QwikSec

Security Database

CVE

CWE

Training

CVE-2021-20254

Published: May 5, 2021

Modified: Aug 3, 2024

PUBLISHED

Description

A flaw was found in samba. The Samba smbd file server must map Windows group identities (SIDs) into unix group ids (gids). The code that performs this had a flaw that could allow it to read data beyond the end of the array in the case where a negative cache entry had been added to the mapping cache. This could cause the calling code to return those values into the process token that stores the group membership for a user. The highest threat from this vulnerability is to data confidentiality and integrity.

Vendor	Product	Versions
n/a	samba	affected `samba 4.14.1, samba 4.13.6, samba 4.12.13`

Weaknesses (CWE)

References

https://bugzilla.redhat.com/show_bug.cgi?id=1949442

x_refsource_MISC

https://www.samba.org/samba/security/CVE-2021-20254.html

x_refsource_MISC

https://security.netapp.com/advisory/ntap-20210430-0001/

x_refsource_MISC

FEDORA-2021-1d0807008b

vendor-advisory

x_refsource_FEDORA

FEDORA-2021-7026246ea9

vendor-advisory

x_refsource_FEDORA

vendor-advisory

x_refsource_GENTOO

[debian-lts-announce] 20210529 [SECURITY] [DLA 2668-1] samba security update

mailing-list

x_refsource_MLIST

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.