==================================================================== == Subject: Server heap memory information leak. == == CVE ID#: CVE-2017-15275 == == Versions: All versions of Samba from 3.6.0 onwards. == == Summary: The server may return the contents of heap == allocated memory to the client. == ==================================================================== =========== Description =========== All versions of Samba from 3.6.0 onwards are vulnerable to a heap memory information leak, where server allocated heap memory may be returned to the client without being cleared. There is no known vulnerability associated with this error, but uncleared heap memory may contain previously used data that may help an attacker compromise the server via other methods. Uncleared heap memory may potentially contain password hashes or other high-value data. ================== Patch Availability ================== A patch addressing this defect has been posted to http://www.samba.org/samba/security/ Additionally, Samba 4.7.3, 4.6.11 and 4.5.15 have been issued as security releases to correct the defect. Patches against older Samba versions are available at http://samba.org/samba/patches/. Samba vendors and administrators running affected versions are advised to upgrade or apply the patch as soon as possible. ========== Workaround ========== None. ======= Credits ======= This problem was found by Volker Lendecke of SerNet and the Samba Team. Jeremy Allison of Google and the Samba Team provided the fix.