Ua hoʻokuʻu ʻia nā ʻāpana Samba 4.17.2, 4.16.6, a me 4.15.11, e hoʻoponopono ana i ʻelua mau nāwaliwali. Hiki iā ʻoe ke hahai i ka hoʻokuʻu ʻia ʻana o nā mea hou o ka pūʻolo ma kēia mau hoʻolaha ma nā ʻaoʻao aʻe: Debian, Ubuntunā polokalamu like ʻole: Gentoo, RHEL, SUSE, Arch, FreeBSD.
- CVE-2022-3437 — He buffer overflow i loko o nā hana unwrap_des() a me unwrap_des3() i hāʻawi ʻia ma ka waihona puke GSSAPI mai ka pūʻolo Heimdal (i hoʻokomo ʻia me Samba mai ka mana 4.0). Hiki ke hoʻohana ʻia ka nāwaliwali ma ka hoʻouna ʻana i kahi pūʻolo i hana kūikawā ʻia i nā ʻōnaehana e hoʻohana ana iā GSSAPI. No ka laʻana, hōʻike ʻia ka pilikia ma nā hoʻokō ʻana o ka ʻōnaehana mea kūʻai aku a me ka faila. kikowaena pūnaewele Ma muli o ke kaʻina hana SMB1, me ka hoʻohana ʻana iā DCE/RPC a ma kahi mea hoʻokele kikowaena Active Directory. ʻAʻole i hoʻopilikia ʻia nā ʻōnaehana i kūkulu ʻia me MIT Kerberos (—me-ka ʻōnaehana-mitkrb5) ma kahi o Heimdal e kēia pilikia.
- CVE-2022-3592 - Ka hiki ke hoʻonui i nā palena o ka papa kuhikuhi i lawe ʻia aku a me ke komo ʻana i kekahi faila ma kikowaena Ma o ka hoʻopunipuni ʻana i nā loulou hōʻailona. He kikoʻī kēia pilikia iā Samba 4.17 a ua hana ʻia e kahi hewa i loko o ke code hou no ka lawelawe ʻana i nā loulou hōʻailona ma ka wahi mea hoʻohana (ʻaʻohe nānā o ke code e hōʻoia i ka loaʻa ʻana o ka papa kuhikuhi pahuhopu o ka loulou ma waho o ka papa kuhikuhi i lawe ʻia aku). Hiki ke hoʻohana ʻia ka nāwaliwali e kahi mea kūʻai aku me ke komo kākau i ka ʻāpana i lawe ʻia aku, i hāʻawi ʻia ma o nā protocol SMB1 a i ʻole NFS, e ʻae ana i ka hana ʻana o nā loulou hōʻailona.
Source: opennet.ru
