A critical vulnerability tracked as CVE-2021-44142 has been addressed by Samba. This flaw can be exploited by remote attackers to gain code execution with root privileges on servers running vulnerable software.
Samba is a software from SMB networking protocol that provides file and print services for various Microsoft Windows clients and can integrate with a Microsoft Windows Server domain, either as a Domain Controller or as a domain member. Samba is widely used in almost all Operating systems
The CVE-2021-44142 vulnerability is an out-of-bounds heap read/write that impacts the vfs_fruit VFS module when parsing EA metadata when opening files in smbd.
This flaw can be exploited when a guest or unauthenticated users with write access attribute to the file. The problem in vfs_fruit exists in the default configuration of the fruit VFS module using fruit:metadata=netatalk or fruit:resource=file. If both options are set to different settings than the default values, the system is not affected by the security issue.
The flaw affects all versions of Samba prior to 4.13.17, an attacker can trigger this vulnerability without user interaction. This flaw can be addressed by installing the 4.13.17, 4.14.12, and 4.15.5 releases or applying the security patches released by Samba
Samba also provides a workaround that consists in removing ‘fruit’ from ‘vfs objects’ lines in the Samba configuration files.