Wind River Support Network

HomeDefectsLIN8-13049
Fixed

LIN8-13049 : Security Advisory - samba - CVE-2020-14323

Created: Oct 29, 2020    Updated: Nov 29, 2020
Resolved Date: Nov 23, 2020
Found In Version: 8.0.0.1
Fix Version: 8.0.0.34
Severity: Standard
Applicable for: Wind River Linux 8
Component/s: Userspace

Description

winbind in version 3.6 and later implements a request to translate multiple Windows SIDs into names in one request. This was done for performance reasons: The Microsoft RPC call domain controllers offer to do this translation offer this batch operation, so it was an obvious extension to also offer this batch operation on the winbind unix domain stream socket that is available to local processes on the Samba server.

CREATE(Triage):(User=admin) [CVE-2020-14323|https://nvd.nist.gov/vuln/detail/CVE-2020-14323]

CVEs


Live chat
Online