CVE-2022-38023

high

Published 2023-05-04 · Modified 2023-02-21

💬 Discuss on Community ✚ Propose mitigation

CVSS v3

—

CVSS v4 NEW

—

not yet in upstream

VIR risk

8.0

Description

Important: samba security update

Predictions

Exploit likelihood

20%

Patch ETA

—

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

Mitigation details

Source: Red Hat Errata — Red Hat Inc. · View original ↗ · Open-Errata-API

Description samba: RC4/HMAC-MD5 NetLogon Secure Channel is weak and should be avoided Red Hat statement Users can disable MD5-based NetLogon by adding the following snippet to their smb.conf ~~~ reject md5 clients = yes ~~~ in case there's still need to allow SMB to authenticate to MD5-based NetLogon servers, it's possible to explicitly enable it per-server based: ~~~ server reject md5…

Description

samba: RC4/HMAC-MD5 NetLogon Secure Channel is weak and should be avoided

Red Hat statement

Users can disable MD5-based NetLogon by adding the following snippet to their smb.conf ~~~ reject md5 clients = yes ~~~ in case there's still need to allow SMB to authenticate to MD5-based NetLogon servers, it's possible to explicitly enable it per-server based: ~~~ server reject md5 schannel:<SERVERNAME>$ = no ~~~

CVSS v3: 8.1 (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H)

Errata / fixed releases

Product	Package	Advisory	Released
Red Hat Enterprise Linux 7	`samba-0:4.10.16-24.el7_9`	RHSA-2023:1090	2023-03-07T00:00:00Z
Red Hat Enterprise Linux 8	`samba-0:4.16.4-4.el8_7`	RHSA-2023:0838	2023-02-21T00:00:00Z
Red Hat Enterprise Linux 8	`samba-0:4.16.4-4.el8_7`	RHSA-2023:0838	2023-02-21T00:00:00Z
Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions	`samba-0:4.10.4-107.el8_1`	RHSA-2023:0639	2023-02-07T00:00:00Z
Red Hat Enterprise Linux 8.2 Advanced Update Support	`samba-0:4.11.2-22.el8_2`	RHSA-2023:0638	2023-02-07T00:00:00Z
Red Hat Enterprise Linux 8.2 Telecommunications Update Service	`samba-0:4.11.2-22.el8_2`	RHSA-2023:0638	2023-02-07T00:00:00Z
Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions	`samba-0:4.11.2-22.el8_2`	RHSA-2023:0638	2023-02-07T00:00:00Z
Red Hat Enterprise Linux 8.4 Extended Update Support	`samba-0:4.13.3-11.el8_4`	RHSA-2023:0637	2023-02-07T00:00:00Z
Red Hat Enterprise Linux 8.6 Extended Update Support	`samba-0:4.15.5-12.el8_6`	RHSA-2023:2136	2023-05-04T00:00:00Z
Red Hat Enterprise Linux 9	`samba-0:4.16.4-103.el9_1`	RHSA-2023:2127	2023-05-04T00:00:00Z
Red Hat Enterprise Linux 9	`samba-0:4.16.4-103.el9_1`	RHSA-2023:2127	2023-05-04T00:00:00Z
Red Hat Enterprise Linux 9.0 Extended Update Support	`samba-0:4.15.5-110.el9_0`	RHSA-2023:2137	2023-05-04T00:00:00Z
Red Hat Virtualization 4 for Red Hat Enterprise Linux 8	`samba-0:4.15.5-12.el8_6`	RHSA-2023:2136	2023-05-04T00:00:00Z
Red Hat Virtualization 4 for Red Hat Enterprise Linux 8	`redhat-virtualization-host-0:4.5.3-202306050942_8.6`	RHSA-2023:3491	2023-06-06T00:00:00Z

Package state

Product	Package	State
Red Hat Enterprise Linux 6	`samba`	Out of support scope
Red Hat Storage 3	`samba`	Not affected

Apply commands

bash fix

Apply RHSA-2023:1090 for Red Hat Enterprise Linux 7

yum update -y samba
# or:
dnf upgrade -y samba

Affected

Vendor	Product	Version
redhat	Red Hat Storage 3	`Not affected`

OS impact

OS	Version	Status	Fixed in
arch		fixed	`4.17.5-1`
rhel	9	fixed
rocky	8	fixed
sles		affected
rocky	9	fixed
debian	bookworm	fixed	`2:4.17.4+dfsg-1`
debian	bullseye	affected
debian	forky	fixed	`2:4.17.4+dfsg-1`
debian	sid	fixed	`2:4.17.4+dfsg-1`
debian	trixie	fixed	`2:4.17.4+dfsg-1`
almalinux	9	fixed	`samba-vfs-iouring-4.16.4-103.el9_1.aarch64.rpm`
almalinux	8	fixed	`samba-common-4.16.4-4.el8_7.noarch.rpm`

References

Community-verified mitigations for this CVE will appear above when contributors publish them.

Verify integrity in audit chain (admin only). AS-IS.