ID

VAR-202201-0295


CVE

CVE-2021-44142


TITLE

Samba vfs_fruit  Out-of-bounds read / write vulnerability due to insecure processing of extended file attributes in module

Trust: 0.8

sources: JVNDB: JVNDB-2022-001296

DESCRIPTION

The Samba vfs_fruit module uses extended file attributes (EA, xattr) to provide "...enhanced compatibility with Apple SMB clients and interoperability with a Netatalk 3 AFP fileserver." Samba versions prior to 4.13.17, 4.14.12 and 4.15.5 with vfs_fruit configured allow out-of-bounds heap read and write via specially crafted extended file attributes. A remote attacker with write access to extended file attributes can execute arbitrary code with the privileges of smbd, typically root. Authentication is not required to exploit this vulnerability.The specific flaw exists within the handling of AppleDouble entries. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. The specific flaw exists within the parsing of EA metadata when opening files in smbd. The problem in vfs_fruit exists in the default configuration of the fruit VFS module using fruit:metadata=netatalk or fruit:resource=file. If both options are set to different settings than the default values, the system is not affected by the security issue. ================== Patch Availability ================== Patches addressing both these issues have been posted to: https://www.samba.org/samba/security/ Additionally, Samba 4.13.17, 4.14.12 and 4.15.5 have been issued as security releases to correct the defect. ================== CVSSv3 calculation ================== CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:F/RL:O/RC:C Base score 9.9. ========== Workaround ========== As a workaround remove the "fruit" VFS module from the list of configured VFS objects in any "vfs objects" line in the Samba configuration smb.conf. Note that changing the VFS module settings fruit:metadata or fruit:resource to use the unaffected setting causes all stored information to be inaccessible and will make it appear to macOS clients as if the information is lost. ======= Credits ======= Originally reported by Orange Tsai from DEVCORE. Patches provided by Ralph Böhme of the Samba team. ========================================================== == Our Code, Our Bugs, Our Responsibility. == The Samba Team ========================================================== . For details on migrating Samba/CTDB configuration files, refer to: https://access.redhat.com/solutions/4311261 5. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Critical: samba security and bug fix update Advisory ID: RHSA-2022:0328-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2022:0328 Issue date: 2022-01-31 CVE Names: CVE-2021-44142 ==================================================================== 1. Summary: An update for samba is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Client (v. 7) - noarch, x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - noarch, x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - noarch, x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - noarch, x86_64 Red Hat Enterprise Linux Server (v. 7) - noarch, ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - noarch, ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Resilient Storage (v. 7) - ppc64le, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - noarch, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - noarch, x86_64 3. Description: Samba is an open-source implementation of the Server Message Block (SMB) protocol and the related Common Internet File System (CIFS) protocol, which allow PC-compatible machines to share files, printers, and various information. Security Fix(es): * samba: Out-of-bounds heap read/write vulnerability in VFS module vfs_fruit allows code execution (CVE-2021-44142) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * Fix CVE-2020-25717 username map [script] advice (BZ#2034800) * Fix Kerberos authentication on standalone server with MIT realm (BZ#2036595) 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 After installing this update, the smb service will be restarted automatically. 5. Package List: Red Hat Enterprise Linux Client (v. 7): Source: samba-4.10.16-18.el7_9.src.rpm noarch: samba-common-4.10.16-18.el7_9.noarch.rpm x86_64: libsmbclient-4.10.16-18.el7_9.i686.rpm libsmbclient-4.10.16-18.el7_9.x86_64.rpm libwbclient-4.10.16-18.el7_9.i686.rpm libwbclient-4.10.16-18.el7_9.x86_64.rpm samba-client-4.10.16-18.el7_9.x86_64.rpm samba-client-libs-4.10.16-18.el7_9.i686.rpm samba-client-libs-4.10.16-18.el7_9.x86_64.rpm samba-common-libs-4.10.16-18.el7_9.i686.rpm samba-common-libs-4.10.16-18.el7_9.x86_64.rpm samba-common-tools-4.10.16-18.el7_9.x86_64.rpm samba-debuginfo-4.10.16-18.el7_9.i686.rpm samba-debuginfo-4.10.16-18.el7_9.x86_64.rpm samba-krb5-printing-4.10.16-18.el7_9.x86_64.rpm samba-libs-4.10.16-18.el7_9.i686.rpm samba-libs-4.10.16-18.el7_9.x86_64.rpm samba-winbind-4.10.16-18.el7_9.x86_64.rpm samba-winbind-clients-4.10.16-18.el7_9.x86_64.rpm samba-winbind-modules-4.10.16-18.el7_9.i686.rpm samba-winbind-modules-4.10.16-18.el7_9.x86_64.rpm Red Hat Enterprise Linux Client Optional (v. 7): noarch: samba-pidl-4.10.16-18.el7_9.noarch.rpm x86_64: libsmbclient-devel-4.10.16-18.el7_9.i686.rpm