- Vulnerability/
- RHSA-2021:5192
RHSA-2021:5192: Important: samba security and bug fix update
First published: Thu Dec 16 2021(Updated: )
Samba is an open-source implementation of the Server Message Block (SMB) protocol and the related Common Internet File System (CIFS) protocol, which allow PC-compatible machines to share files, printers, and various information.<br>Security Fix(es):<br><li> samba: Active Directory (AD) domain user could become root on domain members (CVE-2020-25717)</li> <li> samba: SMB1 client connections can be downgraded to plaintext authentication (CVE-2016-2124)</li> For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.<br>Bug Fix(es):<br><li> Backport IDL changes to harden Kerberos communication (BZ#2021428)</li>
| Affected Software | Affected Version | How to fix |
|---|---|---|
| redhat/samba | <4.10.16-17.el7_9 | 4.10.16-17.el7_9 |
| redhat/libsmbclient | <4.10.16-17.el7_9 | 4.10.16-17.el7_9 |
| redhat/libsmbclient | <4.10.16-17.el7_9 | 4.10.16-17.el7_9 |
| redhat/libsmbclient-devel | <4.10.16-17.el7_9 | 4.10.16-17.el7_9 |
| redhat/libsmbclient-devel | <4.10.16-17.el7_9 | 4.10.16-17.el7_9 |
| redhat/libwbclient | <4.10.16-17.el7_9 | 4.10.16-17.el7_9 |
| redhat/libwbclient | <4.10.16-17.el7_9 | 4.10.16-17.el7_9 |
| redhat/libwbclient-devel | <4.10.16-17.el7_9 | 4.10.16-17.el7_9 |
| redhat/libwbclient-devel | <4.10.16-17.el7_9 | 4.10.16-17.el7_9 |
| redhat/samba | <4.10.16-17.el7_9 | 4.10.16-17.el7_9 |
| redhat/samba-client | <4.10.16-17.el7_9 | 4.10.16-17.el7_9 |
| redhat/samba-client-libs | <4.10.16-17.el7_9 | 4.10.16-17.el7_9 |
| redhat/samba-client-libs | <4.10.16-17.el7_9 | 4.10.16-17.el7_9 |
| redhat/samba-common | <4.10.16-17.el7_9 | 4.10.16-17.el7_9 |
| redhat/samba-common-libs | <4.10.16-17.el7_9 | 4.10.16-17.el7_9 |
| redhat/samba-common-libs | <4.10.16-17.el7_9 | 4.10.16-17.el7_9 |
| redhat/samba-common-tools | <4.10.16-17.el7_9 | 4.10.16-17.el7_9 |
| redhat/samba-dc | <4.10.16-17.el7_9 | 4.10.16-17.el7_9 |
| redhat/samba-dc-libs | <4.10.16-17.el7_9 | 4.10.16-17.el7_9 |
| redhat/samba-debuginfo | <4.10.16-17.el7_9 | 4.10.16-17.el7_9 |
| redhat/samba-debuginfo | <4.10.16-17.el7_9 | 4.10.16-17.el7_9 |
| redhat/samba-devel | <4.10.16-17.el7_9 | 4.10.16-17.el7_9 |
| redhat/samba-devel | <4.10.16-17.el7_9 | 4.10.16-17.el7_9 |
| redhat/samba-krb5-printing | <4.10.16-17.el7_9 | 4.10.16-17.el7_9 |
| redhat/samba-libs | <4.10.16-17.el7_9 | 4.10.16-17.el7_9 |
| redhat/samba-libs | <4.10.16-17.el7_9 | 4.10.16-17.el7_9 |
| redhat/samba-pidl | <4.10.16-17.el7_9 | 4.10.16-17.el7_9 |
| redhat/samba-python | <4.10.16-17.el7_9 | 4.10.16-17.el7_9 |
| redhat/samba-python | <4.10.16-17.el7_9 | 4.10.16-17.el7_9 |
| redhat/samba-python-test | <4.10.16-17.el7_9 | 4.10.16-17.el7_9 |
| redhat/samba-test | <4.10.16-17.el7_9 | 4.10.16-17.el7_9 |
| redhat/samba-test-libs | <4.10.16-17.el7_9 | 4.10.16-17.el7_9 |
| redhat/samba-test-libs | <4.10.16-17.el7_9 | 4.10.16-17.el7_9 |
| redhat/samba-vfs-glusterfs | <4.10.16-17.el7_9 | 4.10.16-17.el7_9 |
| redhat/samba-winbind | <4.10.16-17.el7_9 | 4.10.16-17.el7_9 |
| redhat/samba-winbind-clients | <4.10.16-17.el7_9 | 4.10.16-17.el7_9 |
| redhat/samba-winbind-krb5-locator | <4.10.16-17.el7_9 | 4.10.16-17.el7_9 |
| redhat/samba-winbind-modules | <4.10.16-17.el7_9 | 4.10.16-17.el7_9 |
| redhat/samba-winbind-modules | <4.10.16-17.el7_9 | 4.10.16-17.el7_9 |
| redhat/samba-client | <4.10.16-17.el7_9 | 4.10.16-17.el7_9 |
| redhat/samba-common-tools | <4.10.16-17.el7_9 | 4.10.16-17.el7_9 |
