CVE-2021-20254

A flaw was found in samba. The Samba smbd file server must map Windows group identities (SIDs) into unix group ids (gids). The code that performs this had a flaw that could allow it to read data beyond the end of the array in the case where a negative cache entry had been added to the mapping cache. This could cause the calling code to return those values into the process token that stores the group membership for a user. The highest threat from this vulnerability is to data confidentiality and integrity.

Published: May 5, 2021
Updated: Apr 14, 2023
CVE: CVE-2021-20254
Severity: Medium
Exploit:

CVSS v3:

Severity: Medium
Score: 6.8
AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N

CVSS v2:

Severity: Low
Score: 4.9
AV:N/AC:M/Au:S/C:P/I:P/A:N

CWEs:

CWE-125

Affected Software
References

Software	From	Fixed in
samba / samba	4.14.0	4.14.4
samba / samba	4.13.0	4.13.8
samba / samba	3.6.0	4.12.15
fedoraproject / fedora	32	32.x
fedoraproject / fedora	33	33.x
redhat / enterprise_linux	7.0	7.0.x
redhat / enterprise_linux	8.0	8.0.x
debian / debian_linux	9.0	9.0.x

Vulnerability Database

289,599

CVE-2021-20254