CVE-2020-25719: Race Condition

First published: Wed Nov 03 2021(Updated: )

A flaw was found in the way Samba, as an Active Directory Domain Controller, implemented Kerberos name-based authentication. The Samba AD DC, could become confused about the user a ticket represents if it did not strictly require a Kerberos PAC and always use the SIDs found within. The result could include total domain compromise.

Credit: secalert@redhat.com secalert@redhat.com secalert@redhat.com

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

• agent/type
• agent/first-publish-date
• collector/launchpad-cve
• source/Launchpad
• agent/severity
• agent/remedy
• agent/weakness
• agent/author
• collector/redhat-bugzilla
• source/Red Hat
• alias/CVE-2020-25719
• agent/software-canonical-lookup
• collector/mitre-cve
• source/MITRE
• agent/last-modified-date
• collector/usn-cve
• source/Ubuntu
• agent/references
• agent/description
• agent/event
• collector/security-tracker-debian
• source/Debian
• agent/trending
• agent/source
• collector/nvd-cve
• source/NVD
• agent/software-canonical-lookup-request
• agent/softwarecombine
• agent/tags
• collector/nvd-api
• collector/nvd-index
• package-manager/redhat
• package-manager/debian
• vendor/samba
• canonical/samba
• version/samba/4.0.0
• version/samba/4.14.0
• version/samba/4.15.0
• vendor/debian
• canonical/debian gnu/linux
• version/debian gnu/linux/9.0
• version/debian gnu/linux/10.0
• vendor/fedoraproject
• canonical/fedoraproject fedora
• version/fedoraproject fedora/33
• version/fedoraproject fedora/34
• version/fedoraproject fedora/35
• vendor/canonical
• canonical/ubuntu linux
• version/ubuntu linux/20.04
• version/ubuntu linux/21.04
• version/ubuntu linux/21.10
• vendor/redhat
• canonical/red hat enterprise linux
• version/red hat enterprise linux/7.0
• version/red hat enterprise linux/8.0
• canonical/redhat enterprise linux desktop
• version/redhat enterprise linux desktop/7.0
• canonical/redhat enterprise linux eus
• version/redhat enterprise linux eus/8.2
• version/redhat enterprise linux eus/8.4
• canonical/redhat enterprise linux for ibm z systems
• version/redhat enterprise linux for ibm z systems/7.0
• version/redhat enterprise linux for ibm z systems/8.0
• canonical/redhat enterprise linux for ibm z systems eus
• version/redhat enterprise linux for ibm z systems eus/8.2
• version/redhat enterprise linux for ibm z systems eus/8.4
• canonical/redhat enterprise linux for power big endian
• version/redhat enterprise linux for power big endian/7.0
• canonical/redhat enterprise linux for power little endian
• version/redhat enterprise linux for power little endian/7.0
• version/redhat enterprise linux for power little endian/8.0
• canonical/redhat enterprise linux for power little endian eus
• version/redhat enterprise linux for power little endian eus/8.2
• version/redhat enterprise linux for power little endian eus/8.4
• canonical/redhat enterprise linux for scientific computing
• version/redhat enterprise linux for scientific computing/7.0
• canonical/redhat enterprise linux server aus
• version/redhat enterprise linux server aus/8.2
• version/redhat enterprise linux server aus/8.4
• canonical/redhat enterprise linux server tus
• version/redhat enterprise linux server tus/8.2
• version/redhat enterprise linux server tus/8.4
• canonical/redhat enterprise linux server update services for sap solutions
• version/redhat enterprise linux server update services for sap solutions/8.2
• version/redhat enterprise linux server update services for sap solutions/8.4
• canonical/redhat enterprise linux workstation
• version/redhat enterprise linux workstation/7.0
• canonical/debian
• version/debian/9.0
• version/debian/10.0
• canonical/fedora
• version/fedora/33
• version/fedora/34
• version/fedora/35
• canonical/ubuntu
• version/ubuntu/20.04
• version/ubuntu/21.04
• version/ubuntu/21.10