CVE-2023-42670

03.11.2023, 08:15

A flaw was found in Samba. It is susceptible to a vulnerability where multiple incompatible RPC listeners can be initiated, causing disruptions in the AD DC service. When Samba's RPC server experiences a high load or unresponsiveness, servers intended for non-AD DC purposes (for example, NT4-emulation "classic DCs") can erroneously start and compete for the same unix domain sockets. This issue leads to partial query responses from the AD DC, causing issues such as "The procedure number is out of range" when using tools like Active Directory Users. This flaw allows an attacker to disrupt AD DC services.

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	6.5 MEDIUM	NETWORK	LOW	LOW	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
redhat	CNA	6.5 MEDIUM	NETWORK	LOW	LOW	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE	ADP	---				---
CISA-ADP	ADP	---				---

Base Score

CVSS 3.x

EPSS Score

Percentile: 64%

Vendor	Product	Version
samba	samba	𝑥 < 4.17.12
samba	samba	4.18.0 ≤ 𝑥 < 4.18.8
samba	samba	4.19.0 ≤ 𝑥 < 4.19.1

𝑥

= Vulnerable software versions

Debian Releases

Debian Product

Codename

samba

bullseye (security)	2:4.13.13+dfsg-1~deb11u6 fixed
bullseye	2:4.13.13+dfsg-1~deb11u6 not-affected
buster	not-affected
bookworm	2:4.17.12+dfsg-0+deb12u1 fixed
bookworm (security)	2:4.17.12+dfsg-0+deb12u1 fixed
trixie	2:4.21.2+dfsg-4 fixed
sid	2:4.21.2+dfsg-4 fixed

Ubuntu Releases

Ubuntu Product

Codename

samba

mantic	Fixed 2:4.18.6+dfsg-1ubuntu2.1 released
lunar	Fixed 2:4.17.7+dfsg-1ubuntu2.3 released
jammy	Fixed 2:4.15.13+dfsg-0ubuntu1.5 released
focal	not-affected
bionic	not-affected
xenial	not-affected
trusty	not-affected

Common Weakness Enumeration

CWE-400 - Uncontrolled Resource Consumption
The software does not properly control the allocation and maintenance of a limited resource, thereby enabling an actor to influence the amount of resources consumed, eventually leading to the exhaustion of available resources.

References

https://access.redhat.com/security/cve/CVE-2023-42670

https://bugzilla.redhat.com/show_bug.cgi?id=2241885

https://bugzilla.samba.org/show_bug.cgi?id=15473

https://www.samba.org/samba/security/CVE-2023-42670.html

https://access.redhat.com/security/cve/CVE-2023-42670

https://bugzilla.redhat.com/show_bug.cgi?id=2241885

https://bugzilla.samba.org/show_bug.cgi?id=15473

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZUMVALLFFDFC53JZMUWA6HPD7HUGAP5I/

https://security.netapp.com/advisory/ntap-20231124-0002/

https://www.samba.org/samba/security/CVE-2023-42670.html