Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2019-10197

A flaw was found in samba versions 4.9.x up to 4.9.13, samba 4.10.x up to 4.10.8 and samba 4.11.x up to 4.11.0rc3, when certain parameters were set in the samba configuration file. An unauthenticated attacker could use this flaw to escape the shared directory and access the contents of directories outside the share.

Related bugs and status

CVE-2019-10197 (Candidate) is related to these bugs:

Bug #1842533: CVE-2019-10197 restricted share escape by user

Summary				In	Importance	Status
	1842533	CVE-2019-10197 restricted share escape by user		samba (Ubuntu)	Undecided	Fix Released
	1842533	CVE-2019-10197 restricted share escape by user		samba	Unknown	Unknown

See the

CVE page on Mitre.org for more details.

References

CONFIRM: https://bugzilla.redha...
CONFIRM: https://security.netap...
MISC: https://www.samba.org/...
UBUNTU: USN-4121-1
BUGTRAQ: 20190904 [SECURITY] [D...
DEBIAN: DSA-4513
SUSE: openSUSE-SU-2019:2142
FEDORA: FEDORA-2019-e3e521e5b3
FEDORA: FEDORA-2019-eb1e982800
FEDORA: FEDORA-2019-41c7fa478a
CONFIRM: https://support.f5.com...
CONFIRM: https://support.f5.com...
REDHAT: RHSA-2019:3253
REDHAT: RHSA-2019:4023
GENTOO: GLSA-202003-52