CVE-2021-43566 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	Primary	2.5 LOW	LOCAL	HIGH	LOW	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N

Base Score

CVSS 3.x

EPSS Score

Percentile: 58%

Affected Products (NVD)

Vendor	Product	Version
samba	samba	𝑥 < 4.13.16

𝑥

= Vulnerable software versions

Debian Releases

Debian Product

Codename

samba

bookworm	2:4.17.12+dfsg-0+deb12u1 fixed
bookworm (security)	2:4.17.12+dfsg-0+deb12u1 fixed
bullseye	2:4.13.13+dfsg-1~deb11u6 fixed
bullseye (security)	2:4.13.13+dfsg-1~deb11u6 fixed
buster	ignored
sid	2:4.21.1+dfsg-2 fixed
trixie	2:4.21.1+dfsg-2 fixed

Ubuntu Releases

Ubuntu Product

Codename

samba

bionic	needed
focal	Fixed 2:4.13.17~dfsg-0ubuntu0.21.04.1 released
hirsute	ignored
impish	Fixed 2:4.13.17~dfsg-0ubuntu0.21.10.1 released
jammy	Fixed 4.13.17~dfsg-0ubuntu1 released
kinetic	Fixed 4.13.17~dfsg-0ubuntu1 released
lunar	Fixed 4.13.17~dfsg-0ubuntu1 released
mantic	Fixed 4.13.17~dfsg-0ubuntu1 released
noble	Fixed 4.13.17~dfsg-0ubuntu1 released
trusty	needs-triage
xenial	needs-triage

openSUSE / SLES Releases

openSUSE Product

Release

apache2-mod_apparmor

suse enterprise sap 15 SP3	2.13.6-150300.3.11.2 fixed
suse enterprise server 15 SP3	2.13.6-150300.3.11.2 fixed

apparmor-abstractions

suse enterprise desktop 15 SP3	2.13.6-150300.3.11.2 fixed
suse enterprise sap 15 SP3	2.13.6-150300.3.11.2 fixed
suse enterprise server 15 SP3	2.13.6-150300.3.11.2 fixed

apparmor-docs

suse enterprise desktop 15 SP3	2.13.6-150300.3.11.2 fixed
suse enterprise sap 15 SP3	2.13.6-150300.3.11.2 fixed
suse enterprise server 15 SP3	2.13.6-150300.3.11.2 fixed

apparmor-parser

suse enterprise desktop 15 SP3	2.13.6-150300.3.11.2 fixed
suse enterprise sap 15 SP3	2.13.6-150300.3.11.2 fixed
suse enterprise server 15 SP3	2.13.6-150300.3.11.2 fixed

apparmor-parser-lang

suse enterprise desktop 15 SP3	2.13.6-150300.3.11.2 fixed
suse enterprise sap 15 SP3	2.13.6-150300.3.11.2 fixed
suse enterprise server 15 SP3	2.13.6-150300.3.11.2 fixed

apparmor-profiles

suse enterprise desktop 15 SP3	2.13.6-150300.3.11.2 fixed
suse enterprise sap 15 SP3	2.13.6-150300.3.11.2 fixed
suse enterprise server 15 SP3	2.13.6-150300.3.11.2 fixed

apparmor-utils

suse enterprise desktop 15 SP3	2.13.6-150300.3.11.2 fixed
suse enterprise sap 15 SP3	2.13.6-150300.3.11.2 fixed
suse enterprise server 15 SP3	2.13.6-150300.3.11.2 fixed

apparmor-utils-lang

suse enterprise desktop 15 SP3	2.13.6-150300.3.11.2 fixed
suse enterprise sap 15 SP3	2.13.6-150300.3.11.2 fixed
suse enterprise server 15 SP3	2.13.6-150300.3.11.2 fixed

krb5

suse enterprise desktop 15 SP3	1.19.2-150300.8.3.2 fixed
suse enterprise sap 15 SP3	1.19.2-150300.8.3.2 fixed
suse enterprise server 15 SP3	1.19.2-150300.8.3.2 fixed

krb5-32bit

suse enterprise desktop 15 SP3	1.19.2-150300.8.3.2 fixed
suse enterprise sap 15 SP3	1.19.2-150300.8.3.2 fixed
suse enterprise server 15 SP3	1.19.2-150300.8.3.2 fixed

krb5-client

suse enterprise desktop 15 SP3	1.19.2-150300.8.3.2 fixed
suse enterprise sap 15 SP3	1.19.2-150300.8.3.2 fixed
suse enterprise server 15 SP3	1.19.2-150300.8.3.2 fixed

