CVE-2021-23192

A flaw was found in the way samba implemented DCE/RPC. If a client to a Samba server sent a very large DCE/RPC request, and chose to fragment it, an attacker could replace later fragments with their own data, bypassing the signature requirements.

References

Affected packages

Git / github.com/samba-team/samba

Affected ranges

Type

GIT

Repo

https://github.com/samba-team/samba

Events

Introduced

25f2fe02a615e2cf906b6fa495acd8ea0aa9998a

Fixed

db11778b57610e24324aa4342f89918f66157d71

Introduced

9b49519cae3e967af9ea48dc5fcfb6c145e31db4

Fixed

9312b1832e5a808a63fc7f9e7d6e70348cc9eb86

Introduced

fc8342bd26d1c55ca5780b427f675f31147b27f9

Fixed

7d0c030d4233974c4b9463dad44efdb05e6186f1

Database specific

{
    "versions": [
        {
            "introduced": "4.10.0"
        },
        {
            "fixed": "4.13.14"
        },
        {
            "introduced": "4.14.0"
        },
        {
            "fixed": "4.14.10"
        },
        {
            "introduced": "4.15.0"
        },
        {
            "fixed": "4.15.2"
        }
    ]
}

Affected versions

ldb-1.*

ldb-1.5.5

ldb-1.5.6

ldb-1.5.7

ldb-1.5.8

ldb-2.*

ldb-2.3.0

ldb-2.3.1

ldb-2.3.2

ldb-2.4.1

samba-4.*

samba-4.10.0

samba-4.10.1

samba-4.10.10

samba-4.10.11

samba-4.10.12

samba-4.10.13

samba-4.10.14

samba-4.10.15

samba-4.10.16

samba-4.10.17

samba-4.10.18

samba-4.10.2

samba-4.10.3

samba-4.10.4

samba-4.10.5

samba-4.10.6

samba-4.10.7

samba-4.10.8

samba-4.10.9

samba-4.14.0

samba-4.14.1

samba-4.14.2

samba-4.14.3

samba-4.14.4

samba-4.14.5

samba-4.14.6

samba-4.14.7

samba-4.14.8

samba-4.14.9

samba-4.15.0

samba-4.15.1

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-23192.json"