Access denied if the share path is "/"
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
samba |
Unknown
|
Unknown
|
|||
samba (Debian) |
Fix Released
|
Unknown
|
|||
samba (Ubuntu) |
Fix Released
|
Medium
|
Marc Deslauriers | ||
Precise |
Fix Released
|
Medium
|
Marc Deslauriers | ||
Trusty |
Fix Released
|
Medium
|
Marc Deslauriers | ||
Wily |
Fix Released
|
Medium
|
Marc Deslauriers |
Bug Description
[Impact]
* User is denied access when trying to access a share "/"
[Test Case]
* Setup a Samba server
* Add a share with path "/"
* Try to access the share
[Regression Potential]
* This has been introduced upstream by security patch CVE-2015-5252.
* It has been already fixed upstream.
* This is just a backport of the fix.
[Other Info]
* Original bug description:
The fix for bug #11395 / CVE-2015-5252
https:/
locked down the path checks in check_reduced_
The new checks do not correctly treat a corner case though: the case of the share path being "/". (Important e.g. for using the glusterfs VFS module.)
In this case all operations after tree connect get ACCESS_DENIED.
CVE References
tags: | added: sts |
Changed in samba (Ubuntu Precise): | |
status: | New → Confirmed |
Changed in samba (Ubuntu Trusty): | |
status: | New → Confirmed |
Changed in samba (Ubuntu Wily): | |
status: | New → Confirmed |
Changed in samba (Ubuntu): | |
status: | New → Confirmed |
importance: | Undecided → Medium |
Changed in samba (Ubuntu Precise): | |
importance: | Undecided → Medium |
Changed in samba (Ubuntu Trusty): | |
importance: | Undecided → Medium |
Changed in samba (Ubuntu Wily): | |
importance: | Undecided → Medium |
Changed in samba (Ubuntu): | |
assignee: | nobody → Marc Deslauriers (mdeslaur) |
Changed in samba (Ubuntu Precise): | |
assignee: | nobody → Marc Deslauriers (mdeslaur) |
Changed in samba (Ubuntu Trusty): | |
assignee: | nobody → Marc Deslauriers (mdeslaur) |
Changed in samba (Ubuntu Wily): | |
assignee: | nobody → Marc Deslauriers (mdeslaur) |
Changed in samba (Debian): | |
status: | Unknown → New |
Changed in samba (Debian): | |
status: | New → Confirmed |
Changed in samba (Debian): | |
status: | Confirmed → Fix Released |
Debdiff for Xenial.