Amazon Linux 1 Security Advisory: ALAS-2021-1469
Advisory Release Date: 2021-01-12 22:51 Pacific
Advisory Updated Date: 2021-01-13 18:21 Pacific
FAQs regarding Amazon Linux ALAS/CVE Severity
A flaw was found in the way samba handled file and directory permissions. An authenticated user could use this flaw to gain access to certain file and directory information which otherwise would be unavailable to the attacker. (CVE-2020-14318)
A null pointer dereference flaw was found in Samba's winbind service. This flaw allows a local user to crash the winbind service, causing a denial of service. The highest threat from this vulnerability is to system availability. (CVE-2020-14323)
A flaw was found in the Microsoft Windows Netlogon Remote Protocol (MS-NRPC), where it reuses a known, static, zero-value initialization vector (IV) in AES-CFB8 mode. This flaw allows an unauthenticated attacker to impersonate a domain-joined computer, including a domain controller, and possibly obtain domain administrator
privileges. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. (CVE-2020-1472)
Affected Packages:
samba
Issue Correction:
Run yum update samba to update your system.
i686:
samba-client-4.10.16-9.56.amzn1.i686
samba-libs-4.10.16-9.56.amzn1.i686
samba-common-libs-4.10.16-9.56.amzn1.i686
ctdb-4.10.16-9.56.amzn1.i686
libwbclient-4.10.16-9.56.amzn1.i686
samba-client-libs-4.10.16-9.56.amzn1.i686
samba-debuginfo-4.10.16-9.56.amzn1.i686
libsmbclient-devel-4.10.16-9.56.amzn1.i686
samba-winbind-modules-4.10.16-9.56.amzn1.i686
samba-python-test-4.10.16-9.56.amzn1.i686
samba-krb5-printing-4.10.16-9.56.amzn1.i686
samba-devel-4.10.16-9.56.amzn1.i686
libsmbclient-4.10.16-9.56.amzn1.i686
samba-python-4.10.16-9.56.amzn1.i686
samba-4.10.16-9.56.amzn1.i686
samba-winbind-4.10.16-9.56.amzn1.i686
samba-test-libs-4.10.16-9.56.amzn1.i686
samba-common-tools-4.10.16-9.56.amzn1.i686
libwbclient-devel-4.10.16-9.56.amzn1.i686
samba-winbind-clients-4.10.16-9.56.amzn1.i686
ctdb-tests-4.10.16-9.56.amzn1.i686
samba-winbind-krb5-locator-4.10.16-9.56.amzn1.i686
samba-test-4.10.16-9.56.amzn1.i686
noarch:
samba-pidl-4.10.16-9.56.amzn1.noarch
samba-common-4.10.16-9.56.amzn1.noarch
src:
samba-4.10.16-9.56.amzn1.src
x86_64:
samba-winbind-modules-4.10.16-9.56.amzn1.x86_64
libwbclient-devel-4.10.16-9.56.amzn1.x86_64
samba-4.10.16-9.56.amzn1.x86_64
samba-client-4.10.16-9.56.amzn1.x86_64
samba-common-tools-4.10.16-9.56.amzn1.x86_64
samba-client-libs-4.10.16-9.56.amzn1.x86_64
libwbclient-4.10.16-9.56.amzn1.x86_64
samba-test-4.10.16-9.56.amzn1.x86_64
samba-python-4.10.16-9.56.amzn1.x86_64
ctdb-4.10.16-9.56.amzn1.x86_64
samba-winbind-clients-4.10.16-9.56.amzn1.x86_64
samba-devel-4.10.16-9.56.amzn1.x86_64
libsmbclient-4.10.16-9.56.amzn1.x86_64
samba-krb5-printing-4.10.16-9.56.amzn1.x86_64
samba-libs-4.10.16-9.56.amzn1.x86_64
samba-winbind-4.10.16-9.56.amzn1.x86_64
samba-test-libs-4.10.16-9.56.amzn1.x86_64
samba-winbind-krb5-locator-4.10.16-9.56.amzn1.x86_64
libsmbclient-devel-4.10.16-9.56.amzn1.x86_64
samba-python-test-4.10.16-9.56.amzn1.x86_64
samba-debuginfo-4.10.16-9.56.amzn1.x86_64
samba-common-libs-4.10.16-9.56.amzn1.x86_64
ctdb-tests-4.10.16-9.56.amzn1.x86_64