CVE-2021-44142 Samba Flaw
CVE-2021-44142 is one of several vulnerabilities detected in Samba versions before 4.13.17. The vulnerability is related to an out-of-bounds heap read/write issue in the VFS module.
This module, known as vfs_fruit, provides compatibility with Apple SMB clients. Samba has already released software updates to patch the flaws. If you remain exposed, remote threat actors could execute arbitrary code with the highest privileges.
According to the official advisory, CVE-2021-44142 exists within the parsing of EA metadata when
opening files in smbd. User write access to a file’s extended attributes is required to exploit this vulnerability. It should be noted that this could be a guest or unauthenticated user, in case such users are allowed write access to file extended attributes, the advisory added.
Another important condition to note that the problem in vfs_fruit exists in the default configuration of the fruit VFS module using fruit:metadata=netatalk or fruit:resource=file. In case both options are set to different settings than the default values, the system is not impacted by the vulnerability.
To avoid any issues, we advise you to implement the available patches immediately.
Related: CVE-2018-1050, CVE-2018-1057 Samba Flaws Endanger Servers
Milena Dimitrova
An inspired writer and content manager who has been with SensorsTechForum since the project started. A professional with 10+ years of experience in creating engaging content. Focused on user privacy and malware development, she strongly believes in a world where cybersecurity plays a central role. If common sense makes no sense, she will be there to take notes. Those notes may later turn into articles! Follow Milena @Milenyim
Follow Me: