Details of VAR-202001-0521

ID

VAR-202001-0521

CVE

CVE-2019-19344

TITLE

samba Vulnerabilities in use of freed memory

Trust: 0.8

sources: JVNDB: JVNDB-2019-014341

DESCRIPTION

There is a use-after-free issue in all samba 4.9.x versions before 4.9.18, all samba 4.10.x versions before 4.10.12 and all samba 4.11.x versions before 4.11.5, essentially due to a call to realloc() while other local variables still point at the original buffer. samba Contains a vulnerability involving the use of freed memory.Denial of service (DoS) May be in a state. ========================================================================== Ubuntu Security Notice USN-4244-1 January 21, 2020 samba vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 19.10 - Ubuntu 19.04 - Ubuntu 18.04 LTS - Ubuntu 16.04 LTS Summary: Several security issues were fixed in Samba. Software Description: - samba: SMB/CIFS file, print, and login server for Unix Details: It was discovered that Samba did not automatically replicate ACLs set to inherit down a subtree on AD Directory, contrary to expectations. This issue was only addressed in Ubuntu 18.04 LTS, Ubuntu 19.04 and Ubuntu 19.10. (CVE-2019-14902) Robert Święcki discovered that Samba incorrectly handled certain character conversions when the log level is set to 3 or above. (CVE-2019-14907) Christian Naumer discovered that Samba incorrectly handled DNS zone scavenging. This issue could possibly result in some incorrect data being written to the DB. This issue only applied to Ubuntu 19.04 and Ubuntu 19.10. (CVE-2019-19344) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 19.10: samba 2:4.10.7+dfsg-0ubuntu2.4 Ubuntu 19.04: samba 2:4.10.0+dfsg-0ubuntu2.8 Ubuntu 18.04 LTS: samba 2:4.7.6+dfsg~ubuntu-0ubuntu2.15 Ubuntu 16.04 LTS: samba 2:4.3.11+dfsg-0ubuntu0.16.04.25 In general, a standard system update will make all the necessary changes. References: https://usn.ubuntu.com/4244-1 CVE-2019-14902, CVE-2019-14907, CVE-2019-19344 Package Information: https://launchpad.net/ubuntu/+source/samba/2:4.10.7+dfsg-0ubuntu2.4 https://launchpad.net/ubuntu/+source/samba/2:4.10.0+dfsg-0ubuntu2.8 https://launchpad.net/ubuntu/+source/samba/2:4.7.6+dfsg~ubuntu-0ubuntu2.15 https://launchpad.net/ubuntu/+source/samba/2:4.3.11+dfsg-0ubuntu0.16.04.25 . - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 202003-52 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: Samba: Multiple vulnerabilities Date: March 25, 2020 Bugs: #664316, #672140, #686036, #693558, #702928, #706144 ID: 202003-52 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== Multiple vulnerabilities have been found in Samba, the worst of which could lead to remote code execution. Background ========== Samba is a suite of SMB and CIFS client/server programs. Affected packages ================= ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 net-fs/samba < 4.11.6 *>= 4.9.18 *>= 4.10.13 *>= 4.11.6 Description =========== Multiple vulnerabilities have been discovered in Samba. Please review the CVE identifiers referenced below for details. Impact ====== A remote attacker could possibly execute arbitrary code, cause a Denial of Service condition, conduct a man-in-the-middle attack, or obtain sensitive information. Workaround ========== There is no known workaround at this time. Resolution ========== All Samba 4.9.x users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=net-fs/samba-4.9.18" All Samba 4.10.x users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=net-fs/samba-4.10.13" All Samba 4.11.x users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=net-fs/samba-4.11.6" References ========== [ 1 ] CVE-2018-10858 https://nvd.nist.gov/vuln/detail/CVE-2018-10858 [ 2 ] CVE-2018-10918 https://nvd.nist.gov/vuln/detail/CVE-2018-10918 [ 3 ] CVE-2018-10919 https://nvd.nist.gov/vuln/detail/CVE-2018-10919 [ 4 ] CVE-2018-1139 https://nvd.nist.gov/vuln/detail/CVE-2018-1139 [ 5 ] CVE-2018-1140 https://nvd.nist.gov/vuln/detail/CVE-2018-1140 [ 6 ] CVE-2018-14629 https://nvd.nist.gov/vuln/detail/CVE-2018-14629 [ 7 ] CVE-2018-16841 https://nvd.nist.gov/vuln/detail/CVE-2018-16841 [ 8 ] CVE-2018-16851 https://nvd.nist.gov/vuln/detail/CVE-2018-16851 [ 9 ] CVE-2018-16852 https://nvd.nist.gov/vuln/detail/CVE-2018-16852 [ 10 ] CVE-2018-16853 https://nvd.nist.gov/vuln/detail/CVE-2018-16853 [ 11 ] CVE-2018-16857 https://nvd.nist.gov/vuln/detail/CVE-2018-16857 [ 12 ] CVE-2018-16860 https://nvd.nist.gov/vuln/detail/CVE-2018-16860 [ 13 ] CVE-2019-10197 https://nvd.nist.gov/vuln/detail/CVE-2019-10197 [ 14 ] CVE-2019-14861 https://nvd.nist.gov/vuln/detail/CVE-2019-14861 [ 15 ] CVE-2019-14870 https://nvd.nist.gov/vuln/detail/CVE-2019-14870 [ 16 ] CVE-2019-14902 https://nvd.nist.gov/vuln/detail/CVE-2019-14902 [ 17 ] CVE-2019-14907 https://nvd.nist.gov/vuln/detail/CVE-2019-14907 [ 18 ] CVE-2019-19344 https://nvd.nist.gov/vuln/detail/CVE-2019-19344 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/202003-52 Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2020 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. https://creativecommons.org/licenses/by-sa/2.5

Trust: 1.89

sources: NVD: CVE-2019-19344 // JVNDB: JVNDB-2019-014341 // VULHUB: VHN-151781 // PACKETSTORM: 156018 // PACKETSTORM: 156915

AFFECTED PRODUCTS

vendor:	synology	model:	skynas	scope:	eq	version:	-	Trust: 1.8
vendor:	synology	model:	directory server	scope:	eq	version:	-	Trust: 1.8
vendor:	samba	model:	samba	scope:	lt	version:	4.10.12	Trust: 1.0
vendor:	samba	model:	samba	scope:	gte	version:	4.10.0	Trust: 1.0
vendor:	samba	model:	samba	scope:	gte	version:	4.9.0	Trust: 1.0
vendor:	synology	model:	router manager	scope:	eq	version:	1.2	Trust: 1.0
vendor:	canonical	model:	ubuntu linux	scope:	eq	version:	19.04	Trust: 1.0
vendor:	synology	model:	diskstation manager	scope:	eq	version:	6.2	Trust: 1.0
vendor:	canonical	model:	ubuntu linux	scope:	eq	version:	19.10	Trust: 1.0
vendor:	samba	model:	samba	scope:	gte	version:	4.11.0	Trust: 1.0
vendor:	canonical	model:	ubuntu linux	scope:	eq	version:	18.04	Trust: 1.0
vendor:	samba	model:	samba	scope:	lt	version:	4.11.5	Trust: 1.0
vendor:	opensuse	model:	leap	scope:	eq	version:	15.1	Trust: 1.0
vendor:	samba	model:	samba	scope:	lt	version:	4.9.18	Trust: 1.0
vendor:	canonical	model:	ubuntu linux	scope:	eq	version:	16.04	Trust: 1.0
vendor:	samba	model:	samba	scope:	lt	version:	4.11.x	Trust: 0.8
vendor:	synology	model:	diskstation manager	scope:	eq	version:	-	Trust: 0.8
vendor:	opensuse	model:	leap	scope:	eq	version:	-	Trust: 0.8
vendor:	samba	model:	samba	scope:	eq	version:	project	Trust: 0.8
vendor:	samba	model:	samba	scope:	eq	version:	4.11.5	Trust: 0.8
vendor:	synology	model:	router manager	scope:	eq	version:	-	Trust: 0.8
vendor:	samba	model:	samba	scope:	eq	version:	4.10.12	Trust: 0.8
vendor:	samba	model:	samba	scope:	eq	version:	4.9.18	Trust: 0.8
vendor:	samba	model:	samba	scope:	lt	version:	4.10.x	Trust: 0.8
vendor:	canonical	model:	ubuntu	scope:	eq	version:	-	Trust: 0.8
vendor:	samba	model:	samba	scope:	lt	version:	4.9.x	Trust: 0.8

