Synology-SA-17:72 Samba

Publish Time: 2017-11-21 19:17:51 UTC+8

Last Updated: 2017-11-30 17:44:05 UTC+8

Severity
Important
Status
Ongoing

Abstract

Multiple security vulnerabilities have been found in Samba which allows remote attackers to launch a denial-of-service attack, retrieve sensitive information or possibly execute arbitrary codes from a vulnerable version of Synology DiskStation Manager (DSM) or Synology Router Manager (SRM).

Severity

Affected

  • Products
    • DSM 6.1
    • DSM 6.0
    • DSM 5.2
    • SRM 1.1
  • Models
    • All Synology models

Description

  • CVE-2017-14746
    All versions of Samba from 4.0.0 onwards are vulnerable to a use after free vulnerability, where a malicious SMB1 request can be used to control the contents of heap memory via a deallocated heap pointer. It is possible this may be used to compromise the SMB server.
  • CVE-2017-15275
    All versions of Samba from 3.6.0 onwards are vulnerable to a heap memory information leak, where server allocated heap memory may be returned to the client without being cleared.

Mitigation

For DSM 6.1

  1. Go to Control Panel > File Service > SMB > Advanced Settings, and set Minimum SMB protocol as SMB2.

For DSM 6.0

  1. Go to Control Panel > Applications > Terminal & SNMP, and tick Enable SSH service.
  2. Log in to DSM via SSH as "admin" and execute the following command:
    sudo /usr/bin/sed -i '/min protocol/d' /etc/samba/smb.conf && sudo sh -c "echo 'min protocol=SMB2' >> /etc/samba/smb.conf" && sudo /sbin/restart smbd

For DSM 5.2

  1. Go to Contol Panel > Applications > Terminal & SNMP and tick Enable SSH service.
  2. Log in to DSM via SSH as "root" and execute the following command:
    /bin/sed -i '/min protocol/d' /usr/syno/etc/smb.conf && /bin/sed -i "/\[global\]/a min protocol=SMB2" /usr/syno/etc/smb.conf && /sbin/restart smbd

For SRM 1.1

  1. Go to Control Panel > Services > System Services and tick Enable SSH service.
  2. Log in to SRM via SSH as "root" and execute the following command:
    /bin/sed -i '/min protocol/d' /usr/syno/etc/smb.conf && /bin/sed -i "/\[global\]/a min protocol=SMB2" /usr/syno/etc/smb.conf && /sbin/restart smbd

Update Availability

To fix the security issue, please update DSM 6.1 to 6.1.4-15217-2 or above.

Reference