ID

VAR-202201-0295


CVE

CVE-2021-44142


TITLE

Samba vfs_fruit module insecurely handles extended file attributes

Trust: 0.8

sources: CERT/CC: VU#119678

DESCRIPTION

The Samba vfs_fruit module uses extended file attributes (EA, xattr) to provide "...enhanced compatibility with Apple SMB clients and interoperability with a Netatalk 3 AFP fileserver." Samba versions prior to 4.13.17, 4.14.12 and 4.15.5 with vfs_fruit configured allow out-of-bounds heap read and write via specially crafted extended file attributes. A remote attacker with write access to extended file attributes can execute arbitrary code with the privileges of smbd, typically root. Authentication is not required to exploit this vulnerability.The specific flaw exists within the handling of AppleDouble entries. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. The specific flaw exists within the parsing of EA metadata when opening files in smbd. The problem in vfs_fruit exists in the default configuration of the fruit VFS module using fruit:metadata=netatalk or fruit:resource=file. If both options are set to different settings than the default values, the system is not affected by the security issue. Patches addressing both these issues have been posted to: www.samba.org/samba/security/. For details on migrating Samba/CTDB configuration files, refer to: https://access.redhat.com/solutions/4311261 5. ========================================================================== Ubuntu Security Notice USN-5260-1 February 01, 2022 samba vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 21.10 - Ubuntu 20.04 LTS Summary: Several security issues were fixed in Samba. Software Description: - samba: SMB/CIFS file, print, and login server for Unix Details: Orange Tsai discovered that the Samba vfs_fruit module incorrectly handled certain memory operations. (CVE-2021-44142) Michael Hanselmann discovered that Samba incorrectly created directories. In certain configurations, a remote attacker could possibly create a directory on the server outside of the shared directory. (CVE-2021-43566) Kees van Vloten discovered that Samba incorrectly handled certain aliased SPN checks. A remote attacker could possibly use this issue to impersonate services. (CVE-2022-0336) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 21.10: samba 2:4.13.17~dfsg-0ubuntu0.21.10.1 Ubuntu 20.04 LTS: samba 2:4.13.17~dfsg-0ubuntu0.21.04.1 This update uses a new upstream release, which includes additional bug fixes. In general, a standard system update will make all the necessary changes. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Critical: samba security and bug fix update Advisory ID: RHSA-2022:0332-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2022:0332 Issue date: 2022-01-31 CVE Names: CVE-2021-44142 ==================================================================== 1. Summary: An update for samba is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat CodeReady Linux Builder (v. 8) - aarch64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux AppStream (v. 8) - aarch64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux BaseOS (v. 8) - aarch64, noarch, ppc64le, s390x, x86_64 3. Description: Samba is an open-source implementation of the Server Message Block (SMB) protocol and the related Common Internet File System (CIFS) protocol, which allow PC-compatible machines to share files, printers, and various information. Security Fix(es): * samba: Out-of-bounds heap read/write vulnerability in VFS module vfs_fruit allows code execution (CVE-2021-44142) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * Fix username map script regression introduced with CVE-2020-25717 (BZ#2046174) * Fix possible segfault when joining the domain (BZ#2046160) 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 After installing this update, the smb service will be restarted automatically. 5. Bugs fixed (https://bugzilla.redhat.com/): 2046146 - CVE-2021-44142 samba: Out-of-bounds heap read/write vulnerability in VFS module vfs_fruit allows code execution 2046160 - [smb] Segmentation fault when joining the domain [rhel-8.5.0.z] 2046174 - Failed to authenticate users after upgrade samba package to release samba-4.14.5-7x [rhel-8.5.0.z] 6. Package List: Red Hat Enterprise Linux AppStream (v. 8): aarch64: ctdb-debuginfo-4.14.5-9.el8_5.aarch64.rpm libsmbclient-debuginfo-4.14.5-9.el8_5.aarch64.rpm libwbclient-debuginfo-4.14.5-9.el8_5.aarch64.rpm python3-samba-debuginfo-4.14.5-9.el8_5.aarch64.rpm samba-client-debuginfo-4.14.5-9.el8_5.aarch64.rpm samba-client-libs-debuginfo-4.14.5-9.el8_5.aarch64.rpm samba-common-libs-debuginfo-4.14.5-9.el8_5.aarch64.rpm samba-common-tools-debuginfo-4.14.5-9.el8_5.aarch64.rpm samba-debuginfo-4.14.5-9.el8_5.aarch64.rpm samba-debugsource-4.14.5-9.el8_5.aarch64.rpm samba-krb5-printing-debuginfo-4.14.5-9.el8_5.aarch64.rpm samba-libs-debuginfo-4.14.5-9.el8_5.aarch64.rpm samba-test-debuginfo-4.14.5-9.el8_5.aarch64.rpm