CVE-2017-2619 regression breaks symlinks to directories
Bug #1701073 reported by
Dave Kettmann
This bug affects 2 people
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
samba |
Unknown
|
Unknown
|
|||
samba (Ubuntu) |
Fix Released
|
High
|
Andreas Hasenack | ||
Xenial |
Fix Released
|
High
|
Marc Deslauriers | ||
Yakkety |
Fix Released
|
High
|
Marc Deslauriers | ||
Zesty |
Fix Released
|
High
|
Marc Deslauriers |
Bug Description
Found in current version in Xenial (4.3.11+
To reproduce:
1. Install samba and related dependencies
apt install -y samba
2. Add a share at the end of the default file that uses '/' as the path:
[reproducer]
comment = share
browseable = no
writeable = yes
create mode = 0600
directory mode = 0700
path = /
3. Attempt to access a symlink somewhere within the path of the share with a Windows client.
4. Receive "Windows cannot access..." related error
Changed in samba (Ubuntu): | |
importance: | Undecided → High |
tags: | added: xenial |
Changed in samba (Ubuntu Xenial): | |
assignee: | nobody → Andreas Hasenack (ahasenack) |
Changed in samba (Ubuntu Yakkety): | |
assignee: | nobody → Andreas Hasenack (ahasenack) |
Changed in samba (Ubuntu Zesty): | |
assignee: | nobody → Andreas Hasenack (ahasenack) |
Changed in samba (Ubuntu Xenial): | |
status: | New → In Progress |
Changed in samba (Ubuntu Yakkety): | |
status: | New → In Progress |
Changed in samba (Ubuntu Zesty): | |
status: | New → In Progress |
Changed in samba (Ubuntu Xenial): | |
importance: | Undecided → High |
Changed in samba (Ubuntu Yakkety): | |
importance: | Undecided → High |
Changed in samba (Ubuntu Zesty): | |
importance: | Undecided → High |
Changed in samba (Ubuntu): | |
assignee: | Andreas Hasenack (ahasenack) → Marc Deslauriers (mdeslaur) |
Changed in samba (Ubuntu Xenial): | |
assignee: | Andreas Hasenack (ahasenack) → Marc Deslauriers (mdeslaur) |
Changed in samba (Ubuntu Yakkety): | |
assignee: | Andreas Hasenack (ahasenack) → Marc Deslauriers (mdeslaur) |
Changed in samba (Ubuntu Zesty): | |
assignee: | Andreas Hasenack (ahasenack) → Marc Deslauriers (mdeslaur) |
Changed in samba (Ubuntu): | |
assignee: | Andreas Hasenack (ahasenack) → nobody |
status: | In Progress → Confirmed |
Changed in samba (Ubuntu): | |
status: | Confirmed → In Progress |
assignee: | nobody → Andreas Hasenack (ahasenack) |
To post a comment you must log in.
Further investigation shows that these regressions seem to be related to this in the upstream source:
https:/ /github. com/samba- team/samba/ commits/ v4-6-test/ source3/ smbd/dir. c
This is a series of 7 commits related to the above-referenced CVE in this file.