libsmbclient-devel-4.10.16-18.el7_9.x86_64.rpm libwbclient-devel-4.10.16-18.el7_9.i686.rpm libwbclient-devel-4.10.16-18.el7_9.x86_64.rpm samba-4.10.16-18.el7_9.x86_64.rpm samba-dc-4.10.16-18.el7_9.x86_64.rpm samba-dc-libs-4.10.16-18.el7_9.x86_64.rpm samba-debuginfo-4.10.16-18.el7_9.i686.rpm samba-debuginfo-4.10.16-18.el7_9.x86_64.rpm samba-devel-4.10.16-18.el7_9.i686.rpm samba-devel-4.10.16-18.el7_9.x86_64.rpm samba-python-4.10.16-18.el7_9.i686.rpm samba-python-4.10.16-18.el7_9.x86_64.rpm samba-python-test-4.10.16-18.el7_9.x86_64.rpm samba-test-4.10.16-18.el7_9.x86_64.rpm samba-test-libs-4.10.16-18.el7_9.i686.rpm samba-test-libs-4.10.16-18.el7_9.x86_64.rpm samba-vfs-glusterfs-4.10.16-18.el7_9.x86_64.rpm samba-winbind-krb5-locator-4.10.16-18.el7_9.x86_64.rpm Red Hat Enterprise Linux ComputeNode (v. 7): Source: samba-4.10.16-18.el7_9.src.rpm noarch: samba-common-4.10.16-18.el7_9.noarch.rpm x86_64: libsmbclient-4.10.16-18.el7_9.i686.rpm libsmbclient-4.10.16-18.el7_9.x86_64.rpm libwbclient-4.10.16-18.el7_9.i686.rpm libwbclient-4.10.16-18.el7_9.x86_64.rpm samba-client-4.10.16-18.el7_9.x86_64.rpm samba-client-libs-4.10.16-18.el7_9.i686.rpm samba-client-libs-4.10.16-18.el7_9.x86_64.rpm samba-common-libs-4.10.16-18.el7_9.i686.rpm samba-common-libs-4.10.16-18.el7_9.x86_64.rpm samba-common-tools-4.10.16-18.el7_9.x86_64.rpm samba-debuginfo-4.10.16-18.el7_9.i686.rpm samba-debuginfo-4.10.16-18.el7_9.x86_64.rpm samba-libs-4.10.16-18.el7_9.i686.rpm samba-libs-4.10.16-18.el7_9.x86_64.rpm samba-winbind-4.10.16-18.el7_9.x86_64.rpm samba-winbind-clients-4.10.16-18.el7_9.x86_64.rpm samba-winbind-modules-4.10.16-18.el7_9.i686.rpm samba-winbind-modules-4.10.16-18.el7_9.x86_64.rpm Red Hat Enterprise Linux ComputeNode Optional (v. 7): noarch: samba-pidl-4.10.16-18.el7_9.noarch.rpm x86_64: libsmbclient-devel-4.10.16-18.el7_9.i686.rpm libsmbclient-devel-4.10.16-18.el7_9.x86_64.rpm libwbclient-devel-4.10.16-18.el7_9.i686.rpm libwbclient-devel-4.10.16-18.el7_9.x86_64.rpm samba-4.10.16-18.el7_9.x86_64.rpm samba-dc-4.10.16-18.el7_9.x86_64.rpm samba-dc-libs-4.10.16-18.el7_9.x86_64.rpm samba-debuginfo-4.10.16-18.el7_9.i686.rpm samba-debuginfo-4.10.16-18.el7_9.x86_64.rpm samba-devel-4.10.16-18.el7_9.i686.rpm samba-devel-4.10.16-18.el7_9.x86_64.rpm samba-krb5-printing-4.10.16-18.el7_9.x86_64.rpm samba-python-4.10.16-18.el7_9.i686.rpm samba-python-4.10.16-18.el7_9.x86_64.rpm samba-python-test-4.10.16-18.el7_9.x86_64.rpm samba-test-4.10.16-18.el7_9.x86_64.rpm samba-test-libs-4.10.16-18.el7_9.i686.rpm samba-test-libs-4.10.16-18.el7_9.x86_64.rpm samba-vfs-glusterfs-4.10.16-18.el7_9.x86_64.rpm samba-winbind-krb5-locator-4.10.16-18.el7_9.x86_64.rpm Red Hat Enterprise Linux Server (v. 7): Source: samba-4.10.16-18.el7_9.src.rpm noarch: samba-common-4.10.16-18.el7_9.noarch.rpm ppc64: libsmbclient-4.10.16-18.el7_9.ppc.rpm libsmbclient-4.10.16-18.el7_9.ppc64.rpm libwbclient-4.10.16-18.el7_9.ppc.rpm libwbclient-4.10.16-18.el7_9.ppc64.rpm samba-4.10.16-18.el7_9.ppc64.rpm samba-client-4.10.16-18.el7_9.ppc64.rpm samba-client-libs-4.10.16-18.el7_9.ppc.rpm samba-client-libs-4.10.16-18.el7_9.ppc64.rpm samba-common-libs-4.10.16-18.el7_9.ppc.rpm samba-common-libs-4.10.16-18.el7_9.ppc64.rpm samba-common-tools-4.10.16-18.el7_9.ppc64.rpm samba-debuginfo-4.10.16-18.el7_9.ppc.rpm samba-debuginfo-4.10.16-18.el7_9.ppc64.rpm samba-krb5-printing-4.10.16-18.el7_9.ppc64.rpm samba-libs-4.10.16-18.el7_9.ppc.rpm samba-libs-4.10.16-18.el7_9.ppc64.rpm samba-winbind-4.10.16-18.el7_9.ppc64.rpm samba-winbind-clients-4.10.16-18.el7_9.ppc64.rpm samba-winbind-modules-4.10.16-18.el7_9.ppc.rpm samba-winbind-modules-4.10.16-18.el7_9.ppc64.rpm ppc64le: libsmbclient-4.10.16-18.el7_9.ppc64le.rpm libwbclient-4.10.16-18.el7_9.ppc64le.rpm samba-4.10.16-18.el7_9.ppc64le.rpm samba-client-4.10.16-18.el7_9.ppc64le.rpm samba-client-libs-4.10.16-18.el7_9.ppc64le.rpm samba-common-libs-4.10.16-18.el7_9.ppc64le.rpm samba-common-tools-4.10.16-18.el7_9.ppc64le.rpm samba-debuginfo-4.10.16-18.el7_9.ppc64le.rpm samba-krb5-printing-4.10.16-18.el7_9.ppc64le.rpm samba-libs-4.10.16-18.el7_9.ppc64le.rpm samba-winbind-4.10.16-18.el7_9.ppc64le.rpm samba-winbind-clients-4.10.16-18.el7_9.ppc64le.rpm samba-winbind-modules-4.10.16-18.el7_9.ppc64le.rpm s390x: libsmbclient-4.10.16-18.el7_9.s390.rpm libsmbclient-4.10.16-18.el7_9.s390x.rpm libwbclient-4.10.16-18.el7_9.s390.rpm libwbclient-4.10.16-18.el7_9.s390x.rpm samba-4.10.16-18.el7_9.s390x.rpm samba-client-4.10.16-18.el7_9.s390x.rpm samba-client-libs-4.10.16-18.el7_9.s390.rpm samba-client-libs-4.10.16-18.el7_9.s390x.rpm samba-common-libs-4.10.16-18.el7_9.s390.rpm samba-common-libs-4.10.16-18.el7_9.s390x.rpm samba-common-tools-4.10.16-18.el7_9.s390x.rpm samba-debuginfo-4.10.16-18.el7_9.s390.rpm samba-debuginfo-4.10.16-18.el7_9.s390x.rpm samba-krb5-printing-4.10.16-18.el7_9.s390x.rpm samba-libs-4.10.16-18.el7_9.s390.rpm samba-libs-4.10.16-18.el7_9.s390x.rpm samba-winbind-4.10.16-18.el7_9.s390x.rpm samba-winbind-clients-4.10.16-18.el7_9.s390x.rpm samba-winbind-modules-4.10.16-18.el7_9.s390.rpm samba-winbind-modules-4.10.16-18.el7_9.s390x.rpm x86_64: libsmbclient-4.10.16-18.el7_9.i686.rpm libsmbclient-4.10.16-18.el7_9.x86_64.rpm libwbclient-4.10.16-18.el7_9.i686.rpm libwbclient-4.10.16-18.el7_9.x86_64.rpm samba-4.10.16-18.el7_9.x86_64.rpm