sources: JVNDB: JVNDB-2019-014341 // NVD: CVE-2019-19344

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2019-19344
value:	MEDIUM
Trust: 1.0
secalert@redhat.com:	CVE-2019-19344
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2019-19344
value:	MEDIUM
Trust: 0.8
CNNVD:	CNNVD-202001-905
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-151781
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2019-19344
severity:	MEDIUM
baseScore:	4.0
vectorString:	AV:N/AC:L/AU:S/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	8.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-151781
severity:	MEDIUM
baseScore:	4.0
vectorString:	AV:N/AC:L/AU:S/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	8.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2019-19344
baseSeverity:	MEDIUM
baseScore:	6.5
vectorString:	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	2.8
impactScore:	3.6
version:	3.1
Trust: 2.0
NVD:	CVE-2019-19344
baseSeverity:	MEDIUM
baseScore:	6.5
vectorString:	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: VULHUB: VHN-151781 // JVNDB: JVNDB-2019-014341 // CNNVD: CNNVD-202001-905 // NVD: CVE-2019-19344 // NVD: CVE-2019-19344

PROBLEMTYPE DATA

problemtype:	CWE-416	Trust: 1.1
problemtype:	Using freed memory (CWE-416) [NVD Evaluation ]	Trust: 0.8

sources: VULHUB: VHN-151781 // JVNDB: JVNDB-2019-014341 // NVD: CVE-2019-19344

THREAT TYPE

remote

Trust: 0.8

sources: PACKETSTORM: 156018 // PACKETSTORM: 156915 // CNNVD: CNNVD-202001-905

TYPE

resource management error

Trust: 0.6

sources: CNNVD: CNNVD-202001-905

PATCH

title:	Synology-SA-20	url:	https://usn.ubuntu.com/4244-1/	Trust: 0.8
title:	samba Remediation of resource management error vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=109220	Trust: 0.6

sources: JVNDB: JVNDB-2019-014341 // CNNVD: CNNVD-202001-905

EXTERNAL IDS

db:	NVD	id:	CVE-2019-19344	Trust: 2.7
db:	JVNDB	id:	JVNDB-2019-014341	Trust: 0.8
db:	PACKETSTORM	id:	156018	Trust: 0.7
db:	PACKETSTORM	id:	156915	Trust: 0.7
db:	AUSCERT	id:	ESB-2020.0249	Trust: 0.6
db:	CNNVD	id:	CNNVD-202001-905	Trust: 0.6
db:	VULHUB	id:	VHN-151781	Trust: 0.1

sources: VULHUB: VHN-151781 // JVNDB: JVNDB-2019-014341 // PACKETSTORM: 156018 // PACKETSTORM: 156915 // CNNVD: CNNVD-202001-905 // NVD: CVE-2019-19344