krb5-devel

suse enterprise desktop 15 SP3	1.19.2-150300.8.3.2 fixed
suse enterprise sap 15 SP3	1.19.2-150300.8.3.2 fixed
suse enterprise server 15 SP3	1.19.2-150300.8.3.2 fixed

krb5-plugin-kdb-ldap

suse enterprise sap 15 SP3	1.19.2-150300.8.3.2 fixed
suse enterprise server 15 SP3	1.19.2-150300.8.3.2 fixed

krb5-plugin-preauth-otp

suse enterprise desktop 15 SP3	1.19.2-150300.8.3.2 fixed
suse enterprise sap 15 SP3	1.19.2-150300.8.3.2 fixed
suse enterprise server 15 SP3	1.19.2-150300.8.3.2 fixed

krb5-plugin-preauth-pkinit

suse enterprise desktop 15 SP3	1.19.2-150300.8.3.2 fixed
suse enterprise sap 15 SP3	1.19.2-150300.8.3.2 fixed
suse enterprise server 15 SP3	1.19.2-150300.8.3.2 fixed

krb5-plugin-preauth-spake

suse enterprise desktop 15 SP3	1.19.2-150300.8.3.2 fixed
suse enterprise sap 15 SP3	1.19.2-150300.8.3.2 fixed
suse enterprise server 15 SP3	1.19.2-150300.8.3.2 fixed

krb5-server

suse enterprise sap 15 SP3	1.19.2-150300.8.3.2 fixed
suse enterprise server 15 SP3	1.19.2-150300.8.3.2 fixed

ldb-tools

suse enterprise desktop 15 SP3	2.4.1-150300.3.10.1 fixed
suse enterprise sap 15 SP3	2.4.1-150300.3.10.1 fixed
suse enterprise server 15 SP3	2.4.1-150300.3.10.1 fixed

libapparmor-devel

suse enterprise desktop 15 SP3	2.13.6-150300.3.11.1 fixed
suse enterprise sap 15 SP3	2.13.6-150300.3.11.1 fixed
suse enterprise server 15 SP3	2.13.6-150300.3.11.1 fixed

libapparmor1

suse enterprise desktop 15 SP3	2.13.6-150300.3.11.1 fixed
suse enterprise sap 15 SP3	2.13.6-150300.3.11.1 fixed
suse enterprise server 15 SP3	2.13.6-150300.3.11.1 fixed

libapparmor1-32bit

suse enterprise desktop 15 SP3	2.13.6-150300.3.11.1 fixed
suse enterprise sap 15 SP3	2.13.6-150300.3.11.1 fixed
suse enterprise server 15 SP3	2.13.6-150300.3.11.1 fixed

libipa_hbac-devel

suse enterprise desktop 15 SP3	1.16.1-150300.23.17.3 fixed
suse enterprise sap 15 SP3	1.16.1-150300.23.17.3 fixed
suse enterprise server 15 SP3	1.16.1-150300.23.17.3 fixed

libipa_hbac0

suse enterprise desktop 15 SP3	1.16.1-150300.23.17.3 fixed
suse enterprise sap 15 SP3	1.16.1-150300.23.17.3 fixed
suse enterprise server 15 SP3	1.16.1-150300.23.17.3 fixed

libldb-devel

suse enterprise desktop 15 SP3	2.4.1-150300.3.10.1 fixed
suse enterprise sap 15 SP3	2.4.1-150300.3.10.1 fixed
suse enterprise server 15 SP3	2.4.1-150300.3.10.1 fixed

libldb2

suse enterprise desktop 15 SP3	2.4.1-150300.3.10.1 fixed
suse enterprise sap 15 SP3	2.4.1-150300.3.10.1 fixed
suse enterprise server 15 SP3	2.4.1-150300.3.10.1 fixed

libldb2-32bit

suse enterprise desktop 15 SP3	2.4.1-150300.3.10.1 fixed
suse enterprise sap 15 SP3	2.4.1-150300.3.10.1 fixed
suse enterprise server 15 SP3	2.4.1-150300.3.10.1 fixed

libsss_certmap-devel

suse enterprise desktop 15 SP3	1.16.1-150300.23.17.3 fixed
suse enterprise sap 15 SP3	1.16.1-150300.23.17.3 fixed
suse enterprise server 15 SP3	1.16.1-150300.23.17.3 fixed

libsss_certmap0

suse enterprise desktop 15 SP3	1.16.1-150300.23.17.3 fixed
suse enterprise sap 15 SP3	1.16.1-150300.23.17.3 fixed
suse enterprise server 15 SP3	1.16.1-150300.23.17.3 fixed