samba-client-4.10.16-18.el7_9.x86_64.rpm samba-client-libs-4.10.16-18.el7_9.i686.rpm samba-client-libs-4.10.16-18.el7_9.x86_64.rpm samba-common-libs-4.10.16-18.el7_9.i686.rpm samba-common-libs-4.10.16-18.el7_9.x86_64.rpm samba-common-tools-4.10.16-18.el7_9.x86_64.rpm samba-debuginfo-4.10.16-18.el7_9.i686.rpm samba-debuginfo-4.10.16-18.el7_9.x86_64.rpm samba-krb5-printing-4.10.16-18.el7_9.x86_64.rpm samba-libs-4.10.16-18.el7_9.i686.rpm samba-libs-4.10.16-18.el7_9.x86_64.rpm samba-python-4.10.16-18.el7_9.i686.rpm samba-python-4.10.16-18.el7_9.x86_64.rpm samba-winbind-4.10.16-18.el7_9.x86_64.rpm samba-winbind-clients-4.10.16-18.el7_9.x86_64.rpm samba-winbind-modules-4.10.16-18.el7_9.i686.rpm samba-winbind-modules-4.10.16-18.el7_9.x86_64.rpm Red Hat Enterprise Linux Server Resilient Storage (v. 7): ppc64le: ctdb-4.10.16-18.el7_9.ppc64le.rpm ctdb-tests-4.10.16-18.el7_9.ppc64le.rpm samba-debuginfo-4.10.16-18.el7_9.ppc64le.rpm s390x: ctdb-4.10.16-18.el7_9.s390x.rpm ctdb-tests-4.10.16-18.el7_9.s390x.rpm samba-debuginfo-4.10.16-18.el7_9.s390x.rpm x86_64: ctdb-4.10.16-18.el7_9.x86_64.rpm ctdb-tests-4.10.16-18.el7_9.x86_64.rpm samba-debuginfo-4.10.16-18.el7_9.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 7): noarch: samba-pidl-4.10.16-18.el7_9.noarch.rpm ppc64: libsmbclient-devel-4.10.16-18.el7_9.ppc.rpm libsmbclient-devel-4.10.16-18.el7_9.ppc64.rpm libwbclient-devel-4.10.16-18.el7_9.ppc.rpm libwbclient-devel-4.10.16-18.el7_9.ppc64.rpm samba-dc-4.10.16-18.el7_9.ppc64.rpm samba-dc-libs-4.10.16-18.el7_9.ppc64.rpm samba-debuginfo-4.10.16-18.el7_9.ppc.rpm samba-debuginfo-4.10.16-18.el7_9.ppc64.rpm samba-devel-4.10.16-18.el7_9.ppc.rpm samba-devel-4.10.16-18.el7_9.ppc64.rpm samba-python-4.10.16-18.el7_9.ppc.rpm samba-python-4.10.16-18.el7_9.ppc64.rpm samba-python-test-4.10.16-18.el7_9.ppc64.rpm samba-test-4.10.16-18.el7_9.ppc64.rpm samba-test-libs-4.10.16-18.el7_9.ppc.rpm samba-test-libs-4.10.16-18.el7_9.ppc64.rpm samba-winbind-krb5-locator-4.10.16-18.el7_9.ppc64.rpm ppc64le: libsmbclient-devel-4.10.16-18.el7_9.ppc64le.rpm libwbclient-devel-4.10.16-18.el7_9.ppc64le.rpm samba-dc-4.10.16-18.el7_9.ppc64le.rpm samba-dc-libs-4.10.16-18.el7_9.ppc64le.rpm samba-debuginfo-4.10.16-18.el7_9.ppc64le.rpm samba-devel-4.10.16-18.el7_9.ppc64le.rpm samba-python-4.10.16-18.el7_9.ppc64le.rpm samba-python-test-4.10.16-18.el7_9.ppc64le.rpm samba-test-4.10.16-18.el7_9.ppc64le.rpm samba-test-libs-4.10.16-18.el7_9.ppc64le.rpm samba-winbind-krb5-locator-4.10.16-18.el7_9.ppc64le.rpm s390x: libsmbclient-devel-4.10.16-18.el7_9.s390.rpm libsmbclient-devel-4.10.16-18.el7_9.s390x.rpm libwbclient-devel-4.10.16-18.el7_9.s390.rpm libwbclient-devel-4.10.16-18.el7_9.s390x.rpm samba-dc-4.10.16-18.el7_9.s390x.rpm samba-dc-libs-4.10.16-18.el7_9.s390x.rpm samba-debuginfo-4.10.16-18.el7_9.s390.rpm samba-debuginfo-4.10.16-18.el7_9.s390x.rpm samba-devel-4.10.16-18.el7_9.s390.rpm samba-devel-4.10.16-18.el7_9.s390x.rpm samba-python-4.10.16-18.el7_9.s390.rpm samba-python-4.10.16-18.el7_9.s390x.rpm samba-python-test-4.10.16-18.el7_9.s390x.rpm samba-test-4.10.16-18.el7_9.s390x.rpm samba-test-libs-4.10.16-18.el7_9.s390.rpm samba-test-libs-4.10.16-18.el7_9.s390x.rpm samba-winbind-krb5-locator-4.10.16-18.el7_9.s390x.rpm x86_64: libsmbclient-devel-4.10.16-18.el7_9.i686.rpm libsmbclient-devel-4.10.16-18.el7_9.x86_64.rpm libwbclient-devel-4.10.16-18.el7_9.i686.rpm libwbclient-devel-4.10.16-18.el7_9.x86_64.rpm samba-dc-4.10.16-18.el7_9.x86_64.rpm samba-dc-libs-4.10.16-18.el7_9.x86_64.rpm samba-debuginfo-4.10.16-18.el7_9.i686.rpm samba-debuginfo-4.10.16-18.el7_9.x86_64.rpm samba-devel-4.10.16-18.el7_9.i686.rpm samba-devel-4.10.16-18.el7_9.x86_64.rpm samba-python-test-4.10.16-18.el7_9.x86_64.rpm samba-test-4.10.16-18.el7_9.x86_64.rpm samba-test-libs-4.10.16-18.el7_9.i686.rpm samba-test-libs-4.10.16-18.el7_9.x86_64.rpm samba-vfs-glusterfs-4.10.16-18.el7_9.x86_64.rpm samba-winbind-krb5-locator-4.10.16-18.el7_9.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 7): Source: samba-4.10.16-18.el7_9.src.rpm noarch: samba-common-4.10.16-18.el7_9.noarch.rpm x86_64: libsmbclient-4.10.16-18.el7_9.i686.rpm libsmbclient-4.10.16-18.el7_9.x86_64.rpm libwbclient-4.10.16-18.el7_9.i686.rpm libwbclient-4.10.16-18.el7_9.x86_64.rpm samba-4.10.16-18.el7_9.x86_64.rpm samba-client-4.10.16-18.el7_9.x86_64.rpm samba-client-libs-4.10.16-18.el7_9.i686.rpm samba-client-libs-4.10.16-18.el7_9.x86_64.rpm samba-common-libs-4.10.16-18.el7_9.i686.rpm samba-common-libs-4.10.16-18.el7_9.x86_64.rpm samba-common-tools-4.10.16-18.el7_9.x86_64.rpm samba-debuginfo-4.10.16-18.el7_9.i686.rpm samba-debuginfo-4.10.16-18.el7_9.x86_64.rpm samba-krb5-printing-4.10.16-18.el7_9.x86_64.rpm samba-libs-4.10.16-18.el7_9.i686.rpm samba-libs-4.10.16-18.el7_9.x86_64.rpm samba-python-4.10.16-18.el7_9.i686.rpm samba-python-4.10.16-18.el7_9.x86_64.rpm samba-winbind-4.10.16-18.el7_9.x86_64.rpm samba-winbind-clients-4.10.16-18.el7_9.x86_64.rpm samba-winbind-modules-4.10.16-18.el7_9.i686.rpm samba-winbind-modules-4.10.16-18.el7_9.