Ubuntu – the ‘Badlock Bug’

Securityvulnerability

A user on the Ask Ubuntu General Room posted a link to Badlock. After some googling around, all I can find is that it is a mysterious security bug, that uses the same website template as Heartbleed.

I manage Linux Servers, a mysterious security bug does not sit well with me. What exactly is it, and how can I protect my servers from it?

Best Answer

What is BadLock

Badlock is a bug that affects Windows and Samba.

What Can hackers do with this security bug?

Two things:

  • Man-in-the-middle (MITM) attacks:

  • Denial-of-Service (DoS) attacks:

The Badlock CVE is: CVE-2016-2118. There are additional CVEs related to Badlock. Those are:

Which versions of samba are affected

  • 3.6.x,
  • 4.0.x,
  • 4.1.x,
  • 4.2.0-4.2.9,
  • 4.3.0-4.3.6,
  • 4.4.0

Fix:

Download the patches for your version of samba, here:

How bad is Badlock?

The severity of Badlock according to the Common Vulnerability Scoring System (CVSS):

CVSS:3.0/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C Base: 7.1 (High); Temporal: 6.4 (Medium)

Notes:

With the release of Samba 4.4.0 on March 22nd the 4.1 release branch has been marked DISCONTINUED (see Samba Release Planning)


Further Reading:

Official badlock website:

Links:

Related Question