CVE-2023-42669

Publication date 10 October 2023

Last updated 24 July 2024


Ubuntu priority

Cvss 3 Severity Score

6.5 · Medium

Score breakdown

A vulnerability was found in Samba's "rpcecho" development server, a non-Windows RPC server used to test Samba's DCE/RPC stack elements. This vulnerability stems from an RPC function that can be blocked indefinitely. The issue arises because the "rpcecho" service operates with only one worker in the main RPC task, allowing calls to the "rpcecho" server to be blocked for a specified time, causing service disruptions. This disruption is triggered by a "sleep()" call in the "dcesrv_echo_TestSleep()" function under specific conditions. Authenticated users or attackers can exploit this vulnerability to make calls to the "rpcecho" server, requesting it to block for a specified duration, effectively disrupting most services and leading to a complete denial of service on the AD DC. The DoS affects all other services as "rpcecho" runs in the main RPC task.

Status

Package Ubuntu Release Status
samba 24.10 oracular
Fixed 2:4.18.6+dfsg-1ubuntu2.1
24.04 LTS noble
Fixed 2:4.18.6+dfsg-1ubuntu2.1
23.10 mantic
Fixed 2:4.18.6+dfsg-1ubuntu2.1
23.04 lunar
Fixed 2:4.17.7+dfsg-1ubuntu2.3
22.04 LTS jammy
Fixed 2:4.15.13+dfsg-0ubuntu1.5
20.04 LTS focal
Fixed 2:4.15.13+dfsg-0ubuntu0.20.04.6
18.04 LTS bionic
Needs evaluation
16.04 LTS xenial
Needs evaluation
14.04 LTS trusty Ignored end of ESM support, was needs-triage

Severity score breakdown

Parameter Value
Base score 6.5 · Medium
Attack vector Network
Attack complexity Low
Privileges required Low
User interaction None
Scope Unchanged
Confidentiality None
Integrity impact None
Availability impact High
Vector CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

References

Related Ubuntu Security Notices (USN)

Other references