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 7): noarch: samba-pidl-4.10.16-18.el7_9.noarch.rpm x86_64: libsmbclient-devel-4.10.16-18.el7_9.i686.rpm libsmbclient-devel-4.10.16-18.el7_9.x86_64.rpm libwbclient-devel-4.10.16-18.el7_9.i686.rpm libwbclient-devel-4.10.16-18.el7_9.x86_64.rpm samba-dc-4.10.16-18.el7_9.x86_64.rpm samba-dc-libs-4.10.16-18.el7_9.x86_64.rpm samba-debuginfo-4.10.16-18.el7_9.i686.rpm samba-debuginfo-4.10.16-18.el7_9.x86_64.rpm samba-devel-4.10.16-18.el7_9.i686.rpm samba-devel-4.10.16-18.el7_9.x86_64.rpm samba-python-test-4.10.16-18.el7_9.x86_64.rpm samba-test-4.10.16-18.el7_9.x86_64.rpm samba-test-libs-4.10.16-18.el7_9.i686.rpm samba-test-libs-4.10.16-18.el7_9.x86_64.rpm samba-vfs-glusterfs-4.10.16-18.el7_9.x86_64.rpm samba-winbind-krb5-locator-4.10.16-18.el7_9.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2021-44142 https://access.redhat.com/security/updates/classification/#critical 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2022 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBYfg3utzjgjWX9erEAQiW5A/9FfMdoVM57m1MQWjHSyxSKaaQzRG4nASl XluNgbIP6XShKejIacSixa+57y/+xm7ZtQwJvURtwj3JKut6gCnyMqohQ72Pn4YU Wxq0DjNBf33FT0hN7GprY4a2/wOwsC+m1jVhvawZ11IQnRUbDi1pIJFellXUpPVW SUE2sPTqWbePWxPaQmWxXrcrw0f5XLqqHiCV+ME6nF6TVd/LFMvF1b118XEzNmma 7iBvSiORi+3NJTp+vYGgy6tA7ikpeFvLAPpkzUB/XTbF9TMWcKil1L9ceYadt9cR XiNY3Y/n6GdKZt04nwtbpXlS4kq/y5vIVycRT3ZKBAciVbTdJ9a9pTsocdyvrIQq /feWDP1ATyO4NUUUbAbZXgB9RohhFVOs4eCmLTy5XLBWnw2d744/hXwcpyY9F/Rq gPxzyXXAFthavOgezzVEK3T8un3R75UlJZh4R4D5iDzXdQRIK9cT5HrUs3Xz5aTD GyETh0QfGPJlCRTs3saG0+oB197Rtk872NrSeLsiT5XuKUzADuJow759pmIaeZbg EgoDOiKfSp15EvEcbLyx+LYDOPgB2QAZhvKbN52qfxTPzMczmPAE0vStTa5EJlYD G3KQ/ZOObJA1m9/Q9vFv6yAhUAOu8N/n8Vg5nAdOrhCkI5+Pge0N6drabsQQXkzA iv62kDMkb+Q=NKmo -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://listman.redhat.com/mailman/listinfo/rhsa-announce . 8) - aarch64, noarch, ppc64le, s390x, x86_64 3. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 202309-06 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: High Title: Samba: Multiple Vulnerabilities Date: September 17, 2023 Bugs: #820566, #821688, #830983, #832433, #861512, #866225, #869122, #878273, #880437, #886153, #903621, #905320, #910334 ID: 202309-06 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== Multiple vulnerabilities have been discovered in Samba, the worst of which could result in root remote code execution. Background ========== Samba is a suite of SMB and CIFS client/server programs. Affected packages ================= Package Vulnerable Unaffected ------------ ------------ ------------ net-fs/samba < 4.18.4 >= 4.18.4 Description =========== Multiple vulnerabilities have been discovered in Samba. Please review the CVE identifiers referenced below for details. Impact ====== Please review the referenced CVE identifiers for details. Workaround ========== There is no known workaround at this time. Resolution ========== All Samba users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=net-fs/samba-4.18.4" References ========== [ 1 ] CVE-2007-4559 https://nvd.nist.gov/vuln/detail/CVE-2007-4559 [ 2 ] CVE-2016-2124 https://nvd.nist.gov/vuln/detail/CVE-2016-2124 [ 3 ] CVE-2020-17049 https://nvd.nist.gov/vuln/detail/CVE-2020-17049 [ 4 ] CVE-2020-25717 https://nvd.nist.gov/vuln/detail/CVE-2020-25717 [ 5 ] CVE-2020-25718 https://nvd.nist.gov/vuln/detail/CVE-2020-25718 [ 6 ] CVE-2020-25719 https://nvd.nist.gov/vuln/detail/CVE-2020-25719 [ 7 ] CVE-2020-25721 https://nvd.nist.gov/vuln/detail/CVE-2020-25721 [ 8 ] CVE-2020-25722 https://nvd.nist.gov/vuln/detail/CVE-2020-25722 [ 9 ] CVE-2021-3670 https://nvd.nist.gov/vuln/detail/CVE-2021-3670 [ 10 ] CVE-2021-3738 https://nvd.nist.gov/vuln/detail/CVE-2021-3738 [ 11 ] CVE-2021-20251 https://nvd.nist.gov/vuln/detail/CVE-2021-20251 [ 12 ] CVE-2021-20316 https://nvd.nist.gov/vuln/detail/CVE-2021-20316 [ 13 ] CVE-2021-23192 https://nvd.nist.gov/vuln/detail/CVE-2021-23192 [ 14 ] CVE-2021-44141 https://nvd.nist.gov/vuln/detail/CVE-2021-44141 [ 15 ] CVE-2021-44142 https://nvd.nist.gov/vuln/detail/CVE-2021-44142 [ 16 ] CVE-2022-0336 https://nvd.nist.gov/vuln/detail/CVE-2022-0336 [ 17 ] CVE-2022-1615 https://nvd.nist.gov/vuln/detail/CVE-2022-1615 [ 18 ] CVE-2022-2031 https://nvd.nist.gov/vuln/detail/CVE-2022-2031 [ 19 ] CVE-2022-3437 https://nvd.nist.gov/vuln/detail/CVE-2022-3437 [ 20 ] CVE-2022-3592 https://nvd.nist.gov/vuln/detail/CVE-2022-3592 [ 21 ] CVE-2022-32742 https://nvd.nist.gov/vuln/detail/CVE-2022-32742 [ 22 ] CVE-2022-32743 https://nvd.nist.gov/vuln/detail/CVE-2022-32743 [ 23 ] CVE-2022-32744 https://nvd.nist.gov/vuln/detail/CVE-2022-32744 [ 24 ] CVE-2022-32745 https://nvd.nist.gov/vuln/detail/CVE-2022-32745 [ 25 ] CVE-2022-32746 https://nvd.nist.gov/vuln/detail/CVE-2022-32746 [ 26 ] CVE-2022-37966 https://nvd.nist.gov/vuln/detail/CVE-2022-37966 [ 27 ] CVE-2022-37967 https://nvd.nist.gov/vuln/detail/CVE-2022-37967 [ 28 ] CVE-2022-38023 https://nvd.nist.gov/vuln/detail/CVE-2022-38023 [ 29 ] CVE-2022-42898 https://nvd.nist.gov/vuln/detail/CVE-2022-42898 [ 30 ] CVE-2022-45141 https://nvd.nist.gov/vuln/detail/CVE-2022-45141 [ 31 ] CVE-2023-0225 https://nvd.nist.gov/vuln/detail/CVE-2023-0225 [ 32 ] CVE-2023-0614 https://nvd.nist.gov/vuln/detail/CVE-2023-0614 [ 33 ] CVE-2023-0922 https://nvd.nist.gov/vuln/detail/CVE-2023-0922 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/202309-06 Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2023 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. https://creativecommons.org/licenses/by-sa/2.5