samba-test-libs-debuginfo-4.14.5-9.el8_5.aarch64.rpm samba-vfs-iouring-4.14.5-9.el8_5.aarch64.rpm samba-vfs-iouring-debuginfo-4.14.5-9.el8_5.aarch64.rpm samba-winbind-clients-debuginfo-4.14.5-9.el8_5.aarch64.rpm samba-winbind-debuginfo-4.14.5-9.el8_5.aarch64.rpm samba-winbind-krb5-locator-debuginfo-4.14.5-9.el8_5.aarch64.rpm samba-winbind-modules-debuginfo-4.14.5-9.el8_5.aarch64.rpm ppc64le: ctdb-debuginfo-4.14.5-9.el8_5.ppc64le.rpm libsmbclient-debuginfo-4.14.5-9.el8_5.ppc64le.rpm libwbclient-debuginfo-4.14.5-9.el8_5.ppc64le.rpm python3-samba-debuginfo-4.14.5-9.el8_5.ppc64le.rpm samba-client-debuginfo-4.14.5-9.el8_5.ppc64le.rpm samba-client-libs-debuginfo-4.14.5-9.el8_5.ppc64le.rpm samba-common-libs-debuginfo-4.14.5-9.el8_5.ppc64le.rpm samba-common-tools-debuginfo-4.14.5-9.el8_5.ppc64le.rpm samba-debuginfo-4.14.5-9.el8_5.ppc64le.rpm samba-debugsource-4.14.5-9.el8_5.ppc64le.rpm samba-krb5-printing-debuginfo-4.14.5-9.el8_5.ppc64le.rpm samba-libs-debuginfo-4.14.5-9.el8_5.ppc64le.rpm samba-test-debuginfo-4.14.5-9.el8_5.ppc64le.rpm samba-test-libs-debuginfo-4.14.5-9.el8_5.ppc64le.rpm samba-vfs-iouring-4.14.5-9.el8_5.ppc64le.rpm samba-vfs-iouring-debuginfo-4.14.5-9.el8_5.ppc64le.rpm samba-winbind-clients-debuginfo-4.14.5-9.el8_5.ppc64le.rpm samba-winbind-debuginfo-4.14.5-9.el8_5.ppc64le.rpm samba-winbind-krb5-locator-debuginfo-4.14.5-9.el8_5.ppc64le.rpm samba-winbind-modules-debuginfo-4.14.5-9.el8_5.ppc64le.rpm s390x: ctdb-debuginfo-4.14.5-9.el8_5.s390x.rpm libsmbclient-debuginfo-4.14.5-9.el8_5.s390x.rpm libwbclient-debuginfo-4.14.5-9.el8_5.s390x.rpm python3-samba-debuginfo-4.14.5-9.el8_5.s390x.rpm samba-client-debuginfo-4.14.5-9.el8_5.s390x.rpm samba-client-libs-debuginfo-4.14.5-9.el8_5.s390x.rpm samba-common-libs-debuginfo-4.14.5-9.el8_5.s390x.rpm samba-common-tools-debuginfo-4.14.5-9.el8_5.s390x.rpm samba-debuginfo-4.14.5-9.el8_5.s390x.rpm samba-debugsource-4.14.5-9.el8_5.s390x.rpm samba-krb5-printing-debuginfo-4.14.5-9.el8_5.s390x.rpm samba-libs-debuginfo-4.14.5-9.el8_5.s390x.rpm samba-test-debuginfo-4.14.5-9.el8_5.s390x.rpm samba-test-libs-debuginfo-4.14.5-9.el8_5.s390x.rpm samba-vfs-iouring-4.14.5-9.el8_5.s390x.rpm samba-vfs-iouring-debuginfo-4.14.5-9.el8_5.s390x.rpm samba-winbind-clients-debuginfo-4.14.5-9.el8_5.s390x.rpm samba-winbind-debuginfo-4.14.5-9.el8_5.s390x.rpm samba-winbind-krb5-locator-debuginfo-4.14.5-9.el8_5.s390x.rpm samba-winbind-modules-debuginfo-4.14.5-9.el8_5.s390x.rpm x86_64: ctdb-debuginfo-4.14.5-9.el8_5.x86_64.rpm libsmbclient-debuginfo-4.14.5-9.el8_5.x86_64.rpm libwbclient-debuginfo-4.14.5-9.el8_5.x86_64.rpm python3-samba-debuginfo-4.14.5-9.el8_5.x86_64.rpm samba-client-debuginfo-4.14.5-9.el8_5.x86_64.rpm samba-client-libs-debuginfo-4.14.5-9.el8_5.x86_64.rpm samba-common-libs-debuginfo-4.14.5-9.el8_5.x86_64.rpm samba-common-tools-debuginfo-4.14.5-9.el8_5.x86_64.rpm samba-debuginfo-4.14.5-9.el8_5.x86_64.rpm samba-debugsource-4.14.5-9.el8_5.x86_64.rpm samba-krb5-printing-debuginfo-4.14.5-9.el8_5.x86_64.rpm samba-libs-debuginfo-4.14.5-9.el8_5.x86_64.rpm samba-test-debuginfo-4.14.5-9.el8_5.x86_64.rpm samba-test-libs-debuginfo-4.14.5-9.el8_5.x86_64.rpm samba-vfs-iouring-4.14.5-9.el8_5.x86_64.rpm samba-vfs-iouring-debuginfo-4.14.5-9.el8_5.x86_64.rpm samba-winbind-clients-debuginfo-4.14.5-9.el8_5.x86_64.rpm samba-winbind-debuginfo-4.14.5-9.el8_5.x86_64.rpm samba-winbind-krb5-locator-debuginfo-4.14.5-9.el8_5.x86_64.rpm samba-winbind-modules-debuginfo-4.14.5-9.el8_5.x86_64.rpm samba-winexe-debuginfo-4.14.5-9.el8_5.x86_64.rpm Red Hat Enterprise Linux BaseOS (v. 8): Source: samba-4.14.5-9.el8_5.src.rpm aarch64: ctdb-4.14.5-9.el8_5.aarch64.rpm ctdb-debuginfo-4.14.5-9.el8_5.aarch64.rpm libsmbclient-4.14.5-9.el8_5.aarch64.rpm libsmbclient-debuginfo-4.14.5-9.el8_5.aarch64.rpm libwbclient-4.14.5-9.el8_5.aarch64.rpm libwbclient-debuginfo-4.14.5-9.el8_5.aarch64.rpm python3-samba-4.14.5-9.el8_5.aarch64.rpm python3-samba-debuginfo-4.14.5-9.el8_5.aarch64.rpm python3-samba-test-4.14.5-9.el8_5.aarch64.rpm samba-4.14.5-9.el8_5.aarch64.rpm samba-client-4.14.5-9.el8_5.aarch64.rpm samba-client-debuginfo-4.14.5-9.el8_5.aarch64.rpm samba-client-libs-4.14.5-9.el8_5.aarch64.rpm samba-client-libs-debuginfo-4.14.5-9.el8_5.aarch64.rpm samba-common-libs-4.14.5-9.el8_5.aarch64.rpm samba-common-libs-debuginfo-4.14.5-9.el8_5.aarch64.rpm samba-common-tools-4.14.5-9.el8_5.aarch64.rpm samba-common-tools-debuginfo-4.14.5-9.el8_5.aarch64.rpm samba-debuginfo-4.14.5-9.el8_5.aarch64.rpm samba-debugsource-4.14.5-9.el8_5.aarch64.rpm samba-krb5-printing-4.14.5-9.el8_5.aarch64.rpm samba-krb5-printing-debuginfo-4.14.5-9.el8_5.aarch64.rpm samba-libs-4.14.5-9.el8_5.aarch64.rpm samba-libs-debuginfo-4.14.5-9.el8_5.aarch64.rpm samba-test-4.14.5-9.el8_5.aarch64.rpm samba-test-debuginfo-4.14.5-9.el8_5.aarch64.rpm samba-test-libs-4.14.5-9.el8_5.aarch64.rpm samba-test-libs-debuginfo-4.14.5-9.el8_5.aarch64.rpm samba-vfs-iouring-debuginfo-4.14.5-9.el8_5.aarch64.rpm samba-winbind-4.14.5-9.el8_5.aarch64.rpm samba-winbind-clients-4.14.5-9.el8_5.aarch64.rpm