Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
CVE Vulnerability Details :
CVE-2023-34967
PUBLISHED
More InfoOfficial Page
Assigner-redhat
Assigner Org ID-53f830b8-0a3f-465b-8143-3b8a9948e749
View Known Exploited Vulnerability (KEV) details
Published At-20 Jul, 2023 | 14:57
Updated At-20 Nov, 2025 | 17:29
Rejected At-
▼CVE Numbering Authority (CNA)
Samba: type confusion in mdssvc rpc service for spotlight

A Type Confusion vulnerability was found in Samba's mdssvc RPC service for Spotlight. When parsing Spotlight mdssvc RPC packets, one encoded data structure is a key-value style dictionary where the keys are character strings, and the values can be any of the supported types in the mdssvc protocol. Due to a lack of type checking in callers of the dalloc_value_for_key() function, which returns the object associated with a key, a caller may trigger a crash in talloc_get_size() when talloc detects that the passed-in pointer is not a valid talloc pointer. With an RPC worker process shared among multiple client connections, a malicious client or attacker can trigger a process crash in a shared RPC mdssvc worker process, affecting all other clients this worker serves.

Affected Products
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux 8
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
samba
CPEs
  • cpe:/a:redhat:enterprise_linux:8::crb
  • cpe:/a:redhat:enterprise_linux:8::appstream
  • cpe:/o:redhat:enterprise_linux:8::baseos
Default Status
affected
Versions
Unaffected
  • From 0:4.18.6-1.el8 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux 8
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
samba
CPEs
  • cpe:/a:redhat:enterprise_linux:8::crb
  • cpe:/a:redhat:enterprise_linux:8::appstream
  • cpe:/o:redhat:enterprise_linux:8::baseos
Default Status
affected
Versions
Unaffected
  • From 0:4.18.6-1.el8 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux 8.6 Extended Update Support
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
samba
CPEs
  • cpe:/o:redhat:rhel_eus:8.6::baseos
  • cpe:/o:redhat:rhev_hypervisor:4.4::el8
  • cpe:/a:redhat:rhel_eus:8.6::crb
  • cpe:/a:redhat:rhel_eus:8.6::appstream
Default Status
affected
Versions
Unaffected
  • From 0:4.15.5-15.el8_6 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux 8.8 Extended Update Support
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
samba
CPEs
  • cpe:/a:redhat:rhel_eus:8.8::appstream
  • cpe:/o:redhat:rhel_eus:8.8::baseos
  • cpe:/a:redhat:rhel_eus:8.8::crb
Default Status
affected
Versions
Unaffected
  • From 0:4.17.5-5.el8_8 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux 9
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
samba
CPEs
  • cpe:/a:redhat:enterprise_linux:9::resilientstorage
  • cpe:/a:redhat:enterprise_linux:9::appstream
  • cpe:/o:redhat:enterprise_linux:9::baseos
  • cpe:/a:redhat:enterprise_linux:9::crb
Default Status
affected
Versions
Unaffected
  • From 0:4.18.6-100.el9 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux 9
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
samba
CPEs
  • cpe:/a:redhat:enterprise_linux:9::resilientstorage
  • cpe:/a:redhat:enterprise_linux:9::appstream
  • cpe:/o:redhat:enterprise_linux:9::baseos
  • cpe:/a:redhat:enterprise_linux:9::crb
Default Status
affected
Versions
Unaffected
  • From 0:4.18.6-100.el9 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Virtualization 4 for Red Hat Enterprise Linux 8
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
samba
CPEs
  • cpe:/o:redhat:rhel_eus:8.6::baseos
  • cpe:/o:redhat:rhev_hypervisor:4.4::el8
  • cpe:/a:redhat:rhel_eus:8.6::crb
  • cpe:/a:redhat:rhel_eus:8.6::appstream
Default Status
affected
Versions
Unaffected
  • From 0:4.15.5-15.el8_6 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux 6
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
samba
CPEs
  • cpe:/o:redhat:enterprise_linux:6
Default Status
unknown
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux 6
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
samba4
CPEs
  • cpe:/o:redhat:enterprise_linux:6
Default Status
unknown
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux 7
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
samba
CPEs
  • cpe:/o:redhat:enterprise_linux:7
Default Status
unknown
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Storage 3
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
samba
CPEs
  • cpe:/a:redhat:storage:3
Default Status
unknown
Problem Types
TypeCWE IDDescription
CWECWE-843Access of Resource Using Incompatible Type ('Type Confusion')
Type: CWE
CWE ID: CWE-843
Description: Access of Resource Using Incompatible Type ('Type Confusion')
Metrics
VersionBase scoreBase severityVector
3.15.3MEDIUM
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Version: 3.1
Base score: 5.3
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Metrics Other Info
Red Hat severity rating
value:
Moderate
namespace:
https://access.redhat.com/security/updates/classification/
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds

As a possible workaround, disable Spotlight by removing all configuration stanzas ("spotlight=yes|true") that enable Spotlight .