Trust: 4.41

sources: NVD: CVE-2021-44142 // JVNDB: JVNDB-2022-001296 // ZDI: ZDI-22-246 // ZDI: ZDI-22-245 // ZDI: ZDI-22-244 // VULHUB: VHN-406753 // VULMON: CVE-2021-44142 // PACKETSTORM: 165801 // PACKETSTORM: 165906 // PACKETSTORM: 166138 // PACKETSTORM: 166137 // PACKETSTORM: 165793 // PACKETSTORM: 165790 // PACKETSTORM: 165788 // PACKETSTORM: 174695

AFFECTED PRODUCTS

vendor:sambamodel:sambascope: - version: -

Trust: 2.1

vendor:redhatmodel:enterprise linux workstationscope:eqversion:7.0

Trust: 1.0

vendor:redhatmodel:gluster storagescope:eqversion:3.5

Trust: 1.0

vendor:redhatmodel:enterprise linux eusscope:eqversion:8.4

Trust: 1.0

vendor:redhatmodel:enterprise linux resilient storagescope:eqversion:7.0

Trust: 1.0

vendor:redhatmodel:enterprise linux for ibm z systemsscope:eqversion:7.0

Trust: 1.0

vendor:redhatmodel:enterprise linux server update services for sap solutionsscope:eqversion:8.1

Trust: 1.0

vendor:canonicalmodel:ubuntu linuxscope:eqversion:21.10

Trust: 1.0

vendor:redhatmodel:enterprise linux server update services for sap solutionsscope:eqversion:8.4

Trust: 1.0

vendor:canonicalmodel:ubuntu linuxscope:eqversion:16.04

Trust: 1.0

vendor:canonicalmodel:ubuntu linuxscope:eqversion:14.04

Trust: 1.0

vendor:fedoraprojectmodel:fedorascope:eqversion:34

Trust: 1.0

vendor:fedoraprojectmodel:fedorascope:eqversion:35

Trust: 1.0

vendor:redhatmodel:enterprise linux for power little endian eusscope:eqversion:8.2

