{"id":"ALSA-2023:7467","summary":"Moderate: samba security update","details":"Samba is an open-source implementation of the Server Message Block (SMB) protocol and the related Common Internet File System (CIFS) protocol, which allow PC-compatible machines to share files, printers, and various information.\n\nSecurity Fix(es):\n\n* samba: smbd allows client access to unix domain sockets on the file system as root (CVE-2023-3961)\n* samba: SMB clients can truncate files with read-only permissions (CVE-2023-4091)\n* samba: \"rpcecho\" development server allows denial of service via sleep() call on AD DC (CVE-2023-42669)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.","modified":"2026-01-30T00:30:37.619401Z","published":"2023-11-22T00:00:00Z","related":["CVE-2023-3961","CVE-2023-4091","CVE-2023-42669"],"references":[{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2023:7467"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2023-3961"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2023-4091"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2023-42669"},{"type":"REPORT","url":"https://bugzilla.redhat.com/2241881"},{"type":"REPORT","url":"https://bugzilla.redhat.com/2241882"},{"type":"REPORT","url":"https://bugzilla.redhat.com/2241884"},{"type":"ADVISORY","url":"https://errata.almalinux.org/8/ALSA-2023-7467.html"}],"affected":[{"package":{"name":"ctdb","ecosystem":"AlmaLinux:8","purl":"pkg:rpm/almalinux/ctdb"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.6-2.el8_9.alma.1"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2023:7467.json"}},{"package":{"name":"libnetapi","ecosystem":"AlmaLinux:8","purl":"pkg:rpm/almalinux/libnetapi"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.6-2.el8_9.alma.1"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2023:7467.json"}},{"package":{"name":"libnetapi-devel","ecosystem":"AlmaLinux:8","purl":"pkg:rpm/almalinux/libnetapi-devel"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.6-2.el8_9.alma.1"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2023:7467.json"}},{"package":{"name":"libsmbclient","ecosystem":"AlmaLinux:8","purl":"pkg:rpm/almalinux/libsmbclient"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.6-2.el8_9.alma.1"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2023:7467.json"}},{"package":{"name":"libsmbclient-devel","ecosystem":"AlmaLinux:8","purl":"pkg:rpm/almalinux/libsmbclient-devel"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.6-2.el8_9.alma.1"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2023:7467.json"}},{"package":{"name":"libwbclient","ecosystem":"AlmaLinux:8","purl":"pkg:rpm/almalinux/libwbclient"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.6-2.el8_9.alma.1"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2023:7467.json"}},{"package":{"name":"libwbclient-devel","ecosystem":"AlmaLinux:8","purl":"pkg:rpm/almalinux/libwbclient-devel"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.6-2.el8_9.alma.1"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2023:7467.json"}},{"package":{"name":"python3-samba","ecosystem":"AlmaLinux:8","purl":"pkg:rpm/almalinux/python3-samba"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.6-2.el8_9.alma.1"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2023:7467.json"}},{"package":{"name":"python3-samba-dc","ecosystem":"AlmaLinux:8","purl":"pkg:rpm/almalinux/python3-samba-dc"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.6-2.el8_9.alma.1"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2023:7467.json"}},{"package":{"name":"python3-samba-devel","ecosystem":"AlmaLinux:8","purl":"pkg:rpm/almalinux/python3-samba-devel"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.6-2.el8_9.alma.1"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2023:7467.json"}},{"package":{"name":"python3-samba-test","ecosystem":"AlmaLinux:8","purl":"pkg:rpm/almalinux/python3-samba-test"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.6-2.el8_9.alma.1"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2023:7467.json"}},{"package":{"name":"samba","ecosystem":"AlmaLinux:8","purl":"pkg:rpm/almalinux/samba"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.6-2.el8_9.alma.1"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2023:7467.json"}},{"package":{"name":"samba-client","ecosystem":"AlmaLinux:8","purl":"pkg:rpm/almalinux/samba-client"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.6-2.el8_9.alma.1"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2023:7467.json"}},{"package":{"name":"samba-client-libs","ecosystem":"AlmaLinux:8","purl":"pkg:rpm/almalinux/samba-client-libs"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.6-2.el8_9.alma.1"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2023:7467.json"}},{"package":{"name":"samba-common","ecosystem":"AlmaLinux:8","purl":"pkg:rpm/almalinux/samba-common"