libsss_idmap-devel

suse enterprise desktop 15 SP3	1.16.1-150300.23.17.3 fixed
suse enterprise sap 15 SP3	1.16.1-150300.23.17.3 fixed
suse enterprise server 15 SP3	1.16.1-150300.23.17.3 fixed

libsss_idmap0

suse enterprise desktop 15 SP3	1.16.1-150300.23.17.3 fixed
suse enterprise sap 15 SP3	1.16.1-150300.23.17.3 fixed
suse enterprise server 15 SP3	1.16.1-150300.23.17.3 fixed

libsss_nss_idmap-devel

suse enterprise desktop 15 SP3	1.16.1-150300.23.17.3 fixed
suse enterprise sap 15 SP3	1.16.1-150300.23.17.3 fixed
suse enterprise server 15 SP3	1.16.1-150300.23.17.3 fixed

libsss_nss_idmap0

suse enterprise desktop 15 SP3	1.16.1-150300.23.17.3 fixed
suse enterprise sap 15 SP3	1.16.1-150300.23.17.3 fixed
suse enterprise server 15 SP3	1.16.1-150300.23.17.3 fixed

libsss_simpleifp-devel

suse enterprise desktop 15 SP3	1.16.1-150300.23.17.3 fixed
suse enterprise sap 15 SP3	1.16.1-150300.23.17.3 fixed
suse enterprise server 15 SP3	1.16.1-150300.23.17.3 fixed

libsss_simpleifp0

suse enterprise desktop 15 SP3	1.16.1-150300.23.17.3 fixed
suse enterprise sap 15 SP3	1.16.1-150300.23.17.3 fixed
suse enterprise server 15 SP3	1.16.1-150300.23.17.3 fixed

libtalloc-devel

suse enterprise desktop 15 SP3	2.3.3-150300.3.3.2 fixed
suse enterprise sap 15 SP3	2.3.3-150300.3.3.2 fixed
suse enterprise server 15 SP3	2.3.3-150300.3.3.2 fixed

libtalloc2

suse enterprise desktop 15 SP3	2.3.3-150300.3.3.2 fixed
suse enterprise sap 15 SP3	2.3.3-150300.3.3.2 fixed
suse enterprise server 15 SP3	2.3.3-150300.3.3.2 fixed

libtalloc2-32bit

suse enterprise desktop 15 SP3	2.3.3-150300.3.3.2 fixed
suse enterprise sap 15 SP3	2.3.3-150300.3.3.2 fixed
suse enterprise server 15 SP3	2.3.3-150300.3.3.2 fixed

libtdb-devel

suse enterprise desktop 15 SP3	1.4.4-150300.3.3.2 fixed
suse enterprise sap 15 SP3	1.4.4-150300.3.3.2 fixed
suse enterprise server 15 SP3	1.4.4-150300.3.3.2 fixed

libtdb1

suse enterprise desktop 15 SP3	1.4.4-150300.3.3.2 fixed
suse enterprise sap 15 SP3	1.4.4-150300.3.3.2 fixed
suse enterprise server 15 SP3	1.4.4-150300.3.3.2 fixed

libtdb1-32bit

suse enterprise desktop 15 SP3	1.4.4-150300.3.3.2 fixed
suse enterprise sap 15 SP3	1.4.4-150300.3.3.2 fixed
suse enterprise server 15 SP3	1.4.4-150300.3.3.2 fixed

libtevent-devel

suse enterprise desktop 15 SP3	0.11.0-150300.3.3.2 fixed
suse enterprise sap 15 SP3	0.11.0-150300.3.3.2 fixed
suse enterprise server 15 SP3	0.11.0-150300.3.3.2 fixed

libtevent0

suse enterprise desktop 15 SP3	0.11.0-150300.3.3.2 fixed
suse enterprise sap 15 SP3	0.11.0-150300.3.3.2 fixed
suse enterprise server 15 SP3	0.11.0-150300.3.3.2 fixed

libtevent0-32bit

suse enterprise desktop 15 SP3	0.11.0-150300.3.3.2 fixed
suse enterprise sap 15 SP3	0.11.0-150300.3.3.2 fixed
suse enterprise server 15 SP3	0.11.0-150300.3.3.2 fixed

pam_apparmor

suse enterprise desktop 15 SP3	2.13.6-150300.3.11.2 fixed
suse enterprise sap 15 SP3	2.13.6-150300.3.11.2 fixed
suse enterprise server 15 SP3	2.13.6-150300.3.11.2 fixed

