{
  "threat_severity" : "Moderate",
  "public_date" : "2021-11-09T00:00:00Z",
  "bugzilla" : {
    "description" : "samba: Subsequent DCE/RPC fragment injection vulnerability",
    "id" : "2019666",
    "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2019666"
  },
  "cvss3" : {
    "cvss3_base_score" : "4.8",
    "cvss3_scoring_vector" : "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
    "status" : "verified"
  },
  "details" : [ "A flaw was found in the way samba implemented DCE/RPC. If a client to a Samba server sent a very large DCE/RPC request, and chose to fragment it, an attacker could replace later fragments with their own data, bypassing the signature requirements.", "A flaw was found in the way samba implemented DCE/RPC. If a client to a Samba server sent a very large DCE/RPC request, and chose to fragment it, an attacker could replace later fragments with             their own data, bypassing the signature requirements." ],
  "acknowledgement" : "Red Hat would like to thank Stefan Metzmacher (SerNet) for reporting this issue. Upstream acknowledges the Samba project as the original reporter.",
  "affected_release" : [ {
    "product_name" : "Red Hat Enterprise Linux 8",
    "release_date" : "2021-12-13T00:00:00Z",
    "advisory" : "RHSA-2021:5082",
    "cpe" : "cpe:/a:redhat:enterprise_linux:8",
    "package" : "samba-0:4.14.5-7.el8_5"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8",
    "release_date" : "2021-12-13T00:00:00Z",
    "advisory" : "RHSA-2021:5082",
    "cpe" : "cpe:/o:redhat:enterprise_linux:8",
    "package" : "samba-0:4.14.5-7.el8_5"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8.4 Extended Update Support",
    "release_date" : "2022-01-04T00:00:00Z",
    "advisory" : "RHSA-2022:0008",
    "cpe" : "cpe:/o:redhat:rhel_eus:8.4",
    "package" : "samba-0:4.13.3-8.el8_4"
  }, {
    "product_name" : "Red Hat Gluster Storage 3.5 for RHEL 8",
    "release_date" : "2021-11-29T00:00:00Z",
    "advisory" : "RHSA-2021:4843",
    "cpe" : "cpe:/a:redhat:storage:3.5:samba:el8",
    "package" : "samba-0:4.14.5-204.el8rhgs"
  } ],
  "package_state" : [ {
    "product_name" : "Red Hat Enterprise Linux 6",
    "fix_state" : "Not affected",
    "package_name" : "samba",
    "cpe" : "cpe:/o:redhat:enterprise_linux:6"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7",
    "fix_state" : "Not affected",
    "package_name" : "samba",
    "cpe" : "cpe:/o:redhat:enterprise_linux:7"
  }, {
    "product_name" : "Red Hat Enterprise Linux 9",
    "fix_state" : "Not affected",
    "package_name" : "samba",
    "cpe" : "cpe:/o:redhat:enterprise_linux:9"
  } ],
  "references" : [ "https://www.cve.org/CVERecord?id=CVE-2021-23192\nhttps://nvd.nist.gov/vuln/detail/CVE-2021-23192\nhttps://www.samba.org/samba/security/CVE-2021-23192.html" ],
  "name" : "CVE-2021-23192",
  "mitigation" : {
    "value" : "Setting \n~~~\ndcesrv:max auth states=0\n~~~\nin the smb.conf will provide some mitigation against this issue.",
    "lang" : "en:us"
  },
  "csaw" : false
}