Issued: Wednesday, 2 February, 2022 |
Last Revision: Wednesday, 2 February, 2022 |
Vendor: |
Product: |
Severity Level: |
The Samba has patched a critical heap read-write vulnerability that allow remote attackers to execute arbitrary code as root on affected installations of Samba that use the VFS module vfs_fruit.
In vfs_fruit, the issue is caused by the default configuration of the fruit VFS module using fruit:metadata=netatalk or fruit:resource=file. When both options are set to a setting other than default values, the issue does not occur with the vfs_fruit module. In Samba server daemon (smbd), the flaw exists within the parsing of EA metadata during file opening.
In order to exploit this vulnerability, access from a user with write access to the file's extended attributes is required. Note that this could be an unauthenticated user or a guest if such users are allowed to write to files' extended attributes.
Basically, Samba allows Windows and Linux/Unix-based hosts to share files and printing services across a network, providing cross-platform file sharing and printing services. All versions of Samba prior to 4.13.17 are vulnerable.
CVE/Vulnerability | Description | CVSS3.0 Score |
CVE-2021-44142 | Remote Code Execution Vulnerability | 9.9 |
Table 1: Vulnerability details
CVE/Vulnerability | Affected Product(s) |
CVE-2021-44142 | All versions of Samba prior to 4.13.17 |
Table 2: Vulnerable versions
Samba releases 4.13.17, 4.14.12, and 4.15.5 were issued to fix the vulnerability. Organizations are encouraged to upgrade to these releases or apply the patch as soon as possible due to its wider use.