pam_apparmor-32bit

suse enterprise desktop 15 SP3	2.13.6-150300.3.11.2 fixed
suse enterprise sap 15 SP3	2.13.6-150300.3.11.2 fixed
suse enterprise server 15 SP3	2.13.6-150300.3.11.2 fixed

perl-apparmor

suse enterprise desktop 15 SP3	2.13.6-150300.3.11.2 fixed
suse enterprise sap 15 SP3	2.13.6-150300.3.11.2 fixed
suse enterprise server 15 SP3	2.13.6-150300.3.11.2 fixed

python3-apparmor

suse enterprise desktop 15 SP3	2.13.6-150300.3.11.2 fixed
suse enterprise sap 15 SP3	2.13.6-150300.3.11.2 fixed
suse enterprise server 15 SP3	2.13.6-150300.3.11.2 fixed

python3-ldb

suse enterprise desktop 15 SP3	2.4.1-150300.3.10.1 fixed
suse enterprise sap 15 SP3	2.4.1-150300.3.10.1 fixed
suse enterprise server 15 SP3	2.4.1-150300.3.10.1 fixed

python3-ldb-devel

suse enterprise desktop 15 SP3	2.4.1-150300.3.10.1 fixed
suse enterprise sap 15 SP3	2.4.1-150300.3.10.1 fixed
suse enterprise server 15 SP3	2.4.1-150300.3.10.1 fixed

python3-sssd-config

suse enterprise desktop 15 SP3	1.16.1-150300.23.17.3 fixed
suse enterprise sap 15 SP3	1.16.1-150300.23.17.3 fixed
suse enterprise server 15 SP3	1.16.1-150300.23.17.3 fixed

python3-talloc

suse enterprise desktop 15 SP3	2.3.3-150300.3.3.2 fixed
suse enterprise sap 15 SP3	2.3.3-150300.3.3.2 fixed
suse enterprise server 15 SP3	2.3.3-150300.3.3.2 fixed

python3-talloc-devel

suse enterprise desktop 15 SP3	2.3.3-150300.3.3.2 fixed
suse enterprise sap 15 SP3	2.3.3-150300.3.3.2 fixed
suse enterprise server 15 SP3	2.3.3-150300.3.3.2 fixed

python3-tdb

suse enterprise desktop 15 SP3	1.4.4-150300.3.3.2 fixed
suse enterprise sap 15 SP3	1.4.4-150300.3.3.2 fixed
suse enterprise server 15 SP3	1.4.4-150300.3.3.2 fixed

python3-tevent

suse enterprise desktop 15 SP3	0.11.0-150300.3.3.2 fixed
suse enterprise sap 15 SP3	0.11.0-150300.3.3.2 fixed
suse enterprise server 15 SP3	0.11.0-150300.3.3.2 fixed

sssd

suse enterprise desktop 15 SP3	1.16.1-150300.23.17.3 fixed
suse enterprise sap 15 SP3	1.16.1-150300.23.17.3 fixed
suse enterprise server 15 SP3	1.16.1-150300.23.17.3 fixed

sssd-ad

suse enterprise desktop 15 SP3	1.16.1-150300.23.17.3 fixed
suse enterprise sap 15 SP3	1.16.1-150300.23.17.3 fixed
suse enterprise server 15 SP3	1.16.1-150300.23.17.3 fixed

sssd-common

suse enterprise desktop 15 SP3	1.16.1-150300.23.17.3 fixed
suse enterprise sap 15 SP3	1.16.1-150300.23.17.3 fixed
suse enterprise server 15 SP3	1.16.1-150300.23.17.3 fixed

sssd-dbus

suse enterprise desktop 15 SP3	1.16.1-150300.23.17.3 fixed
suse enterprise sap 15 SP3	1.16.1-150300.23.17.3 fixed
suse enterprise server 15 SP3	1.16.1-150300.23.17.3 fixed

sssd-ipa

suse enterprise desktop 15 SP3	1.16.1-150300.23.17.3 fixed
suse enterprise sap 15 SP3	1.16.1-150300.23.17.3 fixed
suse enterprise server 15 SP3	1.16.1-150300.23.17.3 fixed

sssd-krb5

suse enterprise desktop 15 SP3	1.16.1-150300.23.17.3 fixed
suse enterprise sap 15 SP3	1.16.1-150300.23.17.3 fixed
suse enterprise server 15 SP3	1.16.1-150300.23.17.3 fixed

sssd-krb5-common

suse enterprise desktop 15 SP3	1.16.1-150300.23.17.3 fixed
suse enterprise sap 15 SP3	1.16.1-150300.23.17.3 fixed
suse enterprise server 15 SP3	1.16.1-150300.23.17.3 fixed