Trust: 1.0

vendor:redhatmodel:enterprise linuxscope:eqversion:7.0

Trust: 1.0

vendor:synologymodel:diskstation managerscope:ltversion:6.2.4-25556.4

Trust: 1.0

vendor:redhatmodel:enterprise linux for power big endianscope:eqversion:7.0

Trust: 1.0

vendor:redhatmodel:enterprise linux server ausscope:eqversion:8.4

Trust: 1.0

vendor:redhatmodel:enterprise linux desktopscope:eqversion:7.0

Trust: 1.0

vendor:debianmodel:linuxscope:eqversion:10.0

Trust: 1.0

vendor:redhatmodel:enterprise linux server tusscope:eqversion:8.4

Trust: 1.0

vendor:redhatmodel:enterprise linux serverscope:eqversion:8.1

Trust: 1.0

vendor:redhatmodel:virtualization hostscope:eqversion:4.0

Trust: 1.0

vendor:redhatmodel:enterprise linux for ibm z systems eusscope:eqversion:8.2

Trust: 1.0

vendor:redhatmodel:enterprise linux for power little endianscope:eqversion:7.0

Trust: 1.0

vendor:canonicalmodel:ubuntu linuxscope:eqversion:20.04

Trust: 1.0

vendor:redhatmodel:enterprise linux for ibm z systemsscope:eqversion:8.0

Trust: 1.0

vendor:redhatmodel:codeready linux builderscope:eqversion: -

Trust: 1.0

vendor:redhatmodel:enterprise linux for power little endian eusscope:eqversion:8.4

Trust: 1.0

vendor:redhatmodel:enterprise linux eusscope:eqversion:8.2

Trust: 1.0

vendor:sambamodel:sambascope:ltversion:4.15.5

Trust: 1.0

vendor:debianmodel:linuxscope:eqversion:11.0

Trust: 1.0

vendor:redhatmodel:enterprise linuxscope:eqversion:8.0

Trust: 1.0

vendor:redhatmodel:enterprise linux server update services for sap solutionsscope:eqversion:8.2

Trust: 1.0

vendor:synologymodel:diskstation managerscope:gteversion:6.2

Trust: 1.0

vendor:redhatmodel:enterprise linux for scientific computingscope:eqversion:7.0

Trust: 1.0

vendor:canonicalmodel:ubuntu linuxscope:eqversion:18.04

Trust: 1.0

vendor:sambamodel:sambascope:gteversion:4.14.0

Trust: 1.0

vendor:redhatmodel:enterprise linux for ibm z systems eusscope:eqversion:8.4

Trust: 1.0

vendor:sambamodel:sambascope:gteversion:4.15.0

Trust: 1.0

vendor:sambamodel:sambascope:ltversion:4.13.17

Trust: 1.0

vendor:redhatmodel:enterprise linux for power little endianscope:eqversion:8.0

Trust: 1.0

vendor:redhatmodel:enterprise linux server ausscope:eqversion:8.2

Trust: 1.0

vendor:sambamodel:sambascope:ltversion:4.14.12

Trust: 1.0

vendor:redhatmodel:enterprise linux server tusscope:eqversion:8.2

Trust: 1.0

vendor:redhatmodel:enterprise linux serverscope:eqversion:7.0

Trust: 1.0

vendor:sambamodel:sambascope:ltversion:4.13.17 earlier s

Trust: 0.8

vendor:sambamodel:sambascope:eqversion: -

Trust: 0.8

sources: ZDI: ZDI-22-246 // ZDI: ZDI-22-245 // ZDI: ZDI-22-244 // JVNDB: JVNDB-2022-001296 // NVD: CVE-2021-44142

CVSS

SEVERITY

CVSSV2

CVSSV3

ZDI: CVE-2021-44142
value: CRITICAL

Trust: 1.4

nvd@nist.gov: CVE-2021-44142
value: HIGH

Trust: 1.0

OTHER: JVNDB-2022-001296
value: CRITICAL

Trust: 0.8

ZDI: CVE-2021-44142
value: MEDIUM

Trust: 0.7

VULHUB: VHN-406753
value: HIGH

Trust: 0.1

VULMON: CVE-2021-44142
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2021-44142
severity: HIGH
baseScore: 9.0
vectorString: AV:N/AC:L/AU:S/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 8.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.1

VULHUB: VHN-406753
severity: HIGH
baseScore: 9.0
vectorString: AV:N/AC:L/AU:S/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 8.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

ZDI: CVE-2021-44142
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 5.9
version: 3.0

Trust: 1.4

nvd@nist.gov: CVE-2021-44142
baseSeverity: HIGH
baseScore: 8.8
vectorString: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 2.8
impactScore: 5.9
version: 3.1

Trust: 1.0

OTHER: JVNDB-2022-001296
baseSeverity: CRITICAL
baseScore: 9.9
vectorString: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: CHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

ZDI: CVE-2021-44142
baseSeverity: MEDIUM
baseScore: 5.3
vectorString: AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: LOW
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 1.4
version: 3.0

Trust: 0.7

sources: ZDI: ZDI-22-246 // ZDI: ZDI-22-245 // ZDI: ZDI-22-244 // VULHUB: VHN-406753 // VULMON: CVE-2021-44142 // JVNDB: JVNDB-2022-001296 // NVD: CVE-2021-44142

PROBLEMTYPE DATA

problemtype:CWE-125

Trust: 1.1

problemtype:CWE-787

Trust: 1.1

sources: VULHUB: VHN-406753 // NVD: CVE-2021-44142

THREAT TYPE

remote

Trust: 0.2

sources: PACKETSTORM: 165801 // PACKETSTORM: 174695

TYPE

code execution

Trust: 0.7

sources: PACKETSTORM: 165906 // PACKETSTORM: 166138 // PACKETSTORM: 166137 // PACKETSTORM: 165793 // PACKETSTORM: 165791 // PACKETSTORM: 165790 // PACKETSTORM: 165788

