Update: Samba Hit With Remote Root Code Execution Bug

Share post:

Samba has fixed a vulnerability in all versions of software prior to 4.13.17 that allowed a remote actor to execute code as root due to an out-of-bounds heap read-write vulnerability.

“The specific flaw exists within the parsing of EA metadata when opening files in smbd. Access as a user that has write access to a file’s extended attributes is required to exploit this vulnerability,” Samba said in its security notice.

Originally recognized by Orange Tsai from Devcore and referred to as CVE-2021-44142, Samba said that the vfs _ fruit module, which improves compatibility for OS X clients, was vulnerable in its default configuration.

If the options fruit:metadata=netatalk or fruit:resource=file are set to something else, the vulnerability will not work, but doing so comes with a caveat.

“Changing the VFS module settings fruit:metadata or fruit:resource to use the unaffected setting causes all stored information to be inaccessible and will make it appear to macOS clients as if the information is lost,” said Samba.

Samba, therefore, recommends the preferred remedy for patches, which is to remove fruit from the configuration.

Versions 4.13.17, 4.14.12, and 4.15.5 of Samba were recently introduced to mitigate the problem. While traditional desktop and server users can upgrade via normal processes, NAS systems, especially older ones, will have to wait for possible firmware upgrades.

For more information read the original story in ZDNet.

SUBSCRIBE NOW

Related articles

DOGE’s Teen Hacker Stirs Concern Over Musk Team’s Access to Federal Databases

A 19-year-old named Edward “Big Balls” Coristine has raised red flags after Wired revealed he holds a key...

Deep Seek and Open Source AI – Without the Hype: Discussion with Robert Falzon, Head of Engineering, Check Point

DeepSeek AI is shaking up the cybersecurity world—are we prepared for the risks? Join host Jim Love and...

Researchers Jailbreak DeepSeek AI, Expose System Prompt and Raise Security Concerns

Security researchers at Wallarm have successfully jailbroken DeepSeek, a recently released open-source AI model from China. The jailbreak...

New SMS Phishing Scam Targets U.S. Toll Road Users with Fake Payment Alerts

Brian Krebs of the Krebs on Security blog did a big piece leading with how residents across the...

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways