CVE-2020-25719

Summary

CVE	CVE-2020-25719
State	PUBLIC
Assigner	[email protected]
Source Priority	CVE Program / NVD first with legacy fallback
Published	2022-02-18 18:15:00 UTC
Updated	2023-09-17 09:15:00 UTC
Description	A flaw was found in the way Samba, as an Active Directory Domain Controller, implemented Kerberos name-based authentication. The Samba AD DC, could become confused about the user a ticket represents if it did not strictly require a Kerberos PAC and always use the SIDs found within. The result could include total domain compromise.

Risk And Classification

Problem Types: CWE-362

NVD Known Affected Configurations (CPE 2.3)

Type	Vendor	Product	Version	Update	Edition	Language
Operating System	Canonical	Ubuntu Linux	20.04	All	All	All
Operating System	Canonical	Ubuntu Linux	21.04	All	All	All
Operating System	Canonical	Ubuntu Linux	21.10	All	All	All
Operating System	Debian	Debian Linux	10.0	All	All	All
Operating System	Debian	Debian Linux	9.0	All	All	All
Operating System	Fedoraproject	Fedora	33	All	All	All
Operating System	Fedoraproject	Fedora	34	All	All	All
Operating System	Fedoraproject	Fedora	35	All	All	All
Operating System	Redhat	Enterprise Linux	7.0	All	All	All
Operating System	Redhat	Enterprise Linux	8.0	All	All	All
Operating System	Redhat	Enterprise Linux Desktop	7.0	All	All	All
Operating System	Redhat	Enterprise Linux Eus	8.2	All	All	All
Operating System	Redhat	Enterprise Linux Eus	8.4	All	All	All
Operating System	Redhat	Enterprise Linux For Ibm Z Systems	7.0	All	All	All
Operating System	Redhat	Enterprise Linux For Ibm Z Systems	8.0	All	All	All
Operating System	Redhat	Enterprise Linux For Ibm Z Systems Eus	8.2	All	All	All
Operating System	Redhat	Enterprise Linux For Ibm Z Systems Eus	8.4	All	All	All
Operating System	Redhat	Enterprise Linux For Power Big Endian	7.0	All	All	All
Operating System	Redhat	Enterprise Linux For Power Little Endian	7.0	All	All	All
Operating System	Redhat	Enterprise Linux For Power Little Endian	8.0	All	All	All
Operating System	Redhat	Enterprise Linux For Power Little Endian Eus	8.2	All	All	All
Operating System	Redhat	Enterprise Linux For Power Little Endian Eus	8.4	All	All	All
Operating System	Redhat	Enterprise Linux For Scientific Computing	7.0	All	All	All
Operating System	Redhat	Enterprise Linux Server Aus	8.2	All	All	All
Operating System	Redhat	Enterprise Linux Server Aus	8.4	All	All	All
Operating System	Redhat	Enterprise Linux Server Tus	8.2	All	All	All
Operating System	Redhat	Enterprise Linux Server Tus	8.4	All	All	All
Operating System	Redhat	Enterprise Linux Server Update Services For Sap Solutions	8.2	All	All	All
Operating System	Redhat	Enterprise Linux Server Update Services For Sap Solutions	8.4	All	All	All
Operating System	Redhat	Enterprise Linux Workstation	7.0	All	All	All
Application	Samba	Samba	All	All	All	All

References

Reference	Source	Link	Tags
Samba: Multiple Vulnerabilities (GLSA 202309-06) — Gentoo security	GENTOO	security.gentoo.org
2019732 – (CVE-2020-25719) CVE-2020-25719 samba: Samba AD DC did not always rely on the SID and PAC in Kerberos tickets	MISC	bugzilla.redhat.com	Issue Tracking, Patch, Third Party Advisory
Samba - Security Announcement Archive	MISC	www.samba.org	Mitigation, Vendor Advisory
CVE Program record	CVE.ORG	www.cve.org	canonical
NVD vulnerability detail	NVD	nvd.nist.gov	canonical, analysis

No vendor comments have been submitted for this CVE.

Legacy QID Mappings

159552 Oracle Enterprise Linux Security Update for idm:DL1 (ELSA-2021-5142)
159572 Oracle Enterprise Linux Security Update for ipa (ELSA-2021-5195)
178884 Debian Security Update for samba (DSA 5003-1)
198583 Ubuntu Security Notification for Samba Vulnerability (USN-5142-1)
239963 Red Hat Update for idm:dl1 (RHSA-2021:5142)
239971 Red Hat Update for ipa (RHSA-2021:5195)
239985 Red Hat Update for idm:dl1 (RHSA-2022:0007)
239995 Red Hat Update for idm:dl1 (RHSA-2022:0076)
257138 CentOS Security Update for ipa (CESA-2021:5195)
282091 Fedora Security Update for freeipa (FEDORA-2021-1d77047c61)
282156 Fedora Security Update for freeipa (FEDORA-2021-12af2614da)
296061 Oracle Solaris 11.4 Support Repository Update (SRU) 42.113.1 Missing (CPUJAN2022)
354310 Amazon Linux Security Advisory for samba : ALAS2022-2022-022
354496 Amazon Linux Security Advisory for samba : ALAS2022-2022-224
354550 Amazon Linux Security Advisory for samba : ALAS-2022-224
355574 Amazon Linux Security Advisory for ipa : ALAS2-2023-2149
377272 Alibaba Cloud Linux Security Update for ipa (ALINUX2-SA-2021:0073)
377574 Alibaba Cloud Linux Security Update for idm:dl1 (ALINUX3-SA-2022:0117)
501490 Alpine Linux Security Update for samba
501779 Alpine Linux Security Update for samba
502027 Alpine Linux Security Update for samba
504394 Alpine Linux Security Update for samba
671280 EulerOS Security Update for samba (EulerOS-SA-2022-1246)
671315 EulerOS Security Update for samba (EulerOS-SA-2022-1258)
671372 EulerOS Security Update for samba (EulerOS-SA-2022-1295)
671384 EulerOS Security Update for samba (EulerOS-SA-2022-1311)
690244 Free Berkeley Software Distribution (FreeBSD) Security Update for samba (646923b0-41c7-11ec-a3b2-005056a311d1)
710751 Gentoo Linux Samba Multiple Vulnerabilities (GLSA 202309-06)
751345 OpenSUSE Security Update for samba and ldb (openSUSE-SU-2021:3647-1)
900914 Common Base Linux Mariner (CBL-Mariner) Security Update for samba (8704)
940255 AlmaLinux Security Update for idm:DL1 (ALSA-2021:5142)
960424 Rocky Linux Security Update for idm:DL1 (RLSA-2021:5142)