Samba is prone to a remote denial-of-service vulnerability.
An attacker can exploit this issue to cause the application to cause an infinite loop with high CPU usage and memory consumption, denying service to legitimate users.
Samba prior to 4.4.10 and 4.5.x versions prior to 4.5.6 are vulnerable.
Information
Ubuntu Ubuntu Linux 16.10
Ubuntu Ubuntu Linux 16.04 LTS
Ubuntu Ubuntu Linux 14.04 LTS
Samba Samba 4.5.5
Samba Samba 4.5.4
Samba Samba 4.5.1
Samba Samba 4.5
Samba Samba 4.4.9
Samba Samba 4.4.7
Samba Samba 4.4.6
Samba Samba 4.4.1
Samba Samba 4.4
Samba Samba 4.3.7
Samba Samba 4.3.5
Samba Samba 4.3.4
Samba Samba 4.3.3
Samba Samba 4.3.2
Samba Samba 4.3.1
Samba Samba 4.3
Samba Samba 4.2.10
Samba Samba 4.2.8
Samba Samba 4.2.7
Samba Samba 4.2.6
Samba Samba 4.2.5
Samba Samba 4.2.4
Samba Samba 4.2.3
Samba Samba 4.2.2
Samba Samba 4.2.1
Samba Samba 4.2
Samba Samba 4.1.22
Samba Samba 4.1.21
Samba Samba 4.1.20
Samba Samba 4.1.19
Samba Samba 4.1.18
Samba Samba 4.1.17
Samba Samba 4.1.16
Samba Samba 4.1.15
Samba Samba 4.1.14
Samba Samba 4.1.13
Samba Samba 4.1.10
Samba Samba 4.1.9
Samba Samba 4.1.7
Samba Samba 4.1.3
Samba Samba 4.1.2
Samba Samba 4.1.1
Samba Samba 4.1
Samba Samba 4.0.24
Samba Samba 4.0.23
Samba Samba 4.0.21
Samba Samba 4.0.20
Samba Samba 4.0.19
Samba Samba 4.0.18
Samba Samba 4.0.17
Samba Samba 4.0.13
Samba Samba 4.0.12
Samba Samba 4.0.10
Samba Samba 4.0.2
Samba Samba 3.6.24
Samba Samba 3.6.23
Samba Samba 3.6.22
Samba Samba 3.6.21
Samba Samba 3.6.20
Samba Samba 3.6.19
Samba Samba 3.6.12
Samba Samba 3.6.4
Samba Samba 3.6.3
Samba Samba 3.6.2
Samba Samba 3.6.1
Samba Samba 3.6
Samba Samba 3.5.22
Samba Samba 3.5.21
Samba Samba 3.5.16
Samba Samba 3.5.13
Samba Samba 3.5.9
Samba Samba 3.5.8
Samba Samba 3.5.2
Samba Samba 3.5.1
Samba Samba 3.5
Samba Samba 3.4.15
Samba Samba 3.4.14
Samba Samba 3.4.13
Samba Samba 3.4.12
Samba Samba 3.4.11
Samba Samba 3.4.10
Samba Samba 3.4.8
Samba Samba 3.4.7
Samba Samba 3.4.6
Samba Samba 3.4.5
Samba Samba 3.4.2
Samba Samba 3.4.1
Samba Samba 3.4
Samba Samba 3.3.16
Samba Samba 3.3.15
Samba Samba 3.3.14
Samba Samba 3.3.13
Samba Samba 3.3.12
Samba Samba 3.3.11
Samba Samba 3.3.10
Samba Samba 3.3.9
Samba Samba 3.3.8
Samba Samba 3.3.7
Samba Samba 3.3.6
Samba Samba 3.3.5
Samba Samba 3.3.4
Samba Samba 3.3.3
Samba Samba 3.3.1
Samba Samba 3.3
Samba Samba 3.2.15
Samba Samba 3.2.14
Samba Samba 3.2.13
Samba Samba 3.2.12
Samba Samba 3.2.11
Samba Samba 3.2.10
Samba Samba 3.2.7
Samba Samba 3.2.6
Samba Samba 3.2.5
Samba Samba 3.2.4
Samba Samba 3.2.3
Samba Samba 3.2.2
Samba Samba 3.2.1
Samba Samba 3.2
Samba Samba 3.0.37
Samba Samba 3.0.36
Samba Samba 3.0.35
Samba Samba 3.0.34
Samba Samba 3.0.33
Samba Samba 3.0.32
Samba Samba 3.0.31
Samba Samba 3.0.30
Samba Samba 3.0.29
Samba Samba 3.0.28
Samba Samba 3.0.27
Samba Samba 3.0.26
Samba Samba 3.0.25
Samba Samba 3.0.24
Samba Samba 3.0.23
Samba Samba 3.0.22
Samba Samba 3.0.21
Samba Samba 3.0.20
Samba Samba 3.0.19
Samba Samba 3.0.18
Samba Samba 3.0.17
Samba Samba 3.0.16
Samba Samba 3.0.15
Samba Samba 3.0.14
Samba Samba 3.0.13
Samba Samba 3.0.12
