Vulnerability CVE-2021-3670: Information

Description

MaxQueryDuration not honoured in Samba AD DC LDAP

Severity: MEDIUM (6.5) Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

URL: https://nvd.nist.gov/vuln/detail/CVE-2021-3670

Published: Aug. 23, 2022

Modified: Sept. 17, 2023

Fixed packages

Package name	Branch	Fixed in version	Version from repository	Errata ID	Task #	State
libldb	sisyphus	2.3.2-alt2	2.9.0-alt1	ALT-PU-2022-1003-1	291871	Fixed
libldb	sisyphus_e2k	2.3.2-alt2	2.9.0-alt1	ALT-PU-2022-3559-1	-	Fixed
libldb	sisyphus_riscv64	2.3.2-alt2	2.9.0-alt1	ALT-PU-2022-3513-1	-	Fixed
libldb	p10	2.3.2-alt2	2.8.0-alt1	ALT-PU-2022-1477-1	293575	Fixed
libldb	p10_e2k	2.3.2-alt2	2.8.0-alt1	ALT-PU-2022-4327-1	-	Fixed
libldb	c10f1	2.3.2-alt2	2.5.3-alt1	ALT-PU-2022-1477-1	293575	Fixed
libldb	c9f2	2.3.4-alt0.c9.1	2.3.4-alt0.c9.1	ALT-PU-2023-1615-1	316738	Fixed
libldb	p11	2.3.2-alt2	2.9.0-alt1	ALT-PU-2022-1003-1	291871	Fixed
samba	sisyphus	4.14.11-alt1	4.20.1-alt2	ALT-PU-2022-1004-1	291871	Fixed
samba	sisyphus_e2k	4.14.11-alt1	4.20.1-alt1	ALT-PU-2022-3560-1	-	Fixed
samba	sisyphus_riscv64	4.14.11-alt1	4.20.1-alt2	ALT-PU-2022-3514-1	-	Fixed
samba	p10	4.14.12-alt2	4.19.6-alt2	ALT-PU-2022-1478-1	293575	Fixed
samba	p10_e2k	4.14.12-alt2	4.19.6-alt2	ALT-PU-2022-4329-1	-	Fixed
samba	c10f1	4.14.12-alt2	4.16.11-alt2	ALT-PU-2022-1478-1	293575	Fixed
samba	c9f2	4.14.14-alt0.c9.1	4.14.14-alt0.c9.1	ALT-PU-2023-1616-1	316738	Fixed
samba	p11	4.14.11-alt1	4.20.1-alt1	ALT-PU-2022-1004-1	291871	Fixed

References to Advisories, Solutions, and Tools

Hyperlink	Resource
https://bugzilla.samba.org/show_bug.cgi?id=14694	Issue Tracking Patch Vendor Advisory
https://gitlab.com/samba-team/samba/-/commit/e1ab0c43629686d1d2c0b0b2bcdc90057a792049	Patch Third Party Advisory
https://gitlab.com/samba-team/samba/-/commit/5f0590362c5c0c5ee20503a67467f9be2d50e73b	Patch Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=2077533	Issue Tracking Patch Third Party Advisory
https://gitlab.com/samba-team/samba/-/commit/86fe9d48883f87c928bf31ccbd275db420386803	Patch Third Party Advisory
https://gitlab.com/samba-team/samba/-/commit/3507e96b3dcf0c0b8eff7b2c08ffccaf0812a393	Patch Third Party Advisory
https://gitlab.com/samba-team/samba/-/commit/1d5b155619bc532c46932965b215bd73a920e56f	Patch Third Party Advisory
https://gitlab.com/samba-team/samba/-/commit/2b3af3b560c9617a233c131376c870fce146c002	Patch Third Party Advisory
https://gitlab.com/samba-team/samba/-/commit/dcfcafdbf756e12d9077ad7920eea25478c29f81	Patch Third Party Advisory
https://security.gentoo.org/glsa/202309-06

Affected configurations:
1. Configuration 1
  cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:*
  Start including
  4.1.0
  
  Configuration 2
  cpe:2.3:a:redhat:storage:3.0:*:*:*:*:*:*:*
  cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*

VKontakte|Telegram|YouTube|Forum|GitHub|Bugzilla

Version: v24.5.3