ALT-PU-2021-1766-1
Closed vulnerabilities
BDU:2021-03130
Уязвимость файловой системы Samba, связанная с чтением за границами буфера, позволяющая нарушителю оказать воздействие на конфиденциальность и целостность защищаемой информации
Modified: 2024-11-21
CVE-2021-20254
A flaw was found in samba. The Samba smbd file server must map Windows group identities (SIDs) into unix group ids (gids). The code that performs this had a flaw that could allow it to read data beyond the end of the array in the case where a negative cache entry had been added to the mapping cache. This could cause the calling code to return those values into the process token that stores the group membership for a user. The highest threat from this vulnerability is to data confidentiality and integrity.
- https://bugzilla.redhat.com/show_bug.cgi?id=1949442
- https://bugzilla.redhat.com/show_bug.cgi?id=1949442
- [debian-lts-announce] 20210529 [SECURITY] [DLA 2668-1] samba security update
- [debian-lts-announce] 20210529 [SECURITY] [DLA 2668-1] samba security update
- FEDORA-2021-1d0807008b
- FEDORA-2021-1d0807008b
- FEDORA-2021-7026246ea9
- FEDORA-2021-7026246ea9
- GLSA-202105-22
- GLSA-202105-22
- https://security.netapp.com/advisory/ntap-20210430-0001/
- https://security.netapp.com/advisory/ntap-20210430-0001/
- https://www.samba.org/samba/security/CVE-2021-20254.html
- https://www.samba.org/samba/security/CVE-2021-20254.html
Closed bugs
Миграция на /run и /run/lock
nmbd doesn't start if /var/run is link to /run
Миграция на /run и /run/lock