Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 627240 - net-fs/samba: SMBLoris DoS attack on SMB service
Summary: net-fs/samba: SMBLoris DoS attack on SMB service
Status: RESOLVED INVALID
Alias: None
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal minor (vote)
Assignee: Gentoo Security
URL: https://bugzilla.redhat.com/show_bug....
Whiteboard: B3 [upstream]
Keywords:
Depends on:
Blocks:
 
Reported: 2017-08-07 13:15 UTC by Agostino Sarubbo
Modified: 2018-04-19 04:46 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Agostino Sarubbo gentoo-dev 2017-08-07 13:15:46 UTC 
From ${URL} :

Samba is vulnerable to SMBLoris vulnerability affecting SMB service causing userspace OOM on Linux.

Reference:

http://seclists.org/fulldisclosure/2017/Aug/2

Reproducer:

https://gist.github.com/marcan/6a2d14b0e3eaa5de1795a763fb58641e


@maintainer(s): after the bump, in case we need to stabilize the package, please let us know if it is ready for the stabilization or not.
Comment 1 Michael Boyle 2018-04-19 04:46:19 UTC 
This falls under hardening techniques.

Mike Boyle
Gentoo Security Padawan