samba-winbind-clients-debuginfo-4.14.5-9.el8_5.aarch64.rpm samba-winbind-debuginfo-4.14.5-9.el8_5.aarch64.rpm samba-winbind-krb5-locator-4.14.5-9.el8_5.aarch64.rpm samba-winbind-krb5-locator-debuginfo-4.14.5-9.el8_5.aarch64.rpm samba-winbind-modules-4.14.5-9.el8_5.aarch64.rpm samba-winbind-modules-debuginfo-4.14.5-9.el8_5.aarch64.rpm noarch: samba-common-4.14.5-9.el8_5.noarch.rpm samba-pidl-4.14.5-9.el8_5.noarch.rpm ppc64le: ctdb-4.14.5-9.el8_5.ppc64le.rpm ctdb-debuginfo-4.14.5-9.el8_5.ppc64le.rpm libsmbclient-4.14.5-9.el8_5.ppc64le.rpm libsmbclient-debuginfo-4.14.5-9.el8_5.ppc64le.rpm libwbclient-4.14.5-9.el8_5.ppc64le.rpm libwbclient-debuginfo-4.14.5-9.el8_5.ppc64le.rpm python3-samba-4.14.5-9.el8_5.ppc64le.rpm python3-samba-debuginfo-4.14.5-9.el8_5.ppc64le.rpm python3-samba-test-4.14.5-9.el8_5.ppc64le.rpm samba-4.14.5-9.el8_5.ppc64le.rpm samba-client-4.14.5-9.el8_5.ppc64le.rpm samba-client-debuginfo-4.14.5-9.el8_5.ppc64le.rpm samba-client-libs-4.14.5-9.el8_5.ppc64le.rpm samba-client-libs-debuginfo-4.14.5-9.el8_5.ppc64le.rpm samba-common-libs-4.14.5-9.el8_5.ppc64le.rpm samba-common-libs-debuginfo-4.14.5-9.el8_5.ppc64le.rpm samba-common-tools-4.14.5-9.el8_5.ppc64le.rpm samba-common-tools-debuginfo-4.14.5-9.el8_5.ppc64le.rpm samba-debuginfo-4.14.5-9.el8_5.ppc64le.rpm samba-debugsource-4.14.5-9.el8_5.ppc64le.rpm samba-krb5-printing-4.14.5-9.el8_5.ppc64le.rpm samba-krb5-printing-debuginfo-4.14.5-9.el8_5.ppc64le.rpm samba-libs-4.14.5-9.el8_5.ppc64le.rpm samba-libs-debuginfo-4.14.5-9.el8_5.ppc64le.rpm samba-test-4.14.5-9.el8_5.ppc64le.rpm samba-test-debuginfo-4.14.5-9.el8_5.ppc64le.rpm samba-test-libs-4.14.5-9.el8_5.ppc64le.rpm samba-test-libs-debuginfo-4.14.5-9.el8_5.ppc64le.rpm samba-vfs-iouring-debuginfo-4.14.5-9.el8_5.ppc64le.rpm samba-winbind-4.14.5-9.el8_5.ppc64le.rpm samba-winbind-clients-4.14.5-9.el8_5.ppc64le.rpm samba-winbind-clients-debuginfo-4.14.5-9.el8_5.ppc64le.rpm samba-winbind-debuginfo-4.14.5-9.el8_5.ppc64le.rpm samba-winbind-krb5-locator-4.14.5-9.el8_5.ppc64le.rpm samba-winbind-krb5-locator-debuginfo-4.14.5-9.el8_5.ppc64le.rpm samba-winbind-modules-4.14.5-9.el8_5.ppc64le.rpm samba-winbind-modules-debuginfo-4.14.5-9.el8_5.ppc64le.rpm s390x: ctdb-4.14.5-9.el8_5.s390x.rpm ctdb-debuginfo-4.14.5-9.el8_5.s390x.rpm libsmbclient-4.14.5-9.el8_5.s390x.rpm libsmbclient-debuginfo-4.14.5-9.el8_5.s390x.rpm libwbclient-4.14.5-9.el8_5.s390x.rpm libwbclient-debuginfo-4.14.5-9.el8_5.s390x.rpm python3-samba-4.14.5-9.el8_5.s390x.rpm python3-samba-debuginfo-4.14.5-9.el8_5.s390x.rpm python3-samba-test-4.14.5-9.el8_5.s390x.rpm samba-4.14.5-9.el8_5.s390x.rpm samba-client-4.14.5-9.el8_5.s390x.rpm samba-client-debuginfo-4.14.5-9.el8_5.s390x.rpm samba-client-libs-4.14.5-9.el8_5.s390x.rpm samba-client-libs-debuginfo-4.14.5-9.el8_5.s390x.rpm samba-common-libs-4.14.5-9.el8_5.s390x.rpm samba-common-libs-debuginfo-4.14.5-9.el8_5.s390x.rpm samba-common-tools-4.14.5-9.el8_5.s390x.rpm samba-common-tools-debuginfo-4.14.5-9.el8_5.s390x.rpm samba-debuginfo-4.14.5-9.el8_5.s390x.rpm samba-debugsource-4.14.5-9.el8_5.s390x.rpm samba-krb5-printing-4.14.5-9.el8_5.s390x.rpm samba-krb5-printing-debuginfo-4.14.5-9.el8_5.s390x.rpm samba-libs-4.14.5-9.el8_5.s390x.rpm samba-libs-debuginfo-4.14.5-9.el8_5.s390x.rpm samba-test-4.14.5-9.el8_5.s390x.rpm samba-test-debuginfo-4.14.5-9.el8_5.s390x.rpm samba-test-libs-4.14.5-9.el8_5.s390x.rpm samba-test-libs-debuginfo-4.14.5-9.el8_5.s390x.rpm samba-vfs-iouring-debuginfo-4.14.5-9.el8_5.s390x.rpm samba-winbind-4.14.5-9.el8_5.s390x.rpm samba-winbind-clients-4.14.5-9.el8_5.s390x.rpm samba-winbind-clients-debuginfo-4.14.5-9.el8_5.s390x.rpm samba-winbind-debuginfo-4.14.5-9.el8_5.s390x.rpm samba-winbind-krb5-locator-4.14.5-9.el8_5.s390x.rpm samba-winbind-krb5-locator-debuginfo-4.14.5-9.el8_5.s390x.rpm samba-winbind-modules-4.14.5-9.el8_5.s390x.rpm samba-winbind-modules-debuginfo-4.14.5-9.el8_5.s390x.rpm x86_64: ctdb-4.14.5-9.el8_5.x86_64.rpm ctdb-debuginfo-4.14.5-9.el8_5.i686.rpm ctdb-debuginfo-4.14.5-9.el8_5.x86_64.rpm libsmbclient-4.14.5-9.el8_5.i686.rpm libsmbclient-4.14.5-9.el8_5.x86_64.rpm libsmbclient-debuginfo-4.14.5-9.el8_5.i686.rpm libsmbclient-debuginfo-4.14.5-9.el8_5.x86_64.rpm libwbclient-4.14.5-9.el8_5.i686.rpm libwbclient-4.14.5-9.el8_5.x86_64.rpm libwbclient-debuginfo-4.14.5-9.el8_5.i686.rpm libwbclient-debuginfo-4.14.5-9.el8_5.x86_64.rpm python3-samba-4.14.5-9.el8_5.i686.rpm python3-samba-4.14.5-9.el8_5.x86_64.rpm python3-samba-debuginfo-4.14.5-9.el8_5.i686.rpm python3-samba-debuginfo-4.14.5-9.el8_5.x86_64.rpm python3-samba-test-4.14.5-9.el8_5.x86_64.rpm samba-4.14.5-9.el8_5.x86_64.rpm samba-client-4.14.5-9.el8_5.x86_64.rpm samba-client-debuginfo-4.14.5-9.el8_5.i686.rpm samba-client-debuginfo-4.14.5-9.el8_5.x86_64.rpm samba-client-libs-4.14.5-9.el8_5.i686.rpm samba-client-libs-4.14.5-9.el8_5.x86_64.rpm samba-client-libs-debuginfo-4.14.5-9.el8_5.i686.rpm samba-client-libs-debuginfo-4.14.5-9.el8_5.x86_64.rpm samba-common-libs-4.14.5-9.el8_5.x86_64.rpm