Samba
released security updates patching three issues CVE-2019-14902, CVE-2019-14907,
and CVE-2019-19344.
The medium-rated
CVE-2019-14902 fixes a problem where a newly delegated right, but more
importantly the removal of a previously delegated right, would not be inherited
on any domain controller other than the one where the change was made. This
means if a user had been delegated the right to make alterations to a subtree,
such as changing passwords, and that right was then rescinded, that move would
not automatically be taken away on all domain controllers.
The patch
fixes this issue, but Samba noted, “it
is vital that a full-sync be done TO each Domain Controller to ensure each ACL
(ntSecurityDescriptor) is re-calculated on the whole set of DCs.”
CVE-2019-14907,
medium rated, can allow a crash after failed character conversion at log level
three or higher affecting Samba 4.0 and later. In the Samba Active Directory
Domain Controller this may cause a long-lived process to terminate.
The final
issue, CVE-2019-19344,
covers a use after free issue during DNS zone scavenging in Samba Active
Directory Domain Controller in versions 4.9 and later. When Samba 4.9 was
rolled out it contained an off by default feature to tombstone dynamically
created DNS records that had reached their expiration point. There is a
use-after-free issue in this code that if the proper conditions exist save that
read memory into the database.
Patches for
all three issues have been posted.
Gloss