sssd-ldap

suse enterprise desktop 15 SP3	1.16.1-150300.23.17.3 fixed
suse enterprise sap 15 SP3	1.16.1-150300.23.17.3 fixed
suse enterprise server 15 SP3	1.16.1-150300.23.17.3 fixed

sssd-proxy

suse enterprise desktop 15 SP3	1.16.1-150300.23.17.3 fixed
suse enterprise sap 15 SP3	1.16.1-150300.23.17.3 fixed
suse enterprise server 15 SP3	1.16.1-150300.23.17.3 fixed

sssd-tools

suse enterprise desktop 15 SP3	1.16.1-150300.23.17.3 fixed
suse enterprise sap 15 SP3	1.16.1-150300.23.17.3 fixed
suse enterprise server 15 SP3	1.16.1-150300.23.17.3 fixed

sssd-winbind-idmap

suse enterprise desktop 15 SP3	1.16.1-150300.23.17.3 fixed
suse enterprise sap 15 SP3	1.16.1-150300.23.17.3 fixed
suse enterprise server 15 SP3	1.16.1-150300.23.17.3 fixed

talloc-man

suse enterprise desktop 15 SP3	2.3.3-150300.3.3.1 fixed
suse enterprise sap 15 SP3	2.3.3-150300.3.3.1 fixed
suse enterprise server 15 SP3	2.3.3-150300.3.3.1 fixed

tdb-tools

suse enterprise desktop 15 SP3	1.4.4-150300.3.3.2 fixed
suse enterprise sap 15 SP3	1.4.4-150300.3.3.2 fixed
suse enterprise server 15 SP3	1.4.4-150300.3.3.2 fixed

tevent-man

suse enterprise desktop 15 SP3	0.11.0-150300.3.3.1 fixed
suse enterprise sap 15 SP3	0.11.0-150300.3.3.1 fixed
suse enterprise server 15 SP3	0.11.0-150300.3.3.1 fixed

Red Hat Enterprise Linux Releases

Red Hat Product

Release

ctdb

RHEL 8

0:4.14.5-2.el8

fixed

libsmbclient

RHEL 8

0:4.14.5-2.el8

fixed

libsmbclient-devel

RHEL 8

0:4.14.5-2.el8

fixed

libwbclient

RHEL 8

0:4.14.5-2.el8

fixed

libwbclient-devel

RHEL 8

0:4.14.5-2.el8

fixed

python3-samba

RHEL 8

0:4.14.5-2.el8

fixed

python3-samba-test

RHEL 8

0:4.14.5-2.el8

fixed

samba

RHEL 8

0:4.14.5-2.el8

fixed

samba-client

RHEL 8

0:4.14.5-2.el8

fixed

samba-client-libs

RHEL 8

0:4.14.5-2.el8

fixed

samba-common

RHEL 8

0:4.14.5-2.el8

fixed

samba-common-libs

RHEL 8

0:4.14.5-2.el8

fixed

samba-common-tools

RHEL 8

0:4.14.5-2.el8

fixed

samba-devel

RHEL 8

0:4.14.5-2.el8

fixed

samba-krb5-printing

RHEL 8

0:4.14.5-2.el8

fixed

samba-libs

RHEL 8

0:4.14.5-2.el8

fixed

samba-pidl

RHEL 8

0:4.14.5-2.el8

fixed

samba-test

RHEL 8

0:4.14.5-2.el8

fixed

samba-test-libs

RHEL 8

0:4.14.5-2.el8

fixed

samba-vfs-iouring

RHEL 8

0:4.14.5-2.el8

fixed

samba-winbind

RHEL 8

0:4.14.5-2.el8

fixed

samba-winbind-clients

RHEL 8

0:4.14.5-2.el8

fixed

samba-winbind-krb5-locator

RHEL 8

0:4.14.5-2.el8

fixed

samba-winbind-modules

RHEL 8

0:4.14.5-2.el8

fixed

samba-winexe

RHEL 8

0:4.14.5-2.el8

fixed

Known Exploits!

Common Weakness Enumeration

CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
The program contains a code sequence that can run concurrently with other code, and the code sequence requires temporary, exclusive access to a shared resource, but a timing window exists in which the shared resource can be modified by another code sequence that is operating concurrently.

References

https://bugzilla.samba.org/show_bug.cgi?id=13979

https://security.netapp.com/advisory/ntap-20220110-0001/

https://www.samba.org/samba/security/CVE-2021-43566.html

https://bugzilla.samba.org/show_bug.cgi?id=13979

https://security.netapp.com/advisory/ntap-20220110-0001/

https://www.samba.org/samba/security/CVE-2021-43566.html