samba-common-libs-debuginfo-4.14.5-9.el8_5.i686.rpm samba-common-libs-debuginfo-4.14.5-9.el8_5.x86_64.rpm samba-common-tools-4.14.5-9.el8_5.x86_64.rpm samba-common-tools-debuginfo-4.14.5-9.el8_5.i686.rpm samba-common-tools-debuginfo-4.14.5-9.el8_5.x86_64.rpm samba-debuginfo-4.14.5-9.el8_5.i686.rpm samba-debuginfo-4.14.5-9.el8_5.x86_64.rpm samba-debugsource-4.14.5-9.el8_5.i686.rpm samba-debugsource-4.14.5-9.el8_5.x86_64.rpm samba-krb5-printing-4.14.5-9.el8_5.x86_64.rpm samba-krb5-printing-debuginfo-4.14.5-9.el8_5.i686.rpm samba-krb5-printing-debuginfo-4.14.5-9.el8_5.x86_64.rpm samba-libs-4.14.5-9.el8_5.i686.rpm samba-libs-4.14.5-9.el8_5.x86_64.rpm samba-libs-debuginfo-4.14.5-9.el8_5.i686.rpm samba-libs-debuginfo-4.14.5-9.el8_5.x86_64.rpm samba-test-4.14.5-9.el8_5.x86_64.rpm samba-test-debuginfo-4.14.5-9.el8_5.i686.rpm samba-test-debuginfo-4.14.5-9.el8_5.x86_64.rpm samba-test-libs-4.14.5-9.el8_5.x86_64.rpm samba-test-libs-debuginfo-4.14.5-9.el8_5.i686.rpm samba-test-libs-debuginfo-4.14.5-9.el8_5.x86_64.rpm samba-vfs-iouring-debuginfo-4.14.5-9.el8_5.x86_64.rpm samba-winbind-4.14.5-9.el8_5.x86_64.rpm samba-winbind-clients-4.14.5-9.el8_5.x86_64.rpm samba-winbind-clients-debuginfo-4.14.5-9.el8_5.i686.rpm samba-winbind-clients-debuginfo-4.14.5-9.el8_5.x86_64.rpm samba-winbind-debuginfo-4.14.5-9.el8_5.i686.rpm samba-winbind-debuginfo-4.14.5-9.el8_5.x86_64.rpm samba-winbind-krb5-locator-4.14.5-9.el8_5.x86_64.rpm samba-winbind-krb5-locator-debuginfo-4.14.5-9.el8_5.i686.rpm samba-winbind-krb5-locator-debuginfo-4.14.5-9.el8_5.x86_64.rpm samba-winbind-modules-4.14.5-9.el8_5.i686.rpm samba-winbind-modules-4.14.5-9.el8_5.x86_64.rpm samba-winbind-modules-debuginfo-4.14.5-9.el8_5.i686.rpm samba-winbind-modules-debuginfo-4.14.5-9.el8_5.x86_64.rpm samba-winexe-4.14.5-9.el8_5.x86_64.rpm samba-winexe-debuginfo-4.14.5-9.el8_5.x86_64.rpm Red Hat CodeReady Linux Builder (v. 8): aarch64: ctdb-debuginfo-4.14.5-9.el8_5.aarch64.rpm libsmbclient-debuginfo-4.14.5-9.el8_5.aarch64.rpm libsmbclient-devel-4.14.5-9.el8_5.aarch64.rpm libwbclient-debuginfo-4.14.5-9.el8_5.aarch64.rpm libwbclient-devel-4.14.5-9.el8_5.aarch64.rpm python3-samba-debuginfo-4.14.5-9.el8_5.aarch64.rpm samba-client-debuginfo-4.14.5-9.el8_5.aarch64.rpm samba-client-libs-debuginfo-4.14.5-9.el8_5.aarch64.rpm samba-common-libs-debuginfo-4.14.5-9.el8_5.aarch64.rpm samba-common-tools-debuginfo-4.14.5-9.el8_5.aarch64.rpm samba-debuginfo-4.14.5-9.el8_5.aarch64.rpm samba-debugsource-4.14.5-9.el8_5.aarch64.rpm samba-devel-4.14.5-9.el8_5.aarch64.rpm samba-krb5-printing-debuginfo-4.14.5-9.el8_5.aarch64.rpm samba-libs-debuginfo-4.14.5-9.el8_5.aarch64.rpm samba-test-debuginfo-4.14.5-9.el8_5.aarch64.rpm samba-test-libs-debuginfo-4.14.5-9.el8_5.aarch64.rpm samba-vfs-iouring-debuginfo-4.14.5-9.el8_5.aarch64.rpm samba-winbind-clients-debuginfo-4.14.5-9.el8_5.aarch64.rpm samba-winbind-debuginfo-4.14.5-9.el8_5.aarch64.rpm samba-winbind-krb5-locator-debuginfo-4.14.5-9.el8_5.aarch64.rpm samba-winbind-modules-debuginfo-4.14.5-9.el8_5.aarch64.rpm ppc64le: ctdb-debuginfo-4.14.5-9.el8_5.ppc64le.rpm libsmbclient-debuginfo-4.14.5-9.el8_5.ppc64le.rpm libsmbclient-devel-4.14.5-9.el8_5.ppc64le.rpm libwbclient-debuginfo-4.14.5-9.el8_5.ppc64le.rpm libwbclient-devel-4.14.5-9.el8_5.ppc64le.rpm python3-samba-debuginfo-4.14.5-9.el8_5.ppc64le.rpm samba-client-debuginfo-4.14.5-9.el8_5.ppc64le.rpm samba-client-libs-debuginfo-4.14.5-9.el8_5.ppc64le.rpm samba-common-libs-debuginfo-4.14.5-9.el8_5.ppc64le.rpm samba-common-tools-debuginfo-4.14.5-9.el8_5.ppc64le.rpm samba-debuginfo-4.14.5-9.el8_5.ppc64le.rpm samba-debugsource-4.14.5-9.el8_5.ppc64le.rpm samba-devel-4.14.5-9.el8_5.ppc64le.rpm samba-krb5-printing-debuginfo-4.14.5-9.el8_5.ppc64le.rpm samba-libs-debuginfo-4.14.5-9.el8_5.ppc64le.rpm samba-test-debuginfo-4.14.5-9.el8_5.ppc64le.rpm samba-test-libs-debuginfo-4.14.5-9.el8_5.ppc64le.rpm samba-vfs-iouring-debuginfo-4.14.5-9.el8_5.ppc64le.rpm samba-winbind-clients-debuginfo-4.14.5-9.el8_5.ppc64le.rpm samba-winbind-debuginfo-4.14.5-9.el8_5.ppc64le.rpm samba-winbind-krb5-locator-debuginfo-4.14.5-9.el8_5.ppc64le.rpm samba-winbind-modules-debuginfo-4.14.5-9.el8_5.ppc64le.rpm s390x: ctdb-debuginfo-4.14.5-9.el8_5.s390x.rpm libsmbclient-debuginfo-4.14.5-9.el8_5.s390x.rpm libsmbclient-devel-4.14.5-9.el8_5.s390x.rpm libwbclient-debuginfo-4.14.5-9.el8_5.s390x.rpm libwbclient-devel-4.14.5-9.el8_5.s390x.rpm python3-samba-debuginfo-4.14.5-9.el8_5.s390x.rpm samba-client-debuginfo-4.14.5-9.el8_5.s390x.rpm samba-client-libs-debuginfo-4.14.5-9.el8_5.s390x.rpm samba-common-libs-debuginfo-4.14.5-9.el8_5.s390x.rpm samba-common-tools-debuginfo-4.14.5-9.el8_5.s390x.rpm samba-debuginfo-4.14.5-9.el8_5.s390x.rpm samba-debugsource-4.14.5-9.el8_5.s390x.rpm samba-devel-4.14.5-9.el8_5.s390x.rpm samba-krb5-printing-debuginfo-4.14.5-9.el8_5.s390x.rpm samba-libs-debuginfo-4.14.5-9.el8_5.s390x.rpm samba-test-debuginfo-4.14.5-9.el8_5.s390x.rpm samba-test-libs-debuginfo-4.14.5-9.el8_5.s390x.rpm samba-vfs-iouring-debuginfo-4.14.5-9.el8_5.s390x.rpm