Samba Samba 3.0.11
Samba Samba 3.0.10
Samba Samba 3.0.9
Samba Samba 3.0.8
Samba Samba 3.0.7
Samba Samba 3.0.6
Samba Samba 3.0.5
Samba Samba 3.0.4
Samba Samba 3.0.3
Samba Samba 3.0.2
Samba Samba 3.0.1
Samba Samba 3.0
Samba Samba 2.18.3
Samba Samba 2.2.12
Samba Samba 2.2.11
Samba Samba 2.2.10
Samba Samba 2.2.9
Samba Samba 2.2.8
Samba Samba 2.2.7
Samba Samba 2.2.6
Samba Samba 2.2.5
Samba Samba 2.2.4
Samba Samba 2.2.3
Samba Samba 2.2.2
Samba Samba 2.2 .0
Samba Samba 2.0.10
Samba Samba 2.0.9
Samba Samba 2.0.8
Samba Samba 2.0.7
Samba Samba 2.0.6
Samba Samba 2.0.5
Samba Samba 2.0.4
Samba Samba 2.0.3
Samba Samba 2.0.2
Samba Samba 2.0.1
Samba Samba 2.0 .0
Samba Samba 1.9.19
Samba Samba 1.9.18
Samba Samba 1.9.17
Samba Samba 4.5.3
Samba Samba 4.5.2
Samba Samba 4.4.8
Samba Samba 4.4.5
Samba Samba 4.4.4
Samba Samba 4.4.3
Samba Samba 4.4.2
Samba Samba 4.3.9
Samba Samba 4.3.8
Samba Samba 4.3.6
Samba Samba 4.3.13
Samba Samba 4.3.11
Samba Samba 4.3.10
Samba Samba 4.2rc4
Samba Samba 4.2.9
Samba Samba 4.2.14
Samba Samba 4.2.13
Samba Samba 4.2.12
Samba Samba 4.2.11
Samba Samba 4.1.8
Samba Samba 4.1.6
Samba Samba 4.1.5
Samba Samba 4.1.4
Samba Samba 4.1.23
Samba Samba 4.1.12
Samba Samba 4.1.11
Samba Samba 4.0.9
Samba Samba 4.0.8
Samba Samba 4.0.7
Samba Samba 4.0.6
Samba Samba 4.0.5
Samba Samba 4.0.4
Samba Samba 4.0.3
Samba Samba 4.0.22
Samba Samba 4.0.16
Samba Samba 4.0.15
Samba Samba 4.0.14
Samba Samba 4.0.11
Samba Samba 4.0.1
Samba Samba 4.0.0
Samba Samba 3.6.9
Samba Samba 3.6.8
Samba Samba 3.6.7
Samba Samba 3.6.6
Samba Samba 3.6.5
Samba Samba 3.6.18
Samba Samba 3.6.17
Samba Samba 3.6.16
Samba Samba 3.6.15
Samba Samba 3.6.14
Samba Samba 3.6.13
Samba Samba 3.6.11
Samba Samba 3.6.10
Samba Samba 3.5.7
Samba Samba 3.5.6
Samba Samba 3.5.5
Samba Samba 3.5.4
Samba Samba 3.5.3
Samba Samba 3.5.20
Samba Samba 3.5.19
Samba Samba 3.5.18
Samba Samba 3.5.17
Samba Samba 3.5.15
Samba Samba 3.5.14
Samba Samba 3.5.12
Samba Samba 3.5.11
Samba Samba 3.5.10
Samba Samba 3.5
Samba Samba 3.4.9
Samba Samba 3.4.4
Samba Samba 3.4.3
Samba Samba 3.4.17
Samba Samba 3.4.16
Samba Samba 3.3.2
Samba Samba 3.2.9
Samba Samba 3.2.8
Samba Samba 3.1.0
Samba Samba 3.1
Samba Samba 2.2A
Samba Samba 2.2.1
Samba Samba 2.2 A
Redhat Gluster Storage 3.0
Redhat Enterprise Linux 7
Redhat Enterprise Linux 6
IBM SONAS 1.5.2.7
IBM SONAS 1.5.2.5
IBM SONAS 1.5.2.4
IBM SONAS 1.5.2.3
IBM SONAS 1.5.2.2
IBM SONAS 1.5.2.1
IBM SONAS 1.5.2.0
IBM SONAS 1.5.1.3
IBM SONAS 1.5.1.0
IBM SONAS 1.5.0.2
IBM SONAS 1.5.0.1
IBM SONAS 1.5.0.0
Samba Samba 4.4.10
IBM SONAS 1.5.2.8
Exploit
The researcher who discovered this issue has created a proof-of-concept. Please see the references for more information.
References:
- Samba Homepage (Samba)
- Bug 12572 fd_open_atomic() can loop indefinitely when trying to open an invalid (Samba)
- Bug 1459464 - samba: fd_open_atomic infinite loop due to wrong handling of dangl (Redhat)
- CVE-2017-9461 (Redhat)
- Security Bulletin: Security Bulletin: Samba vulnerability affects IBM SONAS (CVE (IBM)
- USN-3348-1: Samba vulnerability (Ubuntu)