You are here

V-212: Samba smbd CPU Processing Loop Lets Remote Users Deny Service

August 6, 2013 - 6:00am

Addthis

PROBLEM:

A vulnerability was reported in Samba

PLATFORM:

Samba 3.0.x - 4.0.7

ABSTRACT:

All current released versions of Samba are vulnerable to a denial of service on an authenticated or guest connection

REFERENCE LINKS:

Secunia Advisory SA54436
Samba Security Release
CVE-2013-4124

IMPACT ASSESSMENT:

Medium

DISCUSSION:

A malformed packet can cause the smbd server to loop the CPU performing memory allocations and preventing any further service.  A connection to a file share, or a local account is needed to exploit this problem, either authenticated or unauthenticated if guest connections are allowed.  This flaw is not exploitable beyond causing the code to loop allocating memory, which may cause the machine to exceed memory limits

IMPACT:

Denial of service

SOLUTION:

Samba 3.5.22, 3.6.17 and 4.0.8 have been issued as security releases to correct the defect

Security patches for older versions are also available

Addthis