High Threat Security Alert (A22-01-23): Multiple Vulnerabilities in Samba


 

Published on: 04 February 2022

Share on Facebook    Share on X   

Description:

Samba released security updates to address multiple vulnerabilities in Samba. For information about the vulnerabilities and the attacking vectors, please refer to the corresponding security advisories at the vendor's website.

Reports indicate that the out-of-bounds heap read/write vulnerability (CVE-2021-44142) is at high risk of exploitation and affects widely used Linux distributions such as RedHat, SUSE, and Ubuntu. A remote attacker may leverage the vulnerability to execute arbitrary code as root on affected Samba installations that use the VFS module vfs_fruit. System administrators are advised to take immediate action to patch your affected systems to mitigate the elevated risk of cyber attacks.

 

Affected Systems:

  • Samba prior to version 4.13.17, 4.14.12, and 4.15.5

 

Impact:

Successful exploitation could lead to remote code execution, denial of service, information disclosure or spoofing on an affected system.

 

Recommendation:

Software updates or patches for affected systems are now available. Administrators of affected systems should follow the recommendations provided by the product vendor and take immediate actions to mitigate the risk.

  • https://www.samba.org/samba/history/samba-4.15.5.html
  • https://www.samba.org/samba/history/samba-4.14.12.html
  • https://www.samba.org/samba/history/samba-4.13.17.html

The vulnerabilities are also fixed in some of the Linux distributions such as RedHat, SUSE, and Ubuntu. The following is only a sample list of Linux distributions that are affected. The list is not exhaustive and it is strongly recommended to consult the product vendors if the used Linux systems are affected. System administrators should check with their product vendors to confirm if their Linux systems are affected and the availability of patches, and if so, apply the patches or follow the recommendations provided by the product vendors to mitigate the risk.

  • openSUSE
    https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/72ZRNFZ3DE3TJA7HFCVV476YJN6I4B5M/
    https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/K7LELM65YZ36YQVKZDECL77ZYNXAWR6D/
    https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/RB554CLNYEUAEMABV3LV3T5P4BYDLS7H/
  • Oracle Linux
    https://linux.oracle.com/errata/ELSA-2022-0328.html
    https://linux.oracle.com/errata/ELSA-2022-0332.html
  • RedHat
    https://access.redhat.com/security/cve/CVE-2021-44142
  • SUSE
    https://www.suse.com/security/cve/CVE-2021-44141.html
    https://www.suse.com/security/cve/CVE-2021-44142.html
    https://www.suse.com/security/cve/CVE-2022-0336.html
  • Ubuntu
    https://ubuntu.com/security/CVE-2021-44142
    https://ubuntu.com/security/CVE-2022-0336

 

More Information:

  • https://www.samba.org/samba/security/CVE-2021-44141.html
  • https://www.samba.org/samba/security/CVE-2021-44142.html
  • https://www.samba.org/samba/security/CVE-2022-0336.html
  • https://www.hkcert.org/security-bulletin/samba-multiple-vulnerabilities_20220204
  • https://kb.cert.org/vuls/id/119678
  • https://www.cisa.gov/uscert/ncas/current-activity/2022/02/01/samba-releases-security-updates
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44141
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44142
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0336

 



Tag: Linux , Samba
Tags