samba-winbind-clients-debuginfo-4.14.5-9.el8_5.s390x.rpm samba-winbind-debuginfo-4.14.5-9.el8_5.s390x.rpm samba-winbind-krb5-locator-debuginfo-4.14.5-9.el8_5.s390x.rpm samba-winbind-modules-debuginfo-4.14.5-9.el8_5.s390x.rpm x86_64: ctdb-debuginfo-4.14.5-9.el8_5.i686.rpm ctdb-debuginfo-4.14.5-9.el8_5.x86_64.rpm libsmbclient-debuginfo-4.14.5-9.el8_5.i686.rpm libsmbclient-debuginfo-4.14.5-9.el8_5.x86_64.rpm libsmbclient-devel-4.14.5-9.el8_5.i686.rpm libsmbclient-devel-4.14.5-9.el8_5.x86_64.rpm libwbclient-debuginfo-4.14.5-9.el8_5.i686.rpm libwbclient-debuginfo-4.14.5-9.el8_5.x86_64.rpm libwbclient-devel-4.14.5-9.el8_5.i686.rpm libwbclient-devel-4.14.5-9.el8_5.x86_64.rpm python3-samba-debuginfo-4.14.5-9.el8_5.i686.rpm python3-samba-debuginfo-4.14.5-9.el8_5.x86_64.rpm samba-client-debuginfo-4.14.5-9.el8_5.i686.rpm samba-client-debuginfo-4.14.5-9.el8_5.x86_64.rpm samba-client-libs-debuginfo-4.14.5-9.el8_5.i686.rpm samba-client-libs-debuginfo-4.14.5-9.el8_5.x86_64.rpm samba-common-libs-debuginfo-4.14.5-9.el8_5.i686.rpm samba-common-libs-debuginfo-4.14.5-9.el8_5.x86_64.rpm samba-common-tools-debuginfo-4.14.5-9.el8_5.i686.rpm samba-common-tools-debuginfo-4.14.5-9.el8_5.x86_64.rpm samba-debuginfo-4.14.5-9.el8_5.i686.rpm samba-debuginfo-4.14.5-9.el8_5.x86_64.rpm samba-debugsource-4.14.5-9.el8_5.i686.rpm samba-debugsource-4.14.5-9.el8_5.x86_64.rpm samba-devel-4.14.5-9.el8_5.i686.rpm samba-devel-4.14.5-9.el8_5.x86_64.rpm samba-krb5-printing-debuginfo-4.14.5-9.el8_5.i686.rpm samba-krb5-printing-debuginfo-4.14.5-9.el8_5.x86_64.rpm samba-libs-debuginfo-4.14.5-9.el8_5.i686.rpm samba-libs-debuginfo-4.14.5-9.el8_5.x86_64.rpm samba-test-debuginfo-4.14.5-9.el8_5.i686.rpm samba-test-debuginfo-4.14.5-9.el8_5.x86_64.rpm samba-test-libs-debuginfo-4.14.5-9.el8_5.i686.rpm samba-test-libs-debuginfo-4.14.5-9.el8_5.x86_64.rpm samba-vfs-iouring-debuginfo-4.14.5-9.el8_5.x86_64.rpm samba-winbind-clients-debuginfo-4.14.5-9.el8_5.i686.rpm samba-winbind-clients-debuginfo-4.14.5-9.el8_5.x86_64.rpm samba-winbind-debuginfo-4.14.5-9.el8_5.i686.rpm samba-winbind-debuginfo-4.14.5-9.el8_5.x86_64.rpm samba-winbind-krb5-locator-debuginfo-4.14.5-9.el8_5.i686.rpm samba-winbind-krb5-locator-debuginfo-4.14.5-9.el8_5.x86_64.rpm samba-winbind-modules-debuginfo-4.14.5-9.el8_5.i686.rpm samba-winbind-modules-debuginfo-4.14.5-9.el8_5.x86_64.rpm samba-winexe-debuginfo-4.14.5-9.el8_5.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2021-44142 https://access.redhat.com/security/updates/classification/#critical 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2022 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBYfg3mtzjgjWX9erEAQj9+Q/+NC+SlM3AvWOMS/wVJ1Xv7zRYXDRt8iIM xTQEigHlt4NfqAxy2ff7Pna9f6e4xZkjqe0UwYa+9qBd5/S2gmFRn4WVTTIUYCuQ 1xSqzPOjMrSDkeeT/1Dt5tp5dSqlNo0bTVBvV+540iKW6fEhlXcaXKt7Jp4oH+sI 3M/6wChfJD1+QNv4DsSf0j9R0b/ZY62UvK5dVRGJHlFA08NrwDxUYNCQIX4J3D7q 7z5h+g8wCsteULW9XkfWjq/cJ+hB4C5eBkK8BeuPj/2USBNDrESrALwZddvz9KA/ hV6wobAHB+9ECBepckKTm15Ag3z/5h72ABpuf/HDJJFJ621pdEpO8RAPSa4JsuJF UcA8V2hhusiU/sX4LF5NzoDikDkGq4S5pLyW8Bke52WN2PctgX1+JHdW3gmQTeXM Na25Q04X/jNbOPdD75eb25OMU/NJm9soqW3wbb5d1u68pm7fqEF6lLkh++Q3CwEl OM/+d+xffTgQq60XDii+sPbl2PKONsjJuPlhXNk/1VePu82qdp9T2LKokDV0wswg TPV+8W8YubiV5xAJbb0OsmvQayjkNR97++zqlT7mhZS4dTaRmWExYSmISRuBokFr DDNzj69QF+O0FSEKDrM8zGF3kU5A6lLhleRSQ3PPGhLghaPeKmQl7wK7nEwMbbSW JJjlrDZ8NX8=U8ni -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://listman.redhat.com/mailman/listinfo/rhsa-announce . CVE-2022-0336 Kees van Vloten reported that Samba AD users with permission to write to an account can impersonate arbitrary services. For the oldstable distribution (buster), these problems have been fixed in version 2:4.9.5+dfsg-5+deb10u3. As per DSA 5015-1, CVE-2022-0336 has not been addressed for the oldstable distribution (buster). For the stable distribution (bullseye), these problems have been fixed in version 2:4.13.13+dfsg-1~deb11u3. Additionally, some followup fixes for CVE-2020-25717 are included in this update (Cf. For the detailed security status of samba please refer to its security tracker page at: https://security-tracker.debian.org/tracker/samba Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmIGeeJfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND z0SBDg//TfBB+gXbb751f6ltULdhmZUtEVL1Kyns8/LpEkKKKNU8AS8FOsLQs/o8 ICNJ3Fqv9XYqZ0Kc8w4w800jq6svy4nXkwRIiOzN0WqKXxNDZMzqDs0ACVyNQgE8 Pfugf+M5FAawPl5WhBtY+g+uUiwwjz7+UZ1eYcxLf1PT6lQLZ043WLT4mwUcB5vI 1vbmDwlLQXxkLHwvL8bmjiM0wt3E4w+6IdspEfC0wsR4biyoG2vkUWuPGuuNnsNO 8gDyuNaSRUCNEEDiMR8WBwwd9WTvvlrlmHvOS1mBQy2SX/2270apRWN0WSYJ16ee qgtWpB7aPNJGMS2z6lE7VgZ0l2mlvqoTm7SkXH3RjZTisXQjqKZ7LojckDghdWz2 XaWLQMFb7S2ezaDoUE8NcXWXxyzC0LrFVoiOsK69bXT7IoBtamWO/ZjChdEo+9rd X906cyro9CMtPIcb5Czc5Rj0EstbDplVr9Xma42KTJcYVCp5GQ/aJ0ZKtoFctITp ZbWACwfu5xj6XbpkAYnQDkMsjhrrlsTX804oODcUPhDdV/L+rI17Yz2ofqMpk8Pl Xpuk/YWVjheB1fLpAGh1e5OtXBbBodrlSoLWwz9pvwkZYzUQHBUcbWD9IXlbKG92 2mmOQDnboWcGLiKxMjch4B7nVmspOn5FFwZN0PP0/mMdFZpNqyU= =UWmB -----END PGP SIGNATURE-----

