CVE-2017-15275: Buffer Overflow
First published: Mon Nov 13 2017(Updated: )
As per upstream samba advisory: All versions of Samba from 3.6.0 onwards are vulnerable to a heap memory information leak, where server allocated heap memory may be returned to the client without being cleared. There is no known vulnerability associated with this error, but uncleared heap memory may contain previously used data that may help an attacker compromise the server via other methods. Uncleared heap memory may potentially contain password hashes or other high-value data.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| debian/samba | 2:4.9.5+dfsg-5+deb10u3 2:4.9.5+dfsg-5+deb10u4 2:4.13.13+dfsg-1~deb11u5 2:4.17.11+dfsg-0+deb12u1 2:4.17.12+dfsg-0+deb12u1 2:4.19.1+dfsg-4 2:4.19.2+dfsg-1 | |
| Samba | >=3.6.0<4.5.15 | |
| Samba | >=4.6.0<4.6.11 | |
| Samba | >=4.7.0<4.7.3 | |
| Ubuntu Linux | =14.04 | |
| Ubuntu Linux | =16.04 | |
| Ubuntu Linux | =17.04 | |
| Ubuntu Linux | =17.10 | |
| Debian GNU/Linux | =8.0 | |
| Debian GNU/Linux | =9.0 | |
| redhat enterprise Linux desktop | =6.0 | |
| redhat enterprise Linux desktop | =7.0 | |
| redhat enterprise Linux server | =6.0 | |
| redhat enterprise Linux server | =7.0 | |
| redhat enterprise Linux workstation | =6.0 | |
| redhat enterprise Linux workstation | =7.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://www.samba.org/samba/security/CVE-2017-15275.html
- https://security-tracker.debian.org/tracker/CVE-2017-15275
- http://www.securityfocus.com/bid/101908
- http://www.securitytracker.com/id/1039855
- http://www.ubuntu.com/usn/USN-3486-1
- http://www.ubuntu.com/usn/USN-3486-2
- https://access.redhat.com/errata/RHSA-2017:3260
- https://access.redhat.com/errata/RHSA-2017:3261
- https://access.redhat.com/errata/RHSA-2017:3278
- https://lists.debian.org/debian-lts-announce/2017/11/msg00029.html
- https://security.gentoo.org/glsa/201805-07
- https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03817en_us
- https://www.debian.org/security/2017/dsa-4043
- https://www.synology.com/support/security/Synology_SA_17_72_Samba
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1515692
- https://bugzilla.redhat.com/show_bug.cgi?id=1512465
Frequently Asked Questions
What is the severity of CVE-2017-15275?
CVE-2017-15275 is considered a moderate severity vulnerability due to the potential exposure of sensitive data through an information leak.
How do I fix CVE-2017-15275?
To fix CVE-2017-15275, ensure that your Samba version is updated to a patched release that addresses this vulnerability.
What versions of Samba are affected by CVE-2017-15275?
CVE-2017-15275 affects all Samba versions from 3.6.0 onwards, up to but not including the patched versions.
Is there a known exploit for CVE-2017-15275?
There is currently no known exploit associated with CVE-2017-15275, but the vulnerability does allow for potential data exposure.
What should I do if I cannot update Samba for CVE-2017-15275?
If you cannot update Samba for CVE-2017-15275, consider implementing additional security controls to mitigate the risk of information exposure.
- collector/security-tracker-debian
- agent/type
- agent/first-publish-date
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2017-15275
- collector/mitre-cve
- source/MITRE
- agent/references
- agent/weakness
- agent/author
- agent/severity
- agent/last-modified-date
- agent/description
- agent/event
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- package-manager/debian
- vendor/samba
- canonical/samba
- version/samba/3.6.0
- version/samba/4.6.0
- version/samba/4.7.0
- vendor/canonical
- canonical/ubuntu linux
- version/ubuntu linux/14.04
- version/ubuntu linux/16.04
- version/ubuntu linux/17.04
- version/ubuntu linux/17.10
- vendor/debian
- canonical/debian gnu/linux
- version/debian gnu/linux/8.0
- version/debian gnu/linux/9.0
- vendor/redhat
- canonical/redhat enterprise linux desktop
- version/redhat enterprise linux desktop/6.0
- version/redhat enterprise linux desktop/7.0
- canonical/redhat enterprise linux server
- version/redhat enterprise linux server/6.0
- version/redhat enterprise linux server/7.0
- canonical/redhat enterprise linux workstation
- version/redhat enterprise linux workstation/6.0
- version/redhat enterprise linux workstation/7.0