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.6-2.el8_9.alma.1"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2023:7467.json"}},{"package":{"name":"samba-common-libs","ecosystem":"AlmaLinux:8","purl":"pkg:rpm/almalinux/samba-common-libs"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.6-2.el8_9.alma.1"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2023:7467.json"}},{"package":{"name":"samba-common-tools","ecosystem":"AlmaLinux:8","purl":"pkg:rpm/almalinux/samba-common-tools"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.6-2.el8_9.alma.1"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2023:7467.json"}},{"package":{"name":"samba-dc-libs","ecosystem":"AlmaLinux:8","purl":"pkg:rpm/almalinux/samba-dc-libs"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.6-2.el8_9.alma.1"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2023:7467.json"}},{"package":{"name":"samba-dcerpc","ecosystem":"AlmaLinux:8","purl":"pkg:rpm/almalinux/samba-dcerpc"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.6-2.el8_9.alma.1"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2023:7467.json"}},{"package":{"name":"samba-devel","ecosystem":"AlmaLinux:8","purl":"pkg:rpm/almalinux/samba-devel"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.6-2.el8_9.alma.1"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2023:7467.json"}},{"package":{"name":"samba-krb5-printing","ecosystem":"AlmaLinux:8","purl":"pkg:rpm/almalinux/samba-krb5-printing"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.6-2.el8_9.alma.1"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2023:7467.json"}},{"package":{"name":"samba-ldb-ldap-modules","ecosystem":"AlmaLinux:8","purl":"pkg:rpm/almalinux/samba-ldb-ldap-modules"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.6-2.el8_9.alma.1"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2023:7467.json"}},{"package":{"name":"samba-libs","ecosystem":"AlmaLinux:8","purl":"pkg:rpm/almalinux/samba-libs"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.6-2.el8_9.alma.1"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2023:7467.json"}},{"package":{"name":"samba-pidl","ecosystem":"AlmaLinux:8","purl":"pkg:rpm/almalinux/samba-pidl"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.6-2.el8_9.alma.1"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2023:7467.json"}},{"package":{"name":"samba-test","ecosystem":"AlmaLinux:8","purl":"pkg:rpm/almalinux/samba-test"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.6-2.el8_9.alma.1"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2023:7467.json"}},{"package":{"name":"samba-test-libs","ecosystem":"AlmaLinux:8","purl":"pkg:rpm/almalinux/samba-test-libs"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.6-2.el8_9.alma.1"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2023:7467.json"}},{"package":{"name":"samba-tools","ecosystem":"AlmaLinux:8","purl":"pkg:rpm/almalinux/samba-tools"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.6-2.el8_9.alma.1"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2023:7467.json"}},{"package":{"name":"samba-usershares","ecosystem":"AlmaLinux:8","purl":"pkg:rpm/almalinux/samba-usershares"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.6-2.el8_9.alma.1"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2023:7467.json"}},{"package":{"name":"samba-vfs-iouring","ecosystem":"AlmaLinux:8","purl":"pkg:rpm/almalinux/samba-vfs-iouring"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.6-2.el8_9.alma.1"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2023:7467.json"}},{"package":{"name":"samba-winbind","ecosystem":"AlmaLinux:8","purl":"pkg:rpm/almalinux/samba-winbind"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.6-2.el8_9.alma.1"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2023:7467.json"}},{"package":{"name":"samba-winbind-clients","ecosystem":"AlmaLinux:8","purl":"pkg:rpm/almalinux/samba-winbind-clients"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.6-2.el8_9.alma.1"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2023:7467.json"}},{"package":{"name":"samba-winbind-krb5-locator","ecosystem":"AlmaLinux:8","purl":"pkg:rpm/almalinux/samba-winbind-krb5-locator"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.6-2.el8_9.alma.1"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2023:7467.json"}},{"package":{"name":"samba-winbind-modules","ecosystem":"AlmaLinux:8","purl":"pkg:rpm/almalinux/samba-winbind-modules"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.6-2.el8_9.alma.1"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2023:7467.json"}},{"package":{"name":"samba-winexe","ecosystem":"AlmaLinux:8","purl":"pkg:rpm/almalinux/samba-winexe"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.6-2.el8_9.alma.1"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2023:7467.json"}}],"schema_version":"1.7.3"}