Cov ntawv tshiab ntawm Samba 4.14.4, 4.13.8 thiab 4.12.15 nrog kev kho qhov tsis zoo

Kev kho qhov tso tawm ntawm Samba pob 4.14.4, 4.13.8 thiab 4.12.15 tau npaj los tshem tawm qhov tsis zoo (CVE-2021-20254), uas feem ntau tuaj yeem ua rau muaj kev sib tsoo ntawm cov txheej txheem smbd, tab sis qhov phem tshaj. case scenario qhov muaj peev xwm nkag mus rau cov ntaub ntawv tsis raug cai thiab tshem tawm cov ntaub ntawv ntawm lub network faib los ntawm tus neeg siv tsis muaj cai.

Qhov tsis zoo yog vim muaj qhov yuam kev hauv sids_to_unixids() ua haujlwm uas ua rau cov ntaub ntawv raug nyeem los ntawm thaj chaw sab nraud tsis muaj ciam teb thaum hloov SIDs (Windows Security Identifier) ​​​​GID (Unix Group ID). Qhov teeb meem tshwm sim thaum lub ntsiab tsis zoo ntxiv rau SID rau GID daim ntawv qhia cache. Samba cov neeg tsim khoom tsis tuaj yeem txheeb xyuas cov xwm txheej txhim khu kev qha thiab rov ua dua rau qhov muaj qhov tsis zoo tshwm sim, tab sis tus kws tshawb fawb uas txheeb xyuas qhov tsis zoo ntseeg tias qhov teeb meem tuaj yeem siv los tshem tawm cov ntaub ntawv ntawm cov ntaub ntawv server yam tsis muaj cai ua haujlwm no.

Tau qhov twg los: opennet.ru