Showing 1 - 3 of 3

CVE-2023-34967

Status Candidate

Overview

A Type Confusion vulnerability was found in Samba's mdssvc RPC service for Spotlight. When parsing Spotlight mdssvc RPC packets, one encoded data structure is a key-value style dictionary where the keys are character strings, and the values can be any of the supported types in the mdssvc protocol. Due to a lack of type checking in callers of the dalloc_value_for_key() function, which returns the object associated with a key, a caller may trigger a crash in talloc_get_size() when talloc detects that the passed-in pointer is not a valid talloc pointer. With an RPC worker process shared among multiple client connections, a malicious client or attacker can trigger a process crash in a shared RPC mdssvc worker process, affecting all other clients this worker serves.

Related Files

Debian Security Advisory 5647-1: Posted Mar 25, 2024; Authored by Debian | Site debian.org; Debian Linux Security Advisory 5647-1 - Several vulnerabilities have been discovered in Samba, a SMB/CIFS file, print, and login server for Unix, which might result in denial of service or information disclosure.; tags | advisory, denial of service, vulnerability, info disclosure; systems | linux, unix, debian; advisories | CVE-2022-2127, CVE-2022-3437, CVE-2023-34966, CVE-2023-34967, CVE-2023-34968, CVE-2023-4091; SHA-256 | 1bf3eff1b405cc8734e78a924bf59118ea64667832f1c6ee614a890520f6a767; Download | Favorite | View

Gentoo Linux Security Advisory 202402-28: Posted Feb 19, 2024; Authored by Gentoo | Site security.gentoo.org; Gentoo Linux Security Advisory 202402-28 - Multiple vulnerabilities have been discovered in Samba, the worst of which can lead to remote code execution. Versions greater than or equal to 4.18.9 are affected.; tags | advisory, remote, vulnerability, code execution; systems | linux, gentoo; advisories | CVE-2018-14628, CVE-2022-2127, CVE-2023-3347, CVE-2023-34966, CVE-2023-34967, CVE-2023-34968, CVE-2023-3961, CVE-2023-4091, CVE-2023-4154, CVE-2023-42669, CVE-2023-42670; SHA-256 | c1b77ea663583d7b2f9d45426761c56ddbb0b4ac671059fc79dbe605a5da5b12; Download | Favorite | View

Debian Security Advisory 5477-1: Posted Aug 15, 2023; Authored by Debian | Site debian.org; Debian Linux Security Advisory 5477-1 - Several vulnerabilities have been discovered in Samba, which could result in information disclosure, denial of service or insufficient enforcement of security-relevant config directives.; tags | advisory, denial of service, vulnerability, info disclosure; systems | linux, debian; advisories | CVE-2022-2127, CVE-2023-3347, CVE-2023-34966, CVE-2023-34967, CVE-2023-34968; SHA-256 | af91853d8e5f0024764f5543a8b80895c57747aa8c34de789911957203c66602; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 269 files
Ubuntu 58 files
Gentoo 32 files
Debian 28 files
Apple 9 files
malvuln 6 files
Adam Gowdiak 4 files
Ahmet Umit Bayram 4 files
nu11secur1ty 4 files
gabe_k 3 files

File Archives

Systems

AIX (429)
Apple (2,087)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,042)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,499)
HPUX (880)
iOS (375)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (49,619)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (488)
RedHat (15,770)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,499)
UNIX (9,401)
UnixWare (187)
Windows (6,659)
Other

CVE-2023-34967

Overview

Related Files

File Archive:

May 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems