{"id":"ALSA-2023:6667","summary":"Moderate: samba security, bug fix, and enhancement update","details":"Samba is an open-source implementation of the Server Message Block (SMB) protocol and the related Common Internet File System (CIFS) protocol, which allow PC-compatible machines to share files, printers, and various information.\n\nThe following packages have been upgraded to a later upstream version: samba (4.18.6). (BZ#2190415)\n\nSecurity Fix(es):\n\n* samba: out-of-bounds read in winbind AUTH_CRAP (CVE-2022-2127)\n* samba: infinite loop in mdssvc RPC service for spotlight (CVE-2023-34966)\n* samba: type confusion in mdssvc RPC service for spotlight (CVE-2023-34967)\n* samba: spotlight server-side share path disclosure (CVE-2023-34968)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.","modified":"2026-01-30T02:27:45.814884Z","published":"2023-11-07T00:00:00Z","related":["CVE-2022-2127","CVE-2023-34966","CVE-2023-34967","CVE-2023-34968"],"references":[{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2023:6667"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2022-2127"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2023-34966"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2023-34967"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2023-34968"},{"type":"REPORT","url":"https://bugzilla.redhat.com/2222791"},{"type":"REPORT","url":"https://bugzilla.redhat.com/2222793"},{"type":"REPORT","url":"https://bugzilla.redhat.com/2222794"},{"type":"REPORT","url":"https://bugzilla.redhat.com/2222795"},{"type":"ADVISORY","url":"https://errata.almalinux.org/9/ALSA-2023-6667.html"}],"affected":[{"package":{"name":"ctdb","ecosystem":"AlmaLinux:9","purl":"pkg:rpm/almalinux/ctdb"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.6-100.el9"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux9/ALSA-2023:6667.json"}},{"package":{"name":"libnetapi","ecosystem":"AlmaLinux:9","purl":"pkg:rpm/almalinux/libnetapi"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.6-100.el9"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux9/ALSA-2023:6667.json"}},{"package":{"name":"libnetapi-devel","ecosystem":"AlmaLinux:9","purl":"pkg:rpm/almalinux/libnetapi-devel"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.6-100.el9"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux9/ALSA-2023:6667.json"}},{"package":{"name":"libsmbclient","ecosystem":"AlmaLinux:9","purl":"pkg:rpm/almalinux/libsmbclient"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.6-100.el9"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux9/ALSA-2023:6667.json"}},{"package":{"name":"libsmbclient-devel","ecosystem":"AlmaLinux:9","purl":"pkg:rpm/almalinux/libsmbclient-devel"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.6-100.el9"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux9/ALSA-2023:6667.json"}},{"package":{"name":"libwbclient","ecosystem":"AlmaLinux:9","purl":"pkg:rpm/almalinux/libwbclient"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.6-100.el9"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux9/ALSA-2023:6667.json"}},{"package":{"name":"libwbclient-devel","ecosystem":"AlmaLinux:9","purl":"pkg:rpm/almalinux/libwbclient-devel"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.6-100.el9"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux9/ALSA-2023:6667.json"}},{"package":{"name":"python3-samba","ecosystem":"AlmaLinux:9","purl":"pkg:rpm/almalinux/python3-samba"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.6-100.el9"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux9/ALSA-2023:6667.json"}},{"package":{"name":"python3-samba-dc","ecosystem":"AlmaLinux:9","purl":"pkg:rpm/almalinux/python3-samba-dc"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.6-100.el9"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux9/ALSA-2023:6667.json"}},{"package":{"name":"python3-samba-devel","ecosystem":"AlmaLinux:9","purl":"pkg:rpm/almalinux/python3-samba-devel"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.6-100.el9"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux9/ALSA-2023:6667.json"}},{"package":{"name":"python3-samba-test","ecosystem":"AlmaLinux:9","purl":"pkg:rpm/almalinux/python3-samba-test"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.6-100.el9"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux9/ALSA-2023:6667.json"}},{"package":{"name":"samba","ecosystem":"AlmaLinux:9","purl":"pkg:rpm/almalinux/samba"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.6-100.el9"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux9/ALSA-2023:6667.json"}},{"package":{"name":"samba-client","ecosystem":"AlmaLinux:9","purl":"pkg:rpm/almalinux/samba-client"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.6-100.el9"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux9/ALSA-2023:6667.json"}},{"package":{"name":"samba-client-libs","ecosystem":"AlmaLinux:9","purl":"pkg:rpm/almalinux/samba-client-libs"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.6-100.el9"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux9/ALSA-2023:6667.json"}},{"package":{"name":"samba-common","ecosystem":"AlmaLinux:9","purl":"pkg:rpm/almalinux/samba-common"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.6-100.el9"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux9/ALSA-2023:6667.json"}},{"package":{"name":"samba-common-libs","ecosystem":"AlmaLinux:9","purl":"pkg:rpm/almalinux/samba-common-libs"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.6-100.el9"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux9/ALSA-2023:6667.json"}},{"package":{"name":"samba-common-tools","ecosystem":"AlmaLinux:9","purl":"pkg:rpm/almalinux/samba-common-tools"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.6-100.el9"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux9/ALSA-2023:6667.json"}},{"package":{"name":"samba-dc-libs","ecosystem":"AlmaLinux:9","purl":"pkg:rpm/almalinux/samba-dc-libs"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.6-100.el9"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux9/ALSA-2023:6667.json"}},{"package":{"name":"samba-dcerpc","ecosystem":"AlmaLinux:9","purl":"pkg:rpm/almalinux/samba-dcerpc"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.6-100.el9"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux9/ALSA-2023:6667.json"}},{"package":{"name":"samba-devel","ecosystem":"AlmaLinux:9","purl":"pkg:rpm/almalinux/samba-devel"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.6-100.el9"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux9/ALSA-2023:6667.json"}},{"package":{"name":"samba-krb5-printing","ecosystem":"AlmaLinux:9","purl":"pkg:rpm/almalinux/samba-krb5-printing"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.6-100.el9"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux9/ALSA-2023:6667.json"}},{"package":{"name":"samba-ldb-ldap-modules","ecosystem":"AlmaLinux:9","purl":"pkg:rpm/almalinux/samba-ldb-ldap-modules"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.6-100.el9"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux9/ALSA-2023:6667.json"}},{"package":{"name":"samba-libs","ecosystem":"AlmaLinux:9","purl":"pkg:rpm/almalinux/samba-libs"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.6-100.el9"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux9/ALSA-2023:6667.json"}},{"package":{"name":"samba-pidl","ecosystem":"AlmaLinux:9","purl":"pkg:rpm/almalinux/samba-pidl"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.6-100.el9"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux9/ALSA-2023:6667.json"}},{"package":{"name":"samba-test","ecosystem":"AlmaLinux:9","purl":"pkg:rpm/almalinux/samba-test"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.6-100.el9"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux9/ALSA-2023:6667.json"}},{"package":{"name":"samba-test-libs","ecosystem":"AlmaLinux:9","purl":"pkg:rpm/almalinux/samba-test-libs"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.6-100.el9"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux9/ALSA-2023:6667.json"}},{"package":{"name":"samba-tools","ecosystem":"AlmaLinux:9","purl":"pkg:rpm/almalinux/samba-tools"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.6-100.el9"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux9/ALSA-2023:6667.json"}},{"package":{"name":"samba-usershares","ecosystem":"AlmaLinux:9","purl":"pkg:rpm/almalinux/samba-usershares"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.6-100.el9"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux9/ALSA-2023:6667.json"}},{"package":{"name":"samba-vfs-iouring","ecosystem":"AlmaLinux:9","purl":"pkg:rpm/almalinux/samba-vfs-iouring"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.6-100.el9"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux9/ALSA-2023:6667.json"}},{"package":{"name":"samba-winbind","ecosystem":"AlmaLinux:9","purl":"pkg:rpm/almalinux/samba-winbind"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.6-100.el9"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux9/ALSA-2023:6667.json"}},{"package":{"name":"samba-winbind-clients","ecosystem":"AlmaLinux:9","purl":"pkg:rpm/almalinux/samba-winbind-clients"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.6-100.el9"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux9/ALSA-2023:6667.json"}},{"package":{"name":"samba-winbind-krb5-locator","ecosystem":"AlmaLinux:9","purl":"pkg:rpm/almalinux/samba-winbind-krb5-locator"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.6-100.el9"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux9/ALSA-2023:6667.json"}},{"package":{"name":"samba-winbind-modules","ecosystem":"AlmaLinux:9","purl":"pkg:rpm/almalinux/samba-winbind-modules"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.6-100.el9"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux9/ALSA-2023:6667.json"}},{"package":{"name":"samba-winexe","ecosystem":"AlmaLinux:9","purl":"pkg:rpm/almalinux/samba-winexe"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.6-100.el9"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux9/ALSA-2023:6667.json"}}],"schema_version":"1.7.3"}