{
  "threat_severity" : "Moderate",
  "public_date" : "2019-04-09T00:00:00Z",
  "bugzilla" : {
    "description" : "samba: save registry file outside share as unprivileged user",
    "id" : "1691518",
    "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1691518"
  },
  "cvss3" : {
    "cvss3_base_score" : "4.2",
    "cvss3_scoring_vector" : "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L",
    "status" : "verified"
  },
  "cwe" : "CWE-22",
  "details" : [ "A flaw was found in the way samba implemented an RPC endpoint emulating the Windows registry service API. An unprivileged attacker could use this flaw to create a new registry hive file anywhere they have unix permissions which could lead to creation of a new file in the Samba share. Versions before 4.8.11, 4.9.6 and 4.10.2 are vulnerable.", "A flaw was found in the way samba implemented an RPC endpoint emulating the Windows registry service API. An unprivileged attacker could use this flaw to create a new registry hive file anywhere they have unix permissions which could lead to creation of a new file in the Samba share." ],
  "statement" : "This issue affects the version of samba shipped with Red Hat Gluster Storage 3, as it contains the vulnerable functionality.",
  "acknowledgement" : "Red Hat would like to thank Michael Hanselmann for reporting this issue.",
  "affected_release" : [ {
    "product_name" : "Red Hat Enterprise Linux 7",
    "release_date" : "2019-08-06T00:00:00Z",
    "advisory" : "RHSA-2019:2099",
    "cpe" : "cpe:/o:redhat:enterprise_linux:7",
    "package" : "samba-0:4.9.1-6.el7"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8",
    "release_date" : "2019-11-05T00:00:00Z",
    "advisory" : "RHSA-2019:3582",
    "cpe" : "cpe:/a:redhat:enterprise_linux:8",
    "package" : "samba-0:4.10.4-1.el8"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8",
    "release_date" : "2019-11-05T00:00:00Z",
    "advisory" : "RHSA-2019:3582",
    "cpe" : "cpe:/o:redhat:enterprise_linux:8",
    "package" : "samba-0:4.10.4-1.el8"
  }, {
    "product_name" : "Red Hat Gluster Storage 3.4 for RHEL 6",
    "release_date" : "2019-07-30T00:00:00Z",
    "advisory" : "RHSA-2019:1967",
    "cpe" : "cpe:/a:redhat:storage:3.4:samba:el6",
    "package" : "libtalloc-0:2.1.14-3.el6rhs"
  }, {
    "product_name" : "Red Hat Gluster Storage 3.4 for RHEL 6",
    "release_date" : "2019-07-30T00:00:00Z",
    "advisory" : "RHSA-2019:1967",
    "cpe" : "cpe:/a:redhat:storage:3.4:samba:el6",
    "package" : "libtdb-0:1.3.16-3.el6rhs"
  }, {
    "product_name" : "Red Hat Gluster Storage 3.4 for RHEL 6",
    "release_date" : "2019-07-30T00:00:00Z",
    "advisory" : "RHSA-2019:1967",
    "cpe" : "cpe:/a:redhat:storage:3.4:samba:el6",
    "package" : "libtevent-0:0.9.37-3.el6rhs"
  }, {
    "product_name" : "Red Hat Gluster Storage 3.4 for RHEL 6",
    "release_date" : "2019-07-30T00:00:00Z",
    "advisory" : "RHSA-2019:1967",
    "cpe" : "cpe:/a:redhat:storage:3.4:samba:el6",
    "package" : "samba-0:4.9.8-105.el6rhs"
  }, {
    "product_name" : "Red Hat Gluster Storage 3.4 for RHEL 7",
    "release_date" : "2019-07-30T00:00:00Z",
    "advisory" : "RHSA-2019:1966",
    "cpe" : "cpe:/a:redhat:storage:3.4:samba:el7",
    "package" : "libtalloc-0:2.1.14-3.el7rhgs"
  }, {
    "product_name" : "Red Hat Gluster Storage 3.4 for RHEL 7",
    "release_date" : "2019-07-30T00:00:00Z",
    "advisory" : "RHSA-2019:1966",
    "cpe" : "cpe:/a:redhat:storage:3.4:samba:el7",
    "package" : "libtdb-0:1.3.16-3.el7rhgs"
  }, {
    "product_name" : "Red Hat Gluster Storage 3.4 for RHEL 7",
    "release_date" : "2019-07-30T00:00:00Z",
    "advisory" : "RHSA-2019:1966",
    "cpe" : "cpe:/a:redhat:storage:3.4:samba:el7",
    "package" : "libtevent-0:0.9.37-3.el7rhgs"
  }, {
    "product_name" : "Red Hat Gluster Storage 3.4 for RHEL 7",
    "release_date" : "2019-07-30T00:00:00Z",
    "advisory" : "RHSA-2019:1966",
    "cpe" : "cpe:/a:redhat:storage:3.4:samba:el7",
    "package" : "samba-0:4.9.8-105.el7rhgs"
  } ],
  "package_state" : [ {
    "product_name" : "Red Hat Enterprise Linux 5",
    "fix_state" : "Will not fix",
    "package_name" : "samba",
    "cpe" : "cpe:/o:redhat:enterprise_linux:5"
  }, {
    "product_name" : "Red Hat Enterprise Linux 6",
    "fix_state" : "Will not fix",
    "package_name" : "samba",
    "cpe" : "cpe:/o:redhat:enterprise_linux:6"
  }, {
    "product_name" : "Red Hat Enterprise Linux 6",
    "fix_state" : "Will not fix",
    "package_name" : "samba4",
    "cpe" : "cpe:/o:redhat:enterprise_linux:6"
  }, {
    "product_name" : "Red Hat Virtualization 4",
    "fix_state" : "Not affected",
    "package_name" : "redhat-virtualization-host",
    "cpe" : "cpe:/o:redhat:rhev_hypervisor:4"
  } ],
  "references" : [ "https://www.cve.org/CVERecord?id=CVE-2019-3880\nhttps://nvd.nist.gov/vuln/detail/CVE-2019-3880\nhttps://www.samba.org/samba/security/CVE-2019-3880.html" ],
  "name" : "CVE-2019-3880",
  "mitigation" : {
    "value" : "Either turn off SMB1 by setting the global parameter:\n'min protocol = SMB2'\nor if SMB1 is required turn off unix extensions by setting the global parameter:\n'unix extensions = no'\nin the smb.conf file.",
    "lang" : "en:us"
  },
  "csaw" : false
}