Exploits
Credits
Timeline
EventDate
Reported to Red Hat.2023-07-13 00:00:00
Made public.2023-07-19 00:00:00
Event: Reported to Red Hat.
Date: 2023-07-13 00:00:00
Event: Made public.
Date: 2023-07-19 00:00:00
Replaced By
Rejected Reason
References
HyperlinkResource
https://access.redhat.com/errata/RHSA-2023:6667
vendor-advisory
x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2023:7139
vendor-advisory
x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:0423
vendor-advisory
x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:0580
vendor-advisory
x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2023-34967
vdb-entry
x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2222794
issue-tracking
x_refsource_REDHAT
https://www.samba.org/samba/security/CVE-2023-34967.html
N/A
Hyperlink: https://access.redhat.com/errata/RHSA-2023:6667
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: https://access.redhat.com/errata/RHSA-2023:7139
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: https://access.redhat.com/errata/RHSA-2024:0423
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: https://access.redhat.com/errata/RHSA-2024:0580
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: https://access.redhat.com/security/cve/CVE-2023-34967
Resource:
vdb-entry
x_refsource_REDHAT
Hyperlink: https://bugzilla.redhat.com/show_bug.cgi?id=2222794
Resource:
issue-tracking
x_refsource_REDHAT
Hyperlink: https://www.samba.org/samba/security/CVE-2023-34967.html
Resource: N/A
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://access.redhat.com/errata/RHSA-2023:6667
vendor-advisory
x_refsource_REDHAT
x_transferred
https://access.redhat.com/errata/RHSA-2023:7139
vendor-advisory
x_refsource_REDHAT
x_transferred
https://access.redhat.com/errata/RHSA-2024:0423
vendor-advisory
x_refsource_REDHAT
x_transferred
https://access.redhat.com/errata/RHSA-2024:0580
vendor-advisory
x_refsource_REDHAT
x_transferred
https://access.redhat.com/security/cve/CVE-2023-34967
vdb-entry
x_refsource_REDHAT
x_transferred
https://bugzilla.redhat.com/show_bug.cgi?id=2222794
issue-tracking
x_refsource_REDHAT
x_transferred
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BPCSGND7LO467AJGR5DYBGZLTCGTOBCC/
x_transferred
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OT74M42E6C36W7PQVY3OS4ZM7DVYB64Z/
x_transferred
https://security.netapp.com/advisory/ntap-20230731-0010/
x_transferred
https://www.debian.org/security/2023/dsa-5477
x_transferred
https://www.samba.org/samba/security/CVE-2023-34967.html
x_transferred
Hyperlink: https://access.redhat.com/errata/RHSA-2023:6667
Resource:
vendor-advisory
x_refsource_REDHAT
x_transferred
Hyperlink: https://access.redhat.com/errata/RHSA-2023:7139
Resource:
vendor-advisory
x_refsource_REDHAT
x_transferred
Hyperlink: https://access.redhat.com/errata/RHSA-2024:0423
Resource:
vendor-advisory
x_refsource_REDHAT
x_transferred
Hyperlink: https://access.redhat.com/errata/RHSA-2024:0580
Resource:
vendor-advisory
x_refsource_REDHAT
x_transferred
Hyperlink: https://access.redhat.com/security/cve/CVE-2023-34967
Resource:
vdb-entry
x_refsource_REDHAT
x_transferred
Hyperlink: https://bugzilla.redhat.com/show_bug.cgi?id=2222794
Resource:
issue-tracking
x_refsource_REDHAT
x_transferred
Hyperlink: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BPCSGND7LO467AJGR5DYBGZLTCGTOBCC/
Resource:
x_transferred
Hyperlink: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OT74M42E6C36W7PQVY3OS4ZM7DVYB64Z/
Resource:
x_transferred
Hyperlink: https://security.netapp.com/advisory/ntap-20230731-0010/
Resource:
x_transferred
Hyperlink: https://www.debian.org/security/2023/dsa-5477
Resource:
x_transferred
Hyperlink: https://www.samba.org/samba/security/CVE-2023-34967.html
Resource:
x_transferred
Details not found