New Samba bug lets remote attackers run code as root

New Samba bug lets remote attackers run code as root

Short News:-

Samba is a widely used freeware implementation of the Server Message Block (SMB) protocol. Samba versions prior to 4.13.17 are affected by CVE-2021-44142. Security researcher Orange Tsai from DEVCORE has been given credit for the vulnerability.

Detailed News:- New Samba bug lets remote attackers run code as root

On affected installations, Samba has issued software updates to address multiple security flaws that allow remote attackers to execute arbitrary code with the highest level of access.

All Samba versions prior to 4.13.17 are affected by CVE-2021-44142 (out of bounds heap read/write vulnerability in the "vfs fruit" VFS module, which provides compatibility with Apple SMB clients).

In order to share files, printers, and other network resources, Samba is a widely used freeware implementation of the Server Message Block (SMB) protocol.

An out-of-bounds heap read/write vulnerability that allows remote attackers to execute arbitrary code as root on affected Samba installations that use the VFS module vfs fruit has been discovered in Samba prior to 4.13.17," the maintainers of the open-source software wrote in an advisory published on January 31.

Red Hat, SUSE Linux, and Ubuntu are among the Linux distributions affected by this vulnerability, according to the CERT Coordination Center (CERT/CC).

Security researcher Orange Tsai from DEVCORE has been given credit for the vulnerability, which has a CVSS score of 9.9. Tsai previously revealed flaws in Microsoft Exchange Server that were widely exploited. Version 4.14.12 and 4.15.5 of Samba contain the fix as well.

Additional flaws are also addressed by Samba, including two.

SYMLINKS can expose the existence of files or directories outside of the exported share, which is a CVE-2021-44141 (CVSS score: 4.2). (Fixed in Samba version 4.15.5)

The CVE-2022-0336 (CVSS score: 3.1) - Samba AD users with write access to a user's account can pretend to be any service they want. Version 4.13.17, 4.14.12, and 4.15.4 of Samba all fix this issue:

These releases or the patch should be applied as soon as possible in order to mitigate the defect and prevent any potential attacks exploiting it.