![]() ![]() ![]() “The problem in vfs_fruit exists in the default configuration of the fruit VFS module using fruit:metadata=netatalk or fruit:resource=file.” “The specific flaw exists within the parsing of EA metadata when opening files in smbd ,” according to a Monday advisory from Samba. The “fruit” module is used to provide “enhanced compatibility with Apple SMB clients and interoperability with a Netatalk 3 AFP fileserver,” through the use of extended file attributes (EA), according to company documentation. Additionally, some Samba-supporting Red Hat, SUSE Linux and Ubuntu packages are also affected. The bug ( CVE-2021-44142) specifically is an out-of-bounds heap read/write vulnerability in the VFS module called “vfs_fruit.” It affects all versions of Samba prior to v.4.13.17, and carries a rating of 9.9 out of 10 on the CVSS security-vulnerability severity scale. Gaining the ability to execute remote code as a root user means that an attacker would be able to read, modify or delete any files on the system, enumerate users, install malware (such as cryptominers or ransomware), and pivot to further into a corporate network. ![]() Samba is an interoperability suite that allows Windows and Linus/Unix-based hosts to work together and share file and print services with multi-platform devices on a common network, including SMB file-sharing. A critical severity vulnerability in the Samba platform could allow attackers to gain remote code execution with root privileges on servers. ![]()
0 Comments
Leave a Reply. |