"Badlock" SMB vulnerability to be patched April 12

[Alex Keller <axkeller () STANFORD EDU>]

Discovered by Stefan Metzmacher of the Samba core team, he advises "Please get yourself ready to patch all systems on 
this day. We are pretty sure that there will be exploits soon after we publish all relevant information". Stefan's 
colleague Johannes Loxen tweets "#badlock means admin accounts for everybody on the same LAN". Vulnerability apparently 
affects SMB implementation in both Samba and Windows. Researcher David Litchfield speculates "Due to the name 
'Badlock,' I'm guessing controllable memory write after file handle invalidated on broken lock over CIFS".

Scant details:
http://www.theregister.co.uk/2016/03/22/badlock_bug
https://isc.sans.edu/diary/Getting+Ready+for+Badlock/20877

Heartbleed style disclosure site and logo:
http://badlock.org

Kaminsky weighs in on the hype:
http://www.wired.com/2016/03/hype-around-mysterious-badlock-bug-raises-criticism/

Courtesy of SANS handler on duty Johannes Ullrich, Stefan Metzmacher includes a curious comment in Samba's lock.c: 
/* this is quite bizarre - the spec says we must lie about the length! */ 
https://github.com/ccrisan/samba/blob/master/source4/libcli/smb2/lock.c

...hat tip to Tomáš F. for the heads-up.


Alex Keller
Stanford | Engineering
Information Technology
axkeller () stanford edu
(650)736-6421