Trust: 4.14

sources: NVD: CVE-2021-44142 // CERT/CC: VU#119678 // ZDI: ZDI-22-246 // ZDI: ZDI-22-245 // ZDI: ZDI-22-244 // VULHUB: VHN-406753 // VULMON: CVE-2021-44142 // PACKETSTORM: 165905 // PACKETSTORM: 165797 // PACKETSTORM: 165796 // PACKETSTORM: 165788 // PACKETSTORM: 169234

AFFECTED PRODUCTS

vendor:sambamodel:sambascope: - version: -

Trust: 2.1

vendor:redhatmodel:gluster storagescope:eqversion:3.5

Trust: 1.0

vendor:sambamodel:sambascope:gteversion:4.14.0

Trust: 1.0

vendor:redhatmodel:enterprise linuxscope:eqversion:8.0

Trust: 1.0

vendor:canonicalmodel:ubuntu linuxscope:eqversion:16.04

Trust: 1.0

vendor:synologymodel:diskstation managerscope:gteversion:6.2

Trust: 1.0

vendor:synologymodel:diskstation managerscope:ltversion:6.2.4-25556.4

Trust: 1.0

vendor:redhatmodel:enterprise linux eusscope:eqversion:8.4

Trust: 1.0

vendor:canonicalmodel:ubuntu linuxscope:eqversion:18.04

Trust: 1.0

vendor:redhatmodel:enterprise linux serverscope:eqversion:7.0

Trust: 1.0

vendor:redhatmodel:enterprise linuxscope:eqversion:7.0

Trust: 1.0

vendor:redhatmodel:enterprise linux for ibm z systemsscope:eqversion:8.0

Trust: 1.0

vendor:redhatmodel:enterprise linux server update services for sap solutionsscope:eqversion:8.1

Trust: 1.0

vendor:redhatmodel:enterprise linux resilient storagescope:eqversion:7.0

Trust: 1.0

vendor:redhatmodel:enterprise linux workstationscope:eqversion:7.0

Trust: 1.0

vendor:redhatmodel:enterprise linux eusscope:eqversion:8.2

Trust: 1.0

vendor:debianmodel:linuxscope:eqversion:10.0

Trust: 1.0

vendor:debianmodel:linuxscope:eqversion:11.0

Trust: 1.0

vendor:fedoraprojectmodel:fedorascope:eqversion:35

Trust: 1.0

vendor:redhatmodel:enterprise linux for ibm z systems eusscope:eqversion:8.4

Trust: 1.0

vendor:sambamodel:sambascope:ltversion:4.15.5

Trust: 1.0

vendor:redhatmodel:enterprise linux server ausscope:eqversion:8.4

Trust: 1.0

vendor:fedoraprojectmodel:fedorascope:eqversion:34

Trust: 1.0

vendor:sambamodel:sambascope:ltversion:4.13.17

Trust: 1.0

vendor:redhatmodel:enterprise linux for power little endianscope:eqversion:8.0

Trust: 1.0

vendor:redhatmodel:enterprise linux desktopscope:eqversion:7.0

Trust: 1.0

vendor:redhatmodel:enterprise linux server tusscope:eqversion:8.4

Trust: 1.0

vendor:redhatmodel:enterprise linux for ibm z systemsscope:eqversion:7.0

Trust: 1.0

vendor:redhatmodel:enterprise linux for ibm z systems eusscope:eqversion:8.2

Trust: 1.0

vendor:redhatmodel:enterprise linux server ausscope:eqversion:8.2

Trust: 1.0

vendor:redhatmodel:enterprise linux server update services for sap solutionsscope:eqversion:8.4

Trust: 1.0

vendor:redhatmodel:enterprise linux for power little endian eusscope:eqversion:8.4

Trust: 1.0

vendor:canonicalmodel:ubuntu linuxscope:eqversion:21.10

Trust: 1.0

vendor:redhatmodel:codeready linux builderscope:eqversion: -

Trust: 1.0

vendor:redhatmodel:enterprise linux for power big endianscope:eqversion:7.0

Trust: 1.0

vendor:redhatmodel:enterprise linux server tusscope:eqversion:8.2

Trust: 1.0

vendor:redhatmodel:virtualization hostscope:eqversion:4.0

Trust: 1.0

vendor:redhatmodel:enterprise linux server update services for sap solutionsscope:eqversion:8.2

Trust: 1.0

vendor:redhatmodel:enterprise linux for power little endian eusscope:eqversion:8.2

Trust: 1.0

vendor:redhatmodel:enterprise linux for power little endianscope:eqversion:7.0

Trust: 1.0

vendor:canonicalmodel:ubuntu linuxscope:eqversion:14.04

Trust: 1.0

vendor:redhatmodel:enterprise linux for scientific computingscope:eqversion:7.0

Trust: 1.0

vendor:sambamodel:sambascope:ltversion:4.14.12

Trust: 1.0

vendor:canonicalmodel:ubuntu linuxscope:eqversion:20.04

Trust: 1.0

vendor:redhatmodel:enterprise linux serverscope:eqversion:8.1

Trust: 1.0

vendor:sambamodel:sambascope:gteversion:4.15.0

Trust: 1.0

sources: ZDI: ZDI-22-246 // ZDI: ZDI-22-245 // ZDI: ZDI-22-244 // NVD: CVE-2021-44142

CVSS

SEVERITY

CVSSV2

CVSSV3

ZDI: CVE-2021-44142
value: CRITICAL

Trust: 1.4

nvd@nist.gov: CVE-2021-44142
value: HIGH

Trust: 1.0

ZDI: CVE-2021-44142
value: MEDIUM

Trust: 0.7

CNNVD: CNNVD-202201-2719
value: HIGH

Trust: 0.6

VULHUB: VHN-406753
value: HIGH

Trust: 0.1

VULMON: CVE-2021-44142
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2021-44142
severity: HIGH
baseScore: 9.0
vectorString: AV:N/AC:L/AU:S/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 8.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.1

VULHUB: VHN-406753
severity: HIGH
baseScore: 9.0
vectorString: AV:N/AC:L/AU:S/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 8.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

ZDI: CVE-2021-44142
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 5.9
version: 3.0

Trust: 1.4

nvd@nist.gov: CVE-2021-44142
baseSeverity: HIGH
baseScore: 8.8
vectorString: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 2.8
impactScore: 5.9
version: 3.1

