Vulnerability CVE-2017-14746: Information
Description
Use-after-free vulnerability in Samba 4.x before 4.7.3 allows remote attackers to execute arbitrary code via a crafted SMB1 request.
Severity: CRITICAL (9.8) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Fixed packages
Package name | Branch | Fixed in version | Version from repository | Errata ID | Task # | State |
|---|---|---|---|---|---|---|
| samba | sisyphus | 4.6.11-alt1.S1 | 4.19.6-alt1 | ALT-PU-2017-2679-1 | 195034 | Fixed |
| samba | p10 | 4.6.11-alt1.S1 | 4.19.6-alt1 | ALT-PU-2017-2679-1 | 195034 | Fixed |
| samba | p9 | 4.6.11-alt1.S1 | 4.14.10-alt2 | ALT-PU-2017-2679-1 | 195034 | Fixed |
| samba | p8 | 4.6.11-alt1.M80P.1 | 4.9.18-alt1 | ALT-PU-2017-2682-1 | 195036 | Fixed |
| samba | c10f1 | 4.6.11-alt1.S1 | 4.16.11-alt2 | ALT-PU-2017-2679-1 | 195034 | Fixed |
| samba | c9f2 | 4.6.11-alt1.S1 | 4.14.14-alt0.c9.1 | ALT-PU-2017-2679-1 | 195034 | Fixed |
| samba | c7 | 4.6.14-alt1.M70C.1.1 | 4.6.15-alt1.M70C.1 | ALT-PU-2018-1440-1 | 202075 | Fixed |
| samba-DC | p8 | 4.6.11-alt1.M80P.1 | 4.9.18-alt1 | ALT-PU-2017-2683-1 | 195036 | Fixed |
| samba-DC | c7 | 4.6.14-alt1.M70C.1.1 | 4.6.15-alt1.M70C.1 | ALT-PU-2018-1441-1 | 202075 | Fixed |
References to Advisories, Solutions, and Tools
Hyperlink | Resource |
|---|---|
| https://www.samba.org/samba/security/CVE-2017-14746.html |
|
| DSA-4043 |
|
| USN-3486-1 |
|
| 101907 |
|
| 1039856 |
|
| RHSA-2017:3278 |
|
| RHSA-2017:3261 |
|
| RHSA-2017:3260 |
|
| https://www.synology.com/support/security/Synology_SA_17_72_Samba |
|
| https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03817en_us |
|
| GLSA-201805-07 |
|