CVE-2021-23192 log

Source
Severity Medium
Remote Yes
Type Insufficient validation
Description
A security issue has been found in Samba versions 4.10.0 to 4.15.1. If a client to a Samba server sent a very large DCE/RPC request, and chose to fragment it, an attacker could replace later fragments with their own data, bypassing the signature requirements.
Group Package Affected Fixed Severity Status Ticket
AVG-2538 samba 4.15.1-1 4.15.2-1 Medium Fixed
References
https://www.samba.org/samba/security/CVE-2021-23192.html
https://www.samba.org/samba/ftp/patches/security/samba-4.15.1-security-2021-11-09.patch
Notes
Workaround
==========

Setting "dcesrv:max auth states=0" in the smb.conf will provide some mitigation against this issue.

There are no known problems with this change as NT4 classic domain controller, domain member or standalone server.

But it disables "Security Context Multiplexing" and may reopen https://bugzilla.samba.org/show_bug.cgi?id=11892. which means domain members running things like Cisco ISE or VMWare View may no longer work. This applies only to active directory domain controllers.