=========================================================== == Subject: RC4/HMAC-MD5 NetLogon Secure Channel is weak and should be avoided == == CVE ID#: CVE-2022-38023 == == Versions: All versions of Samba == == Summary: The "RC4" protection of the NetLogon Secure channel uses the == same algorithms as rc4-hmac cryptography in Kerberos, == and so must also be assumed to be weak. =========================================================== =========== Description =========== This is Samba's response to Microsoft's CVE-2022-38023[1][2]. Following RFC8429 and as we are assuming for CVE-2022-3938, rc4-hmac (aslo known as arcfour-hmac-md5) cryptography in Kerberos is weak, then it follows that the RC4 mode in the NETLOGON Secure Channel (DCE/RPC bulk encryption) is also weak, as they are the same cipher (essentially). Therefore we must disable this cipher. In this patch we achive this by setting 'reject md5 clients = yes' and 'reject md5 servers = yes' by default. Thankfully this cipher is unused by most modern member servers, including Windows 8 / Windows 2008R2 and later, however public documentation suggests[1] that NetApp ONTAP still uses RC4 (HMAC-MD5). The following smb.conf: reject md5 clients = yes server reject md5 schannel:triceratops$ = no server reject md5 schannel:greywacke$ = no will allow only "triceratops$" and "greywacke$" to use RC4 (HMAC-MD5) crypography. Additionally we extend default to requiring a full encrypted NETLOGON secure channel. Encryption of the secure channel not only provides overall privacy (particularly against attacks on the individually encrypted elements within the NETLOGON protocol), it also strengthens the RC4 (HMAC-MD5) cipher. Clients that do not support NETLOGON Secure Channel encryption can be exempted in a similar way. The following smb.conf: server schannel require seal = yes server schannel require seal:triceratops$ = no server schannel require seal:greywacke$ = no will allow only "triceratops$" and "greywacke$" to avoid encrypted schannel and operate with signing-only schannel. ================== Patch Availability ================== Patches addressing both these issues have been posted to: https://www.samba.org/samba/security/ Additionally, Samba $VERSIONS have been issued as security releases to correct the defect. Samba administrators are advised to upgrade to these releases or apply the patch as soon as possible. ================== CVSSv3 calculation ================== CVSS:v3.1:AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H (8.1) ==================== Workaround and notes ==================== Setting 'reject md5 clients' (on DCs) and 'reject md5 servers' (on member servers) will avoid this vulnerable protocol. Regarding the encryption requirement, thankfully Samba addressed SamLogon NTLM session key disclosure issue in CVE-2016-2111. On the AD DC with JSON audit logs, we can find domain member servers that use AES (HMAC-SHA256) vs RC4 (HMAC-MD5) via the passwordType element. Note that un-important keys have been dropped for brevity: { "type": "Authentication", "Authentication": { "remoteAddress": "ipv4:10.53.57.29:37589", "serviceDescription": "NETLOGON", "authDescription": "ServerAuthenticate", "clientAccount": "LOCALADMEMBER$", "becameSid": "S-1-5-21-626540054-1513162547-2555510494-1114", "passwordType": "HMAC-SHA256" } } { "type": "Authentication", "Authentication": { "remoteAddress": "ipv4:10.53.57.11:37767", "serviceDescription": "NETLOGON", "authDescription": "ServerAuthenticate", "clientAccount": "samlogontest$", "becameSid": "S-1-5-21-626540054-1513162547-2555510494-1115", "passwordType": "HMAC-MD5" } } ========== References ========== [1] https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-38023 [2] https://support.microsoft.com/en-us/topic/kb5021130-how-to-manage-the-netlogon-protocol-changes-related-to-cve-2022-38023-46ea3067-3989-4d40-963c-680fd9e8ee25 [3] https://kb.netapp.com/Advice_and_Troubleshooting/Data_Storage_Software/ONTAP_OS/Microsoft_Security_Advisory%3A_CVE-2020-1472_impact_on_NetApp_appliance_running_CIFS_NFS_utilizing_Netlogon_servers ======= Credits ======= Microsoft reported this issue at https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-38023 Patches provided by Stefan Metzmacher of SerNet and the Samba team. Advisory written by Andrew Bartlett of Catalyst and the Samba Team. ========================================================== == Our Code, Our Bugs, Our Responsibility. == The Samba Team ==========================================================