CVE-2021-44142

critical-risk

Published 2022-02-21

The Samba vfs_fruit module uses extended file attributes (EA, xattr) to provide "...enhanced compatibility with Apple SMB clients and interoperability with a Netatalk 3 AFP fileserver." Samba versions prior to 4.13.17, 4.14.12 and 4.15.5 with vfs_fruit configured allow out-of-bounds heap read and write via specially crafted extended file attributes. A remote attacker with write access to extended file attributes can execute arbitrary code with the privileges of smbd, typically root.

Do I need to act?

37.4% chance of exploitation in next 30 days

EPSS score — higher than 63% of all CVEs

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 8.8/10 High

NETWORK / LOW complexity

Affected Products (20)

Samba

Debian Linux

Ubuntu Linux

Diskstation Manager

Fedora

Codeready Linux Builder

Gluster Storage

Virtualization Host

Enterprise Linux

Enterprise Linux Desktop

Enterprise Linux Eus

Enterprise Linux For Ibm Z Systems

Affected Vendors

Debian Redhat Samba Canonical Fedoraproject Synology

References (11)

https://bugzilla.samba.org/show_bug.cgi?id=14914

https://kb.cert.org/vuls/id/119678

https://security.gentoo.org/glsa/202309-06

https://www.samba.org/samba/security/CVE-2021-44142.html

https://www.zerodayinitiative.com/blog/2022/2/1/cve-2021-44142-details-on-a-samb...

https://bugzilla.samba.org/show_bug.cgi?id=14914

https://kb.cert.org/vuls/id/119678

https://security.gentoo.org/glsa/202309-06

https://www.kb.cert.org/vuls/id/119678

https://www.samba.org/samba/security/CVE-2021-44142.html

https://www.zerodayinitiative.com/blog/2022/2/1/cve-2021-44142-details-on-a-samb...

/ 100

critical-risk

Severity 30/34 · Critical

Exploitability 16/34 · Moderate

Exposure 24/34 · High