Projects
openEuler:20.03:LTS:SP3
samba
_service:tar_scm_kernel_repo:backport-0004-CVE-...
Sign Up
Log In
Username
Password
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _service:tar_scm_kernel_repo:backport-0004-CVE-2021-3738-s4-rpc_server-lsa-make-use-of-dcesrv_s.patch of Package samba
From 79d62d83e23fe5969cb432262ab9addad59a3b8d Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher <metze@samba.org> Date: Thu, 5 Aug 2021 14:24:25 +0200 Subject: [PATCH 264/266] CVE-2021-3738 s4:rpc_server/lsa: make use of Conflict: NA Reference: https://git.samba.org/samba.git/?p=samba.git;a=patch;h=79d62d83e23fe5969cb432262ab9addad59a3b8d dcesrv_samdb_connect_as_user() helper This avoids a crash that's triggered by windows clients using handles from OpenPolicy[2]() on across multiple connections within an association group. BUG: https://bugzilla.samba.org/show_bug.cgi?id=14468 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> --- source4/rpc_server/lsa/lsa_init.c | 7 +------ 1 file changed, 1 insertion(+), 6 deletions(-) diff --git a/source4/rpc_server/lsa/lsa_init.c b/source4/rpc_server/lsa/lsa_init.c index f33b61c4035..400c5093079 100644 --- a/source4/rpc_server/lsa/lsa_init.c +++ b/source4/rpc_server/lsa/lsa_init.c @@ -71,12 +71,7 @@ NTSTATUS dcesrv_lsa_get_policy_state(struct dcesrv_call_state *dce_call, } /* make sure the sam database is accessible */ - state->sam_ldb = samdb_connect(state, - dce_call->event_ctx, - dce_call->conn->dce_ctx->lp_ctx, - session_info, - dce_call->conn->remote_address, - 0); + state->sam_ldb = dcesrv_samdb_connect_as_user(state, dce_call); if (state->sam_ldb == NULL) { return NT_STATUS_INVALID_SYSTEM_SERVICE; } -- 2.23.0
Locations
Projects
Search
Status Monitor
Help
Open Build Service
OBS Manuals
API Documentation
OBS Portal
Reporting a Bug
Contact
Mailing List
Forums
Chat (IRC)
Twitter
Open Build Service (OBS)
is an
openSUSE project
.