Home > Vulnerability Database > CVE-2023-34967

Mend.io Vulnerability Database

CVE-2023-34967

Good to know:

Date: July 20, 2023

A Type Confusion vulnerability was found in Samba's mdssvc RPC service for Spotlight. When parsing Spotlight mdssvc RPC packets, one encoded data structure is a key-value style dictionary where the keys are character strings, and the values can be any of the supported types in the mdssvc protocol. Due to a lack of type checking in callers of the dalloc_value_for_key() function, which returns the object associated with a key, a caller may trigger a crash in talloc_get_size() when talloc detects that the passed-in pointer is not a valid talloc pointer. With an RPC worker process shared among multiple client connections, a malicious client or attacker can trigger a process crash in a shared RPC mdssvc worker process, affecting all other clients this worker serves.

Language: C

Severity Score

5.3

Related Resources (14)

Url: https://access.redhat.com/errata/RHSA-2023:6667

Url: https://security.netapp.com/advisory/ntap-20230731-0010/

Url: https://access.redhat.com/errata/RHSA-2024:0580

Url: https://access.redhat.com/errata/RHSA-2023:7139

Url: https://www.debian.org/security/2023/dsa-5477

Url: https://nvd.nist.gov/vuln/detail/CVE-2023-34967

Url: https://access.redhat.com/security/cve/CVE-2023-34967

Url: https://security-tracker.debian.org/tracker/CVE-2023-34967

Url: https://www.samba.org/samba/security/CVE-2023-34967.html

Url: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OT74M42E6C36W7PQVY3OS4ZM7DVYB64Z/

Url: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BPCSGND7LO467AJGR5DYBGZLTCGTOBCC/

Url: https://bugzilla.redhat.com/show_bug.cgi?id=2222794

Url: https://access.redhat.com/errata/RHSA-2024:0423

Url: https://www.mend.io/vulnerability-database/CVE-2023-34967

Severity Score

5.3

Weakness Type (CWE)

Access of Resource Using Incompatible Type ('Type Confusion')

CWE-843

Top Fix

Upgrade Version

Upgrade to version samba-4.16.11,samba-4.17.10,samba-4.18.5

Learn More

CVSS v3.1

Base Score:	5.3
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	LOW
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	NONE
Integrity (I):	NONE
Availability (A):	LOW

Mend.io Vulnerability Database

We found results for “”

CVE-2023-34967

Good to know:

Date: July 20, 2023

Language: C

Severity Score

Related Resources (14)

Severity Score

Weakness Type (CWE)

Top Fix

Upgrade Version

CVSS v3.1

Do you need more information?