NEWS[4.17.0rc4]: Samba 4.17.0rc4 Available for Download

[samba-web.git] / security / CVE-2017-15275.html

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
    "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head>
<title>Samba - Security Announcement Archive</title>
</head>

<body>

   <H2>CVE-2017-15275.html:</H2>

<p>
<pre>
====================================================================
== Subject:     Server heap memory information leak.
==
== CVE ID#:     CVE-2017-15275
==
== Versions:    All versions of Samba from 3.6.0 onwards.
==
== Summary:     The server may return the contents of heap
==              allocated memory to the client.
==
====================================================================

===========
Description
===========

All versions of Samba from 3.6.0 onwards are vulnerable to a heap
memory information leak, where server allocated heap memory may be
returned to the client without being cleared.

There is no known vulnerability associated with this error, but
uncleared heap memory may contain previously used data that may help
an attacker compromise the server via other methods. Uncleared heap
memory may potentially contain password hashes or other high-value
data.

==================
Patch Availability
==================

A patch addressing this defect has been posted to

  http://www.samba.org/samba/security/

Additionally, Samba 4.7.3, 4.6.11 and 4.5.15 have been issued as
security releases to correct the defect. Patches against older Samba
versions are available at http://samba.org/samba/patches/. Samba
vendors and administrators running affected versions are advised to
upgrade or apply the patch as soon as possible.

==========
Workaround
==========

None.

=======
Credits
=======

This problem was found by Volker Lendecke of SerNet and the Samba
Team. Jeremy Allison of Google and the Samba Team provided the fix.
</pre>
</body>
</html>