EXPLOIT AVAILABILITY

sources: VULHUB: VHN-406753

PATCH

title:Out-of-bounds heap read/write vulnerability in VFS module vfs_fruit allows code execution The Samba-Bugzillaurl:https://www.samba.org/samba/security/CVE-2021-44142.html

Trust: 2.9

title:Red Hat: Critical: samba security and bug fix updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20220332 - Security Advisory

Trust: 0.1

title:Ubuntu Security Notice: USN-5260-2: Samba vulnerabilityurl:https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice&qid=USN-5260-2

Trust: 0.1

title:Red Hat: Critical: samba security and bug fix updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20220331 - Security Advisory

Trust: 0.1

title:Ubuntu Security Notice: USN-5260-3: Samba vulnerabilityurl:https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice&qid=USN-5260-3

Trust: 0.1

title:Red Hat: Critical: samba security updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20220457 - Security Advisory

Trust: 0.1

title:Red Hat: Critical: samba security updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20220329 - Security Advisory

Trust: 0.1

title:Red Hat: Critical: samba security updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20220664 - Security Advisory

Trust: 0.1

title:Red Hat: Critical: samba security updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20220458 - Security Advisory

Trust: 0.1

title:Red Hat: Critical: samba security updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20220663 - Security Advisory

Trust: 0.1

title:Red Hat: Critical: samba security and bug fix updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20220328 - Security Advisory

Trust: 0.1

title:Red Hat: Critical: samba security updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20220330 - Security Advisory

Trust: 0.1

title:Debian CVElist Bug Report Logs: samba: CVE-2021-44142url:https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs&qid=a2808bd91ead4fb4ad90e6c138690723

Trust: 0.1

title:Ubuntu Security Notice: USN-5260-1: Samba vulnerabilitiesurl:https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice&qid=USN-5260-1

Trust: 0.1

title:Debian Security Advisories: DSA-5071-1 samba -- security updateurl:https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories&qid=966a313ce95b33748fba988c48abb6d6

Trust: 0.1

title:Amazon Linux 2: ALAS2-2022-1746url:https://vulmon.com/vendoradvisory?qidtp=amazon_linux2&qid=ALAS2-2022-1746

Trust: 0.1

title:Arch Linux Issues: url:https://vulmon.com/vendoradvisory?qidtp=arch_linux_issues&qid=CVE-2021-44142

Trust: 0.1

title:Amazon Linux AMI: ALAS-2022-1564url:https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami&qid=ALAS-2022-1564

Trust: 0.1

title:Amazon Linux 2022: ALAS-2022-224url:https://vulmon.com/vendoradvisory?qidtp=amazon_linux2022&qid=ALAS-2022-224

Trust: 0.1

title:Amazon Linux 2022: ALAS2022-2022-022url:https://vulmon.com/vendoradvisory?qidtp=amazon_linux2022&qid=ALAS2022-2022-022

Trust: 0.1

title:CVE-2021-44142 Vulnerability Checkerurl:https://github.com/horizon3ai/CVE-2021-44142

Trust: 0.1

title:CVE-2021-44142 Vulnerability Checkerurl:https://github.com/hrsman/Samba-CVE-2021-44142

Trust: 0.1

title:CVE-2021-44142 Storytaleurl:https://github.com/gudyrmik/CVE-2021-44142

Trust: 0.1

title:CVE-2020-0609 CVE-2020-0796 CVE-2021-44142 CVE-2022-41040 CVE-2022-47966 Scannerurl:https://github.com/stalker3343/diplom

Trust: 0.1

title:Repository with scripts to verify system against CVEurl:https://github.com/backloop-biz/Vulnerability_checker

Trust: 0.1

title:Repository with scripts to verify system against CVEurl:https://github.com/backloop-biz/CVE_checks

Trust: 0.1

title:Threatposturl:https://threatpost.com/samba-fruit-bug-rce-root-access/178141/

Trust: 0.1

title:The Registerurl:https://www.theregister.co.uk/2022/02/02/samba_vfs_fruit_vulnerability/

Trust: 0.1

sources: ZDI: ZDI-22-246 // ZDI: ZDI-22-245 // ZDI: ZDI-22-244 // VULMON: CVE-2021-44142 // JVNDB: JVNDB-2022-001296

EXTERNAL IDS

db:NVDid:CVE-2021-44142

Trust: 5.0

db:CERT/CCid:VU#119678

Trust: 2.0

db:ZDIid:ZDI-22-244

Trust: 0.8

db:JVNid:JVNVU92602689

Trust: 0.8

db:JVNDBid:JVNDB-2022-001296

Trust: 0.8

db:ZDI_CANid:ZDI-CAN-15846

Trust: 0.7

db:ZDIid:ZDI-22-246

Trust: 0.7

db:ZDI_CANid:ZDI-CAN-15833

Trust: 0.7

db:ZDIid:ZDI-22-245

Trust: 0.7

db:ZDI_CANid:ZDI-CAN-16156

Trust: 0.7

db:PACKETSTORMid:166137

Trust: 0.2

db:PACKETSTORMid:165793

Trust: 0.2

db:PACKETSTORMid:166138

Trust: 0.2

db:PACKETSTORMid:165791

Trust: 0.2

db:PACKETSTORMid:165906

Trust: 0.2

db:PACKETSTORMid:165788

Trust: 0.2

db:PACKETSTORMid:165790

Trust: 0.2

db:PACKETSTORMid:165801

Trust: 0.2

db:PACKETSTORMid:165796

Trust: 0.1

db:PACKETSTORMid:165789

Trust: 0.1

db:PACKETSTORMid:165797

Trust: 0.1

db:PACKETSTORMid:165842

Trust: 0.1

db:PACKETSTORMid:165905

Trust: 0.1

db:VULHUBid:VHN-406753

Trust: 0.1

db:VULMONid:CVE-2021-44142

Trust: 0.1

db:PACKETSTORMid:174695

Trust: 0.1

sources: ZDI: ZDI-22-246 // ZDI: ZDI-22-245 // ZDI: ZDI-22-244 // VULHUB: VHN-406753 // VULMON: CVE-2021-44142 // JVNDB: JVNDB-2022-001296 // PACKETSTORM: 165801 // PACKETSTORM: 165906 // PACKETSTORM: 166138 // PACKETSTORM: 166137 // PACKETSTORM: 165793 // PACKETSTORM: 165791 // PACKETSTORM: 165790 // PACKETSTORM: 165788 // PACKETSTORM: 174695 // NVD: CVE-2021-44142