Trust: 1.0

ZDI: CVE-2021-44142
baseSeverity: MEDIUM
baseScore: 5.3
vectorString: AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: LOW
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 1.4
version: 3.0

Trust: 0.7

sources: ZDI: ZDI-22-246 // ZDI: ZDI-22-245 // ZDI: ZDI-22-244 // VULHUB: VHN-406753 // VULMON: CVE-2021-44142 // CNNVD: CNNVD-202201-2719 // NVD: CVE-2021-44142

PROBLEMTYPE DATA

problemtype:CWE-125

Trust: 1.1

problemtype:CWE-787

Trust: 1.1

sources: VULHUB: VHN-406753 // NVD: CVE-2021-44142

THREAT TYPE

remote

Trust: 0.8

sources: PACKETSTORM: 165797 // PACKETSTORM: 165796 // CNNVD: CNNVD-202201-2719

TYPE

buffer error

Trust: 0.6

sources: CNNVD: CNNVD-202201-2719

EXPLOIT AVAILABILITY

sources: VULHUB: VHN-406753

PATCH

title:Samba has issued an update to correct this vulnerability.url:https://www.samba.org/samba/security/CVE-2021-44142.html

Trust: 2.1

title:Samba Buffer error vulnerability fixurl:http://123.124.177.30/web/xxk/bdxqById.tag?id=184448

Trust: 0.6

title:Red Hat: Critical: samba security and bug fix updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20220332 - Security Advisory

Trust: 0.1

title:Ubuntu Security Notice: USN-5260-2: Samba vulnerabilityurl:https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice&qid=USN-5260-2

Trust: 0.1

title:Red Hat: Critical: samba security and bug fix updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20220331 - Security Advisory

Trust: 0.1

title:Ubuntu Security Notice: USN-5260-3: Samba vulnerabilityurl:https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice&qid=USN-5260-3

Trust: 0.1

title:Red Hat: Critical: samba security updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20220457 - Security Advisory

Trust: 0.1

title:Red Hat: Critical: samba security updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20220329 - Security Advisory

Trust: 0.1

title:Red Hat: Critical: samba security updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20220664 - Security Advisory

Trust: 0.1

title:Red Hat: Critical: samba security updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20220458 - Security Advisory

Trust: 0.1

title:Red Hat: Critical: samba security updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20220663 - Security Advisory

Trust: 0.1

title:Red Hat: Critical: samba security and bug fix updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20220328 - Security Advisory

Trust: 0.1

title:Red Hat: Critical: samba security updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20220330 - Security Advisory

Trust: 0.1

title:Debian CVElist Bug Report Logs: samba: CVE-2021-44142url:https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs&qid=a2808bd91ead4fb4ad90e6c138690723

Trust: 0.1

title:Ubuntu Security Notice: USN-5260-1: Samba vulnerabilitiesurl:https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice&qid=USN-5260-1

Trust: 0.1

title:Debian Security Advisories: DSA-5071-1 samba -- security updateurl:https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories&qid=966a313ce95b33748fba988c48abb6d6

Trust: 0.1

title:Amazon Linux 2: ALAS2-2022-1746url:https://vulmon.com/vendoradvisory?qidtp=amazon_linux2&qid=ALAS2-2022-1746

Trust: 0.1

title:Arch Linux Issues: url:https://vulmon.com/vendoradvisory?qidtp=arch_linux_issues&qid=CVE-2021-44142

Trust: 0.1

title:Amazon Linux AMI: ALAS-2022-1564url:https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami&qid=ALAS-2022-1564

Trust: 0.1

title:Amazon Linux 2022: ALAS-2022-224url:https://vulmon.com/vendoradvisory?qidtp=amazon_linux2022&qid=ALAS-2022-224

Trust: 0.1

title:Amazon Linux 2022: ALAS2022-2022-022url:https://vulmon.com/vendoradvisory?qidtp=amazon_linux2022&qid=ALAS2022-2022-022

Trust: 0.1

title:CVE-2021-44142 Vulnerability Checkerurl:https://github.com/horizon3ai/CVE-2021-44142

Trust: 0.1

title:CVE-2021-44142 Vulnerability Checkerurl:https://github.com/hrsman/Samba-CVE-2021-44142

Trust: 0.1

title:CVE-2021-44142 Storytaleurl:https://github.com/gudyrmik/CVE-2021-44142

Trust: 0.1

title:CVE-2020-0609 CVE-2020-0796 CVE-2021-44142 CVE-2022-41040 CVE-2022-47966 Scannerurl:https://github.com/stalker3343/diplom

Trust: 0.1

title:Repository with scripts to verify system against CVEurl:https://github.com/backloop-biz/Vulnerability_checker

Trust: 0.1

title:Repository with scripts to verify system against CVEurl:https://github.com/backloop-biz/CVE_checks

Trust: 0.1

title:Threatposturl:https://threatpost.com/samba-fruit-bug-rce-root-access/178141/

Trust: 0.1

title:The Registerurl:https://www.theregister.co.uk/2022/02/02/samba_vfs_fruit_vulnerability/

Trust: 0.1

sources: ZDI: ZDI-22-246 // ZDI: ZDI-22-245 // ZDI: ZDI-22-244 // VULMON: CVE-2021-44142 // CNNVD: CNNVD-202201-2719

EXTERNAL IDS

db:NVDid:CVE-2021-44142

Trust: 5.3

db:CERT/CCid:VU#119678

Trust: 2.6

db:ZDIid:ZDI-22-246

Trust: 1.3

db:ZDIid:ZDI-22-244

Trust: 0.8

db:ZDI_CANid:ZDI-CAN-15846

Trust: 0.7

db:ZDI_CANid:ZDI-CAN-15833

Trust: 0.7

db:ZDIid:ZDI-22-245

Trust: 0.7

db:ZDI_CANid:ZDI-CAN-16156

Trust: 0.7

db:PACKETSTORMid:166137

Trust: 0.7

db:PACKETSTORMid:165906

Trust: 0.7

db:PACKETSTORMid:165842

Trust: 0.7

db:PACKETSTORMid:169234

Trust: 0.7

db:CS-HELPid:SB2022032506

Trust: 0.6

db:CS-HELPid:SB2022021713

Trust: 0.6

db:CS-HELPid:SB2022041954

Trust: 0.6

db:CS-HELPid:SB2022021902

Trust: 0.6

db:CS-HELPid:SB2022021417

Trust: 0.6

db:CS-HELPid:SB2022051734

Trust: 0.6

db:CS-HELPid:SB2022020807

Trust: 0.6

db:CS-HELPid:SB2022022408

Trust: 0.6

db:AUSCERTid:ESB-2022.0489

Trust: 0.6

db:AUSCERTid:ESB-2022.0795

Trust: 0.6

db:AUSCERTid:ESB-2022.0600

Trust: 0.6

db:AUSCERTid:ESB-2022.0619

Trust: 0.6

db:CNNVDid:CNNVD-202201-2719

Trust: 0.6

db:PACKETSTORMid:165796

Trust: 0.2

db:PACKETSTORMid:165789

Trust: 0.2

db:PACKETSTORMid:165788

Trust: 0.2

db:PACKETSTORMid:165797

Trust: 0.2

db:PACKETSTORMid:165905

Trust: 0.2

db:PACKETSTORMid:165793

Trust: 0.1

db:PACKETSTORMid:166138

Trust: 0.1

db:PACKETSTORMid:165791

Trust: 0.1

db:PACKETSTORMid:165790

Trust: 0.1

db:PACKETSTORMid:165801

Trust: 0.1

db:VULHUBid:VHN-406753

Trust: 0.1

db:VULMONid:CVE-2021-44142

Trust: 0.1

sources: CERT/CC: VU#119678 // ZDI: ZDI-22-246 // ZDI: ZDI-22-245 // ZDI: ZDI-22-244 // VULHUB: VHN-406753 // VULMON: CVE-2021-44142 // PACKETSTORM: 165905 // PACKETSTORM: 165797 // PACKETSTORM: 165796 // PACKETSTORM: 165789 // PACKETSTORM: 165788 // PACKETSTORM: 169234 // CNNVD: CNNVD-202201-2719 // NVD: CVE-2021-44142

