Samba has released software updates to fix two High severity security vulnerabilities (CVE-2020-27840 and CVE-2021-20277) that impact Samba products. A remote attacker could take advantage of these bugs and exploit unpatched systems.
Samba software is used for file and print services for all clients using the SMB/CIFS protocol. Samba is used to seamlessly integrate Linux/Unix systems into Windows Active Directory environments.
One of the security updates addressed a ‘Heap corruption via crafted DN strings’ vulnerability CVE-2020-27840 that impacts all Samba versions since Samba 4.0.0.
According to Samba, “An anonymous attacker can crash the Samba AD DC LDAP server by sending easily crafted DNs as part of a bind request. More serious heap corruption is likely also possible.”
The issue is rated High severity and has a CVSS score of 7.5.
Moreover, a second update fixed a vulnerability CVE-2021-20277 that could allow an out of bounds read in AD DC LDAP server. This issue impacts all Samba versions since Samba 4.0.0.
According to Samba, “a string in an LDAP attribute that contains multiple consecutive leading spaces can lead to a memmove() of out of bounds memory in ldb_handler_fold().”
The issue is rated High severity and has a CVSS score of 7.1.
Finally, readers can also check out the Samba Security Releases page for more details and previous patch updates.