REFERENCES

url:	https://security.gentoo.org/glsa/202003-52	Trust: 1.8
url:	https://bugzilla.redhat.com/show_bug.cgi?id=cve-2019-19344	Trust: 1.7
url:	https://security.netapp.com/advisory/ntap-20200122-0001/	Trust: 1.7
url:	https://www.synology.com/security/advisory/synology_sa_20_01	Trust: 1.7
url:	https://www.samba.org/samba/security/cve-2019-19344.html	Trust: 1.7
url:	http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00055.html	Trust: 1.7
url:	https://usn.ubuntu.com/4244-1/	Trust: 1.7
url:	https://nvd.nist.gov/vuln/detail/cve-2019-19344	Trust: 1.6
url:	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4aczvnmifqggxnjpmhavbn3h2u65fxqy/	Trust: 1.0
url:	https://lists.debian.org/debian-lts-announce/2023/09/msg00013.html	Trust: 1.0
url:	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/gq6u65i2k23yjc4fesw477wl55tu3ppt/	Trust: 1.0
url:	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/gq6u65i2k23yjc4fesw477wl55tu3ppt/	Trust: 0.7
url:	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4aczvnmifqggxnjpmhavbn3h2u65fxqy/	Trust: 0.7
url:	https://www.suse.com/support/update/announcement/2020/suse-su-20200224-1.html	Trust: 0.6
url:	https://www.suse.com/support/update/announcement/2020/suse-su-20200223-1.html	Trust: 0.6
url:	https://packetstormsecurity.com/files/156018/ubuntu-security-notice-usn-4244-1.html	Trust: 0.6
url:	https://packetstormsecurity.com/files/156915/gentoo-linux-security-advisory-202003-52.html	Trust: 0.6
url:	https://access.redhat.com/security/cve/cve-2019-19344	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2020.0249/	Trust: 0.6
url:	https://vigilance.fr/vulnerability/samba-three-vulnerabilities-31386	Trust: 0.6
url:	https://nvd.nist.gov/vuln/detail/cve-2019-14902	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2019-14907	Trust: 0.2
url:	https://launchpad.net/ubuntu/+source/samba/2:4.10.0+dfsg-0ubuntu2.8	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/samba/2:4.10.7+dfsg-0ubuntu2.4	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/samba/2:4.7.6+dfsg~ubuntu-0ubuntu2.15	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/samba/2:4.3.11+dfsg-0ubuntu0.16.04.25	Trust: 0.1
url:	https://usn.ubuntu.com/4244-1	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2018-16841	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2018-16857	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2018-10918	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2018-16860	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2019-10197	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2018-14629	Trust: 0.1
url:	https://security.gentoo.org/	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2018-16851	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2018-10858	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2018-16852	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2018-10919	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2019-14861	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2018-16853	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2018-1140	Trust: 0.1
url:	https://creativecommons.org/licenses/by-sa/2.5	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2019-14870	Trust: 0.1
url:	https://bugs.gentoo.org.	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2018-1139	Trust: 0.1

sources: VULHUB: VHN-151781 // JVNDB: JVNDB-2019-014341 // PACKETSTORM: 156018 // PACKETSTORM: 156915 // CNNVD: CNNVD-202001-905 // NVD: CVE-2019-19344

CREDITS

Ubuntu,Gentoo

Trust: 0.6

sources: CNNVD: CNNVD-202001-905

SOURCES

db:	VULHUB	id:	VHN-151781
db:	JVNDB	id:	JVNDB-2019-014341
db:	PACKETSTORM	id:	156018
db:	PACKETSTORM	id:	156915
db:	CNNVD	id:	CNNVD-202001-905
db:	NVD	id:	CVE-2019-19344

LAST UPDATE DATE

2024-11-23T20:35:22.805000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-151781	date:	2020-03-25T00:00:00
db:	JVNDB	id:	JVNDB-2019-014341	date:	2020-02-12T00:00:00
db:	CNNVD	id:	CNNVD-202001-905	date:	2020-03-27T00:00:00
db:	NVD	id:	CVE-2019-19344	date:	2024-11-21T04:34:37.107

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-151781	date:	2020-01-21T00:00:00
db:	JVNDB	id:	JVNDB-2019-014341	date:	2020-02-12T00:00:00
db:	PACKETSTORM	id:	156018	date:	2020-01-21T19:09:24
db:	PACKETSTORM	id:	156915	date:	2020-03-26T14:45:19
db:	CNNVD	id:	CNNVD-202001-905	date:	2020-01-21T00:00:00
db:	NVD	id:	CVE-2019-19344	date:	2020-01-21T18:15:12.937