| redhat/samba-dc | <4.10.16-17.el7_9 | 4.10.16-17.el7_9 |
| redhat/samba-dc-libs | <4.10.16-17.el7_9 | 4.10.16-17.el7_9 |
| redhat/samba-krb5-printing | <4.10.16-17.el7_9 | 4.10.16-17.el7_9 |
| redhat/samba-python-test | <4.10.16-17.el7_9 | 4.10.16-17.el7_9 |
| redhat/samba-test | <4.10.16-17.el7_9 | 4.10.16-17.el7_9 |
| redhat/samba-winbind | <4.10.16-17.el7_9 | 4.10.16-17.el7_9 |
| redhat/samba-winbind-clients | <4.10.16-17.el7_9 | 4.10.16-17.el7_9 |
| redhat/samba-winbind-krb5-locator | <4.10.16-17.el7_9 | 4.10.16-17.el7_9 |
| redhat/ctdb | <4.10.16-17.el7_9 | 4.10.16-17.el7_9 |
| redhat/ctdb-tests | <4.10.16-17.el7_9 | 4.10.16-17.el7_9 |
| redhat/libsmbclient | <4.10.16-17.el7_9 | 4.10.16-17.el7_9 |
| redhat/libsmbclient-devel | <4.10.16-17.el7_9 | 4.10.16-17.el7_9 |
| redhat/libwbclient | <4.10.16-17.el7_9 | 4.10.16-17.el7_9 |
| redhat/libwbclient-devel | <4.10.16-17.el7_9 | 4.10.16-17.el7_9 |
| redhat/samba | <4.10.16-17.el7_9 | 4.10.16-17.el7_9 |
| redhat/samba-client | <4.10.16-17.el7_9 | 4.10.16-17.el7_9 |
| redhat/samba-client-libs | <4.10.16-17.el7_9 | 4.10.16-17.el7_9 |
| redhat/samba-common-libs | <4.10.16-17.el7_9 | 4.10.16-17.el7_9 |
| redhat/samba-common-tools | <4.10.16-17.el7_9 | 4.10.16-17.el7_9 |
| redhat/samba-dc | <4.10.16-17.el7_9 | 4.10.16-17.el7_9 |
| redhat/samba-dc-libs | <4.10.16-17.el7_9 | 4.10.16-17.el7_9 |
| redhat/samba-debuginfo | <4.10.16-17.el7_9 | 4.10.16-17.el7_9 |
| redhat/samba-devel | <4.10.16-17.el7_9 | 4.10.16-17.el7_9 |
| redhat/samba-krb5-printing | <4.10.16-17.el7_9 | 4.10.16-17.el7_9 |
| redhat/samba-libs | <4.10.16-17.el7_9 | 4.10.16-17.el7_9 |
| redhat/samba-python | <4.10.16-17.el7_9 | 4.10.16-17.el7_9 |
| redhat/samba-python-test | <4.10.16-17.el7_9 | 4.10.16-17.el7_9 |
| redhat/samba-test | <4.10.16-17.el7_9 | 4.10.16-17.el7_9 |
| redhat/samba-test-libs | <4.10.16-17.el7_9 | 4.10.16-17.el7_9 |
| redhat/samba-winbind | <4.10.16-17.el7_9 | 4.10.16-17.el7_9 |
| redhat/samba-winbind-clients | <4.10.16-17.el7_9 | 4.10.16-17.el7_9 |
| redhat/samba-winbind-krb5-locator | <4.10.16-17.el7_9 | 4.10.16-17.el7_9 |
| redhat/samba-winbind-modules | <4.10.16-17.el7_9 | 4.10.16-17.el7_9 |
| redhat/ctdb | <4.10.16-17.el7_9 | 4.10.16-17.el7_9 |
| redhat/ctdb-tests | <4.10.16-17.el7_9 | 4.10.16-17.el7_9 |
| redhat/ctdb | <4.10.16-17.el7_9 | 4.10.16-17.el7_9 |
| redhat/ctdb-tests | <4.10.16-17.el7_9 | 4.10.16-17.el7_9 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of RHSA-2021:5192?
The severity of RHSA-2021:5192 is critical due to vulnerabilities in Samba that could lead to remote code execution or denial of service.
How do I fix RHSA-2021:5192?
To fix RHSA-2021:5192, you should upgrade the Samba packages to the specified version 4.10.16-17.el7_9 or later.
What versions are affected by RHSA-2021:5192?
RHSA-2021:5192 affects Samba version prior to 4.10.16-17.el7_9.
Is there a workaround for RHSA-2021:5192?
There are no specific workarounds recommended for RHSA-2021:5192; it's advised to apply the security update.
What components are related to RHSA-2021:5192?
RHSA-2021:5192 relates to several components including samba, libsmbclient, and their respective development packages.
- agent/severity
- agent/type
- agent/first-publish-date
- agent/softwarecombine
- agent/last-modified-date
- agent/title
- agent/remedy
- agent/description
- collector/redhat-errata
- source/Red Hat
- anchor-id/RHSA-2021:5192
- agent/software-canonical-lookup
- agent/references
- agent/tags
- agent/event
- agent/source
- package-manager/redhat