Multiple Samba Vulnerabilities Addressed in Ubuntu Updates
Several Samba vulnerabilities were fixed in different Ubuntu releases, including Ubuntu 23.04, Ubuntu 22.04 LTS, and Ubuntu 20.04 LTS. However, the updates introduced a regression in Ubuntu 20.04 LTS due to certain build issues, affecting macro handling and possibly other functionality.
Regression occurs when something that was working properly with a previous Linux kernel now performs badly or not at all. The recent security update for Ubuntu 20.04 LTS has fixed this issue and can be applied by updating the system.
What is Samba in Linux?
Samba is a popular open-source tool that allows users to share file and print services between Windows and Linux/Unix systems. It enables seamless sharing of files, folders, and printers across several operating systems in a networked environment.
Samba is mostly used in infrastructures that have a combination of Windows and Linux/Unix systems because it makes it easier to share resources and data between these systems. Additionally, the program has an active user and developer community that continuously works to maintain and improve it.
Samba Vulnerabilities Fixed in Ubuntu
Ubuntu addressed the following vulnerabilities in Samba for Ubuntu 23.04, Ubuntu 22.04 LTS, and Ubuntu 20.04 LTS.
Sri Nagasubramanian found that the read-only files were not handled correctly by the Samba acl_xattr VFS module. If system ACLs are ignored by Samba, a remote attacker can use this flaw to truncate read-only files.
Samba incorrectly handled the DirSync control, leading to a potential vulnerability that allows a remote attacker having an RODC DC account to gain all domain secrets.
Identified by Andrew Barlett, this vulnerability was caused due to incorrect handling of the rpcecho development server. A remote attacker can take advantage of this issue to make Samba stop responding, ultimately causing a denial of service.
Kirin van der Veer found that Samba did not handle some RPC service listeners, leading to a potential vulnerability that allows a remote attacker to make Samba start multiple incompatible RPC listeners, causing a denial of service. This flaw affected Ubuntu 22.04 LTS and Ubuntu 23.04 only.
These Ubuntu security updates fixed several Samba vulnerabilities that could allow remote attackers to perform malicious activities. Although the regression was caused in Ubuntu 20.04 LTS due to updates, it has been solved in the new update. It is recommended to update Samba packages to the latest versions. A reboot will be required after the system update.
For enhanced security and stability of your Ubuntu system, you can implement an automated patching tool like KernelCare Enterprise that applies security patches automatically when available. Additionally, its live patching method eliminates the need to reboot the server, maintaining a 100% uptime of your servers.
Learn more about live patching and how KernelCare helps secure Linux systems. You can also speak to a TuxCare security expert for more information.
The sources for this article are available at USN-6425-2.