From ${URL} : Description A vulnerability has been reported in Samba, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an unspecified error when handling malformed packets and can be exploited to exhaust memory resources by sending a specially crafted packet. Successful exploitation requires a connection to a file share. The vulnerability is reported in versions 3.0.x through 4.0.7. Solution: Update to version 3.5.22, 3.6.17, or 4.0.8. Provided and/or discovered by: The vendor credits Jeremy Allison, Google. Original Advisory: http://www.samba.org/samba/security/CVE-2013-4124 @maintainer(s): after the bump, in case we need to stabilize the package, please say explicitly if it is ready for the stabilization or not.
We have a public exploit now: http://www.1337day.com/exploit/21146
CVE-2013-4124 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-4124): Integer overflow in the read_nttrans_ea_list function in nttrans.c in smbd in Samba 3.x before 3.5.22, 3.6.x before 3.6.17, and 4.x before 4.0.8 allows remote attackers to cause a denial of service (memory consumption) via a malformed packet.
Ebuilds are in tree @samba: please tell us explicitly if they are ready for stabilization
Maintainer timeout. Arches, please test and stabilize: =net-fs/samba-3.5.22 Target arches: alpha amd64 arm hppa ia64 ppc ppc64 sparc x86 =net-fs/samba-3.6.19 Target arches: alpha amd64 arm hppa ia64 ppc ppc64 sparc x86 (4.0.8 ~ and masked, so we don't need to do anything there)
amd64 stable
x86 stable
Stable for HPPA.
arm stable
ppc stable
alpha stable
ia64 stable
ppc64 stable
sparc stable
Maintainers, please clean up vulnerable versions of: net-fs/samba Thank you.
Ping! Maintainer(s), please drop the vulnerable version. 3.5.21 still in tree (only one left from this vulnerability)
Maintainer(s), Thank you for cleanup! Added to an existing GLSA request.
This issue was resolved and addressed in GLSA 201502-15 at http://security.gentoo.org/glsa/glsa-201502-15.xml by GLSA coordinator Kristian Fiskerstrand (K_F).