Fellow Linux admins-

Linux admins have used Samba for decades to share files with their Windows desktops, including in enterprises where Active Directory is in place. First developed by Andrew Tridgell (known as Tridge to his friends) in 1991, samba addressed a significant need for sharing resources in mixed-OS environments. However, a privilege escalation attack has the potential for widespread impact because it affects a core network and resource management component. Let's discuss how you can mitigate the latest high-severity attack in how Samba manages access controls for newly created objects within Active Directory.

Reported as CVE-2023-3961, this vuln affects only Samba installations configured as AD Domain Controllers. It's fascinating how admins with object creation permissions can allow attackers to modify sensitive attributes of AD objects and escalate their privileges. This can lead to severe actions like adding/removing users, changing policies, or even shutting down the network. Read on to learn how to mitigate these issues and protect your users.

You'll also learn about a significant denial of service (DoS) issue recently patched by Intel that could result in downtime, service disruptions, and revenue or credibility losses for your organization.

If you found value in today’s newsletter, please share it with your friends! Do you have a Linux security-related topic you'd like to cover for our audience? We welcome contributions from passionate, insightful community members who share our love for Linux and security!

Stay safe out there,

Dv Signature Newsletter 2024 480 Esm W153

Samba

The Discovery 

A critical vulnerability in the Samba Active Directory (AD) (CVE-2023-3961) was recently found, allowing attackers to gain elevated privileges and seize control of entire domains.

Samba Esm W400

The Impact

Attackers could exploit this bug to access your domain and escalate their privileges. This could enable them to take unwarranted actions such as adding or removing users, changing policies, or even shutting down an entire network.

The Fix

An important Samba bug fix has been released to mitigate this issue. We strongly recommend that all impacted users patch immediately to protect their Linux systems and networks against unauthorized access and compromise. 

Your Related Advisories:

Register to Customize Your Advisories

Intel Microcode

The Discovery 

Intel recently patched a significant denial of service (DoS) issue that could impact specific 4th and 5th Generation Xeon Scalable processors. If exploited, these faulty finite state machines (FSMs) within hardware logic could allow malicious actors to cause denial of service conditions that disrupt regular system operation.

Intel Microcode Esm W224

The Impact

This flaw poses a significant threat, especially in environments that depend on uptime and availability, such as server environments or cloud infrastructure utilizing Intel Xeon processors. Interruptions due to a DoS attack could result in downtime, service disruptions, and revenue or credibility losses for an organization.

The Fix

Intel has issued critical updates to its CPU microcode to mitigate this bug. We urge admins to patch their systems immediately to protect against downtime due to service disruption.

Your Related Advisories:

Register to Customize Your Advisories