CVE-2020-14318
First published: Thu Oct 29 2020(Updated: )
A flaw was found in the way samba handled file and directory permissions. An authenticated user could use this flaw to gain access to certain file and directory information which otherwise would be unavailable to the attacker.
Credit: secalert@redhat.com secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Samba Samba | >=3.6.0<4.11.15 | |
| Samba Samba | >=4.12.0<4.12.9 | |
| Samba Samba | >=4.13.0<4.13.1 | |
| Redhat Storage | =3.0 | |
| Redhat Enterprise Linux | =7.0 | |
| Redhat Enterprise Linux | =8.0 | |
| redhat/samba | <4.11.15 | 4.11.15 |
| redhat/samba | <4.12.9 | 4.12.9 |
| redhat/samba | <4.13.1 | 4.13.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://bugzilla.redhat.com/show_bug.cgi?id=1892631
- https://security.gentoo.org/glsa/202012-24
- https://www.samba.org/samba/security/CVE-2020-14318.html
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1892634
- https://git.samba.org/?p=samba.git;a=commit;h=22528b76ed6eb6251fdf01875aaa955480e7663d
- https://git.samba.org/?p=samba.git;a=commit;h=5dd4c789c13035b805fdd2c3a9c38721657b05b3
- https://git.samba.org/?p=samba.git;a=commit;h=f100bd2f2e4f047942002a992c99104227a17f81
- https://git.samba.org/?p=samba.git;a=commit;h=f43ecce46a89c6380317fbb5f2ae38f48d3d42c8
- https://git.samba.org/?p=samba.git;a=commit;h=a5da8919303ea99937c0d3b536f964b7f1addda7
- https://git.samba.org/?p=samba.git;a=commit;h=c300a85848350635e7ddd8129b31c4d439dc0f8a
- https://access.redhat.com/errata/RHSA-2020:5439
- https://access.redhat.com/security/cve/cve-2020-14318
- https://access.redhat.com/errata/RHSA-2021:1647
- https://access.redhat.com/errata/RHSA-2021:3723
- https://lists.debian.org/debian-lts-announce/2024/04/msg00015.html
- agent/weakness
- agent/type
- agent/first-publish-date
- collector/nvd-index
- agent/software-canonical-lookup
- agent/author
- agent/remedy
- agent/severity
- agent/softwarecombine
- agent/description
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2020-14318
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/references
- agent/tags
- agent/event
- collector/nvd-api
- source/NVD
- vendor/samba
- canonical/samba samba
- version/samba samba/3.6.0
- version/samba samba/4.12.0
- version/samba samba/4.13.0
- vendor/redhat
- canonical/redhat storage
- version/redhat storage/3.0
- canonical/redhat enterprise linux
- version/redhat enterprise linux/7.0
- version/redhat enterprise linux/8.0
- package-manager/redhat