||||||
| 系统 | redhat_8 | samba-vfs-glusterfs-debuginfo | * | Up to (excluding) 4.13.3-5.el8_4 | |||||
| 运行在以下环境 | |||||||||
| 系统 | suse_12_SP5 | libsamba-hostconfig0-32bit | * | Up to (excluding) 4.10.18 | |||||
| 运行在以下环境 | |||||||||
| 系统 | ubuntu_16.04 | samba | * | Up to (excluding) 2:4.3.11+dfsg-0ubuntu0.16.04.34 | |||||
| 运行在以下环境 | |||||||||
| 系统 | ubuntu_16.04.7_lts | samba | * | Up to (excluding) 2:4.3.11+dfsg-0ubuntu0.16.04.34 | |||||
| 运行在以下环境 | |||||||||
| 系统 | ubuntu_18.04 | samba | * | Up to (excluding) 2:4.7.6+dfsg~ubuntu-0ubuntu2.23 | |||||
| 运行在以下环境 | |||||||||
| 系统 | ubuntu_18.04.5_lts | samba | * | Up to (excluding) 2:4.7.6+dfsg~ubuntu-0ubuntu2.23 | |||||
| 运行在以下环境 | |||||||||
| 系统 | ubuntu_20.04 | samba | * | Up to (excluding) 2:4.11.6+dfsg-0ubuntu1.8 | |||||
| 运行在以下环境 | |||||||||
| 系统 | ubuntu_21.04 | samba | * | Up to (excluding) 2:4.13.3+dfsg-1ubuntu2.1 | |||||
- 攻击路径 本地
- 攻击复杂度 复杂
- 权限要求 普通权限
- 影响范围 有限影响
- EXP成熟度 未验证
- 补丁情况 官方补丁
- 数据保密性 数据泄露
- 数据完整性 无影响
- 服务器危害 无影响
- 全网数量 N/A
| CWE-ID | 漏洞类型 |
| CWE-125 | 跨界内存读 |
Exp相关链接
版权声明
本站原创文章转载请注明文章出处及链接,谢谢合作!
评论