REFERENCES

url:https://www.samba.org/samba/security/cve-2021-44142.html

Trust: 3.4

url:https://kb.cert.org/vuls/id/119678

Trust: 2.0

url:https://bugzilla.samba.org/show_bug.cgi?id=14914

Trust: 1.2

url:https://www.zerodayinitiative.com/blog/2022/2/1/cve-2021-44142-details-on-a-samba-code-execution-bug-demonstrated-at-pwn2own-austin

Trust: 1.2

url:https://security.gentoo.org/glsa/202309-06

Trust: 1.2

url:https://www.kb.cert.org/vuls/id/119678

Trust: 1.0

url:https://nvd.nist.gov/vuln/detail/cve-2021-44142

Trust: 0.9

url:https://jvn.jp/vu/jvnvu92602689/

Trust: 0.8

url:https://listman.redhat.com/mailman/listinfo/rhsa-announce

Trust: 0.7

url:https://access.redhat.com/articles/11258

Trust: 0.7

url:https://access.redhat.com/security/team/key/

Trust: 0.7

url:https://access.redhat.com/security/cve/cve-2021-44142

Trust: 0.7

url:https://access.redhat.com/security/updates/classification/#critical

Trust: 0.7

url:https://bugzilla.redhat.com/):

Trust: 0.7

url:https://access.redhat.com/security/team/contact/

Trust: 0.7

url:https://cwe.mitre.org/data/definitions/125.html

Trust: 0.1

url:https://cwe.mitre.org/data/definitions/787.html

Trust: 0.1

url:https://github.com/horizon3ai/cve-2021-44142

Trust: 0.1

url:https://ubuntu.com/security/notices/usn-5260-2

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

url:https://www.zerodayinitiative.com/advisories/zdi-22-244/

Trust: 0.1

url:https://www.samba.org/samba/security/

Trust: 0.1

url:https://access.redhat.com/solutions/4311261

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2022:0457

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2022:0663

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2022:0664

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2022:0331

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2022:0330

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2022:0328

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2022:0332

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-25719

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-37966

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-3592

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-25717

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-1615

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-25722

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-32742

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-25718

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-44141

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-42898

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-3738

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-32746

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-3670

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-32744

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-37967

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-0336

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-20316

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-32743

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-17049

Trust: 0.1

url:https://creativecommons.org/licenses/by-sa/2.5

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-38023

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2023-0922

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-3437

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-20251

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2023-0614

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2007-4559

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-32745

Trust: 0.1

url:https://bugs.gentoo.org.

Trust: 0.1

url:https://security.gentoo.org/

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-25721

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2016-2124

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-45141

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-2031

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2023-0225

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-23192

Trust: 0.1

sources: ZDI: ZDI-22-246 // ZDI: ZDI-22-245 // ZDI: ZDI-22-244 // VULHUB: VHN-406753 // VULMON: CVE-2021-44142 // JVNDB: JVNDB-2022-001296 // PACKETSTORM: 165801 // PACKETSTORM: 165906 // PACKETSTORM: 166138 // PACKETSTORM: 166137 // PACKETSTORM: 165793 // PACKETSTORM: 165791 // PACKETSTORM: 165790 // PACKETSTORM: 165788 // PACKETSTORM: 174695 // NVD: CVE-2021-44142

CREDITS

Nguyen Hoang Thach (https://twitter.com/hi_im_d4rkn3ss) and Billy Jheng Bing-Jhong (https://twitter.com/st424204)

Trust: 1.4

sources: ZDI: ZDI-22-246 // ZDI: ZDI-22-245

SOURCES

db:ZDIid:ZDI-22-246
db:ZDIid:ZDI-22-245
db:ZDIid:ZDI-22-244
db:VULHUBid:VHN-406753
db:VULMONid:CVE-2021-44142
db:JVNDBid:JVNDB-2022-001296
db:PACKETSTORMid:165801
db:PACKETSTORMid:165906
db:PACKETSTORMid:166138
db:PACKETSTORMid:166137
db:PACKETSTORMid:165793
db:PACKETSTORMid:165791
db:PACKETSTORMid:165790
db:PACKETSTORMid:165788
db:PACKETSTORMid:174695
db:NVDid:CVE-2021-44142

LAST UPDATE DATE

2024-11-23T21:02:26.417000+00:00


SOURCES UPDATE DATE

db:ZDIid:ZDI-22-246date:2022-02-01T00:00:00
db:ZDIid:ZDI-22-245date:2022-02-01T00:00:00
db:ZDIid:ZDI-22-244date:2022-02-01T00:00:00
db:VULHUBid:VHN-406753date:2022-02-23T00:00:00
db:VULMONid:CVE-2021-44142date:2023-11-07T00:00:00
db:JVNDBid:JVNDB-2022-001296date:2022-02-02T02:33:00
db:NVDid:CVE-2021-44142date:2024-11-21T06:30:25.637

SOURCES RELEASE DATE

db:ZDIid:ZDI-22-246date:2022-02-01T00:00:00
db:ZDIid:ZDI-22-245date:2022-02-01T00:00:00
db:ZDIid:ZDI-22-244date:2022-02-01T00:00:00
db:VULHUBid:VHN-406753date:2022-02-21T00:00:00
db:VULMONid:CVE-2021-44142date:2022-02-21T00:00:00
db:JVNDBid:JVNDB-2022-001296date:2022-02-02T00:00:00
db:PACKETSTORMid:165801date:2022-02-02T16:21:28
db:PACKETSTORMid:165906date:2022-02-09T16:03:43
db:PACKETSTORMid:166138date:2022-02-24T16:11:06
db:PACKETSTORMid:166137date:2022-02-24T16:10:57
db:PACKETSTORMid:165793date:2022-02-01T17:02:58
db:PACKETSTORMid:165791date:2022-02-01T17:02:44
db:PACKETSTORMid:165790date:2022-02-01T17:02:33
db:PACKETSTORMid:165788date:2022-02-01T17:00:01
db:PACKETSTORMid:174695date:2023-09-18T13:42:53
db:NVDid:CVE-2021-44142date:2022-02-21T15:15:07.380