Unrated severityNVD Advisory· Published Mar 2, 2022· Updated Aug 3, 2024
CVE-2021-23192
CVE-2021-23192
Description
A flaw was found in the way samba implemented DCE/RPC. If a client to a Samba server sent a very large DCE/RPC request, and chose to fragment it, an attacker could replace later fragments with their own data, bypassing the signature requirements.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
24(expand)+ 1 more
- (no CPE)
- (no CPE)
- osv-coords22 versionspkg:rpm/almalinux/libsmbclient-develpkg:rpm/almalinux/libwbclient-develpkg:rpm/almalinux/samba-develpkg:rpm/almalinux/samba-vfs-iouringpkg:rpm/opensuse/ldb&distro=openSUSE%20Leap%2015.3pkg:rpm/opensuse/samba&distro=openSUSE%20Leap%2015.2pkg:rpm/opensuse/samba&distro=openSUSE%20Leap%2015.3pkg:rpm/opensuse/samba&distro=openSUSE%20Tumbleweedpkg:rpm/suse/ldb&distro=SUSE%20Enterprise%20Storage%207pkg:rpm/suse/ldb&distro=SUSE%20Linux%20Enterprise%20Micro%205.1pkg:rpm/suse/ldb&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP3pkg:rpm/suse/samba&distro=SUSE%20Enterprise%20Storage%207pkg:rpm/suse/samba&distro=SUSE%20Linux%20Enterprise%20High%20Availability%20Extension%2012%20SP5pkg:rpm/suse/samba&distro=SUSE%20Linux%20Enterprise%20High%20Availability%20Extension%2015%20SP2pkg:rpm/suse/samba&distro=SUSE%20Linux%20Enterprise%20High%20Availability%20Extension%2015%20SP3pkg:rpm/suse/samba&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP2pkg:rpm/suse/samba&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP3pkg:rpm/suse/samba&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Python%202%2015%20SP2pkg:rpm/suse/samba&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Python%202%2015%20SP3pkg:rpm/suse/samba&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5pkg:rpm/suse/samba&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5pkg:rpm/suse/samba&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP5
< 4.14.5-7.el8_5+ 21 more
- (no CPE)range: < 4.14.5-7.el8_5
- (no CPE)range: < 4.14.5-7.el8_5
- (no CPE)range: < 4.14.5-7.el8_5
- (no CPE)range: < 4.14.5-7.el8_5
- (no CPE)range: < 2.2.2-3.3.1
- (no CPE)range: < 4.11.14+git.308.666c63d4eea-lp152.3.28.1
- (no CPE)range: < 4.13.13+git.528.140935f8d6a-3.12.1
- (no CPE)range: < 4.15.2+git.193.a4d6307f1fd-1.1
- (no CPE)range: < 2.2.2-4.6.1
- (no CPE)range: < 2.2.2-3.3.1
- (no CPE)range: < 2.2.2-3.3.1
- (no CPE)range: < 4.13.13+git.545.5897c2d94f3-3.12.1
- (no CPE)range: < 4.10.18+git.339.c912385a5e1-3.41.1
- (no CPE)range: < 4.11.14+git.308.666c63d4eea-4.28.1
- (no CPE)range: < 4.13.13+git.528.140935f8d6a-3.12.1
- (no CPE)range: < 4.11.14+git.308.666c63d4eea-4.28.1
- (no CPE)range: < 4.13.13+git.528.140935f8d6a-3.12.1
- (no CPE)range: < 4.11.14+git.308.666c63d4eea-4.28.1
- (no CPE)range: < 4.13.13+git.528.140935f8d6a-3.12.1
- (no CPE)range: < 4.10.18+git.339.c912385a5e1-3.41.1
- (no CPE)range: < 4.10.18+git.339.c912385a5e1-3.41.1
- (no CPE)range: < 4.10.18+git.339.c912385a5e1-3.41.1
Patches
Vulnerability mechanics
References
4News mentions
0No linked articles in our index yet.