REFERENCES

url:https://www.samba.org/samba/security/cve-2021-44142.html

Trust: 4.0

url:https://kb.cert.org/vuls/id/119678

Trust: 1.8

url:https://bugzilla.samba.org/show_bug.cgi?id=14914

Trust: 1.8

url:https://www.zerodayinitiative.com/blog/2022/2/1/cve-2021-44142-details-on-a-samba-code-execution-bug-demonstrated-at-pwn2own-austin

Trust: 1.8

url:https://security.gentoo.org/glsa/202309-06

Trust: 1.1

url:https://access.redhat.com/security/cve/cve-2021-44142

Trust: 0.9

url:cve-2021-44142

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2021-44142

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2022051734

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2022.0795

Trust: 0.6

url:https://vigilance.fr/vulnerability/samba-buffer-overflow-via-vfs-module-vfs-fruit-37416

Trust: 0.6

url:https://www.zerodayinitiative.com/advisories/zdi-22-246/

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2022032506

Trust: 0.6

url:https://packetstormsecurity.com/files/169234/debian-security-advisory-5071-1.html

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2022021713

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2022021417

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2022041954

Trust: 0.6

url:https://packetstormsecurity.com/files/165842/ubuntu-security-notice-usn-5260-3.html

Trust: 0.6

url:https://packetstormsecurity.com/files/165906/red-hat-security-advisory-2022-0457-03.html

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2022020807

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2022.0619

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2022021902

Trust: 0.6

url:https://cxsecurity.com/cveshow/cve-2021-44142/

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2022022408

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2022.0600

Trust: 0.6

url:https://packetstormsecurity.com/files/166137/red-hat-security-advisory-2022-0664-01.html

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2022.0489

Trust: 0.6

url:https://listman.redhat.com/mailman/listinfo/rhsa-announce

Trust: 0.3

url:https://access.redhat.com/articles/11258

Trust: 0.3

url:https://access.redhat.com/security/team/key/

Trust: 0.3

url:https://access.redhat.com/security/updates/classification/#critical

Trust: 0.3

url:https://bugzilla.redhat.com/):

Trust: 0.3

url:https://access.redhat.com/security/team/contact/

Trust: 0.3

url:https://ubuntu.com/security/notices/usn-5260-2

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2022-0336

Trust: 0.2

url:https://ubuntu.com/security/notices/usn-5260-1

Trust: 0.2

url:https://cwe.mitre.org/data/definitions/125.html

Trust: 0.1

url:https://cwe.mitre.org/data/definitions/787.html

Trust: 0.1

url:https://github.com/horizon3ai/cve-2021-44142

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

url:https://www.zerodayinitiative.com/advisories/zdi-22-244/

Trust: 0.1

url:https://access.redhat.com/solutions/4311261

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2022:0458

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-43566

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/samba/2:4.13.17~dfsg-0ubuntu0.21.04.1

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/samba/2:4.13.17~dfsg-0ubuntu0.21.10.1

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/samba/2:4.7.6+dfsg~ubuntu-0ubuntu2.28

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2022:0329

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2022:0332

Trust: 0.1

url:https://www.debian.org/security/faq

Trust: 0.1

url:https://www.debian.org/security/

Trust: 0.1

url:https://security-tracker.debian.org/tracker/samba

Trust: 0.1

sources: CERT/CC: VU#119678 // ZDI: ZDI-22-246 // ZDI: ZDI-22-245 // ZDI: ZDI-22-244 // VULHUB: VHN-406753 // VULMON: CVE-2021-44142 // PACKETSTORM: 165905 // PACKETSTORM: 165797 // PACKETSTORM: 165796 // PACKETSTORM: 165789 // PACKETSTORM: 165788 // PACKETSTORM: 169234 // CNNVD: CNNVD-202201-2719 // NVD: CVE-2021-44142

CREDITS

Nguyen Hoang Thach (https://twitter.com/hi_im_d4rkn3ss) and Billy Jheng Bing-Jhong (https://twitter.com/st424204)

Trust: 2.0

sources: ZDI: ZDI-22-246 // ZDI: ZDI-22-245 // CNNVD: CNNVD-202201-2719

SOURCES

db:CERT/CCid:VU#119678
db:ZDIid:ZDI-22-246
db:ZDIid:ZDI-22-245
db:ZDIid:ZDI-22-244
db:VULHUBid:VHN-406753
db:VULMONid:CVE-2021-44142
db:PACKETSTORMid:165905
db:PACKETSTORMid:165797
db:PACKETSTORMid:165796
db:PACKETSTORMid:165789
db:PACKETSTORMid:165788
db:PACKETSTORMid:169234
db:CNNVDid:CNNVD-202201-2719
db:NVDid:CVE-2021-44142

LAST UPDATE DATE

2024-11-07T20:47:38.610000+00:00


SOURCES UPDATE DATE

db:CERT/CCid:VU#119678date:2022-06-27T00:00:00
db:ZDIid:ZDI-22-246date:2022-02-01T00:00:00
db:ZDIid:ZDI-22-245date:2022-02-01T00:00:00
db:ZDIid:ZDI-22-244date:2022-02-01T00:00:00
db:VULHUBid:VHN-406753date:2022-02-23T00:00:00
db:VULMONid:CVE-2021-44142date:2023-11-07T00:00:00
db:CNNVDid:CNNVD-202201-2719date:2022-12-09T00:00:00
db:NVDid:CVE-2021-44142date:2023-11-07T03:39:33.470

SOURCES RELEASE DATE

db:CERT/CCid:VU#119678date:2022-01-31T00:00:00
db:ZDIid:ZDI-22-246date:2022-02-01T00:00:00
db:ZDIid:ZDI-22-245date:2022-02-01T00:00:00
db:ZDIid:ZDI-22-244date:2022-02-01T00:00:00
db:VULHUBid:VHN-406753date:2022-02-21T00:00:00
db:VULMONid:CVE-2021-44142date:2022-02-21T00:00:00
db:PACKETSTORMid:165905date:2022-02-09T16:03:23
db:PACKETSTORMid:165797date:2022-02-01T17:04:22
db:PACKETSTORMid:165796date:2022-02-01T17:04:16
db:PACKETSTORMid:165789date:2022-02-01T17:00:19
db:PACKETSTORMid:165788date:2022-02-01T17:00:01
db:PACKETSTORMid:169234date:2022-02-28T20:12:00
db:CNNVDid:CNNVD-202201-2719date:2022-01-31T00:00:00
db:NVDid:CVE-2021-44142date:2022-02-21T15:15:07.380