The Samba vfs_fruit module uses extended file attributes (EA, xattr) to provide "...enhanced compatibility with Apple SMB clients and interoperability with a Netatalk 3 AFP fileserver." Samba versions prior to 4.13.17, 4.14.12 and 4.15.5 with vfs_fruit configured allow out-of-bounds heap read and write via specially crafted extended file attributes. A remote attacker with write access to extended file attributes can execute arbitrary code with the privileges of smbd, typically root.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
Configuration 4 (hide)
|
Configuration 5 (hide)
|
Configuration 6 (hide)
|
History
07 Nov 2023, 03:39
Type | Values Removed | Values Added |
---|---|---|
References | () https://security.gentoo.org/glsa/202309-06 - | |
References | () https://www.samba.org/samba/security/CVE-2021-44142.html - | |
References | () https://www.zerodayinitiative.com/blog/2022/2/1/cve-2021-44142-details-on-a-samba-code-execution-bug-demonstrated-at-pwn2own-austin - | |
References | () https://bugzilla.samba.org/show_bug.cgi?id=14914 - | |
References | () https://kb.cert.org/vuls/id/119678 - |
17 Sep 2023, 09:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
23 Feb 2022, 15:47
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:8.0:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:7.0:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_resilient_storage:7.0:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.4:*:*:*:*:*:*:* cpe:2.3:a:redhat:gluster_storage:3.5:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:* cpe:2.3:a:redhat:virtualization_host:4.0:*:*:*:*:*:*:* cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:7.0:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.4:*:*:*:*:*:*:* cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:* cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:* cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:* cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.2:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_server_update_services_for_sap_solutions:8.2:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:* cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:* cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_eus:8.2:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:* cpe:2.3:a:synology:diskstation_manager:*:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_eus:8.4:*:*:*:*:*:*:* cpe:2.3:a:redhat:codeready_linux_builder:-:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:* cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:* cpe:2.3:o:redhat:enterprise_linux_for_scientific_computing:7.0:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_server_update_services_for_sap_solutions:8.4:*:*:*:*:*:*:* cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:* cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:8.0:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_server:8.1:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:7.0:*:*:*:*:*:*:* cpe:2.3:o:canonical:ubuntu_linux:21.10:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_server_update_services_for_sap_solutions:8.1:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.2:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:*:*:*:*:*:*:* |
|
References | (CONFIRM) https://www.samba.org/samba/security/CVE-2021-44142.html - Mitigation, Vendor Advisory | |
References | (CERT-VN) https://kb.cert.org/vuls/id/119678 - Patch, Third Party Advisory | |
References | (MISC) https://www.zerodayinitiative.com/blog/2022/2/1/cve-2021-44142-details-on-a-samba-code-execution-bug-demonstrated-at-pwn2own-austin - Exploit, Third Party Advisory, VDB Entry | |
References | (CONFIRM) https://bugzilla.samba.org/show_bug.cgi?id=14914 - Issue Tracking, Patch, Vendor Advisory | |
CVSS |
v2 : v3 : |
v2 : 9.0
v3 : 8.8 |
CWE | CWE-125 CWE-787 |
|
First Time |
Redhat codeready Linux Builder
Redhat enterprise Linux For Power Little Endian Debian debian Linux Redhat enterprise Linux Desktop Synology Redhat enterprise Linux Server Redhat enterprise Linux Eus Redhat enterprise Linux Server Tus Redhat enterprise Linux Resilient Storage Canonical ubuntu Linux Redhat enterprise Linux Server Aus Fedoraproject fedora Synology diskstation Manager Redhat enterprise Linux For Power Little Endian Eus Canonical Redhat enterprise Linux For Ibm Z Systems Redhat gluster Storage Redhat enterprise Linux For Scientific Computing Redhat enterprise Linux For Power Big Endian Redhat enterprise Linux Server Update Services For Sap Solutions Fedoraproject Samba Debian Redhat enterprise Linux Workstation Samba samba Redhat enterprise Linux Redhat enterprise Linux For Ibm Z Systems Eus Redhat virtualization Host Redhat |
21 Feb 2022, 15:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-02-21 15:15
Updated : 2023-12-10 14:22
NVD link : CVE-2021-44142
Mitre link : CVE-2021-44142
CVE.ORG link : CVE-2021-44142
JSON object : View
Products Affected
redhat
- enterprise_linux_for_scientific_computing
- enterprise_linux_desktop
- enterprise_linux_for_ibm_z_systems_eus
- enterprise_linux_server
- codeready_linux_builder
- enterprise_linux_for_power_big_endian
- virtualization_host
- enterprise_linux_server_update_services_for_sap_solutions
- enterprise_linux_eus
- enterprise_linux
- enterprise_linux_server_tus
- enterprise_linux_for_ibm_z_systems
- enterprise_linux_for_power_little_endian_eus
- enterprise_linux_server_aus
- enterprise_linux_workstation
- enterprise_linux_for_power_little_endian
- gluster_storage
- enterprise_linux_resilient_storage
canonical
- ubuntu_linux
fedoraproject
- fedora
debian
- debian_linux
